Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: iexplore.exe startet im hintergrund

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 03.07.2010, 10:36   #1
azulkun
 
iexplore.exe startet im hintergrund - Standard

iexplore.exe startet im hintergrund



Hallo und zwar startet iexplore.exe im hintergrund
Ich beende den prozess doch es kommt immer wieder.

Hier mein logfile
hoffentlich könnt ihr mir helfen.
Wenn ihr andere probleme findet im logfile sagt es mir bitte
HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:33:43, on 03.07.2010
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\Program Files\GamersFirst\LIVE!\Live.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wermgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files\ClearProg\ClearProg.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Slemani\Downloads\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 0.0.0.0:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
R3 - URLSearchHook: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Paltalk Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Automatisches LiveUpdate - Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: FSCLBaseUpdaterService - Unknown owner - C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe

--
End of file - 10293 bytes
         
--- --- ---



vieleicht findet ihr ja auch die ursache warum mein pc nicht immer angeht
es startet dan schwarzer bildschirm geht wieder aus
dann mach ich es wieder an muss warten wenn ich glück habe komm ich rein


ah fast hätt ichs vergeßen mein anderer problem ist auch noch
das immer diese meldung kommt
Microsoft windows
Hostprozess für Windows-Dienste wurde beendet und geschlossen immer wieder
ich weiss nicht woran das liegt

Geändert von azulkun (03.07.2010 um 10:53 Uhr)

Alt 03.07.2010, 13:56   #2
MalwareHero
 
iexplore.exe startet im hintergrund - Standard

iexplore.exe startet im hintergrund



Zitat:
Zitat von azulkun Beitrag anzeigen
Hallo und zwar startet iexplore.exe im hintergrund
Ich beende den prozess doch es kommt immer wieder.
Hallo,

bitte auch ein Log mit Malwarebytes und OTL anfertigen http://www.trojaner-board.de/85104-o...-oldtimer.html
Alle Logs hier abposten.

lg.
*******************************
__________________

__________________

Alt 03.07.2010, 14:31   #3
azulkun
 
iexplore.exe startet im hintergrund - Standard

iexplore.exe startet im hintergrund



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 03.07.2010 15:17:28 - Run 1
OTL by OldTimer - Version 3.2.7.0     Folder = C:\Users\Slemani\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,84 Gb Total Space | 161,44 Gb Free Space | 53,13% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 465,65 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive E: | 150,20 Gb Total Space | 150,11 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
Drive F: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SLEMANI-PC
Current User Name: Slemani
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Slemani\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Slemani\Downloads\HiJackThis204.exe (Trend Micro Inc.)
PRC - C:\Programme\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\GamersFirst\LIVE!\Live.exe ()
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe (Symantec Corporation)
PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Skype\Toolbars\Shared\SkypeNames2.exe (Skype Technologies S.A.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
PRC - C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wermgr.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\PAStiSvc.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Slemani\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll (Microsoft Corporation)
MOD - C:\Programme\Norton Internet Security\Engine\17.7.0.12\asoehook.dll (Symantec Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.20656_none_463680b8218be5a3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Automatisches LiveUpdate - Scheduler) --  File not found
SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe (Symantec Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (GoogleDesktopManager) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (FSCLBaseUpdaterService) -- C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe ()
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
SRV - (STI Simulator) -- C:\Windows\System32\PAStiSvc.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (AvgTdiX) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1107000.00C\SYMTDIV.SYS (Symantec Corporation)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1107000.00C\Ironx86.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1107000.00C\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1107000.00C\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1107000.00C\SRTSPX.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1107000.00C\ccHPx86.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20100211.001\BHDrvx86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1107000.00C\SYMDS.SYS (Symantec Corporation)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20100520.001\IDSvix86.sys (Symantec Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (WebCamDriver) -- C:\Windows\System32\drivers\WebCam.sys (Demo use only)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 0.0.0.0:80
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.5.0.145
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 41
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..network.proxy.no_proxies_on: ""
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\ [2010.05.26 07:59:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\coFFPlgn\ [2010.05.16 10:45:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010.07.01 22:07:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.01 23:11:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.01 23:11:12 | 000,000,000 | ---D | M]
 
[2009.08.16 00:07:44 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\mozilla\Extensions
[2010.07.02 22:03:19 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\mozilla\Firefox\Profiles\uijtwrg2.default\extensions
[2009.09.13 09:32:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Slemani\AppData\Roaming\mozilla\Firefox\Profiles\uijtwrg2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.04 12:19:24 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Slemani\AppData\Roaming\mozilla\Firefox\Profiles\uijtwrg2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.04.07 00:36:32 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\Slemani\AppData\Roaming\mozilla\Firefox\Profiles\uijtwrg2.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2009.08.18 13:51:41 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Slemani\AppData\Roaming\mozilla\Firefox\Profiles\uijtwrg2.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.04.05 12:14:55 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Slemani\AppData\Roaming\mozilla\Firefox\Profiles\uijtwrg2.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2010.01.10 22:56:36 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\mozilla\Firefox\Profiles\uijtwrg2.default\extensions\moveplayer@movenetworks.com
[2010.06.25 13:05:23 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\mozilla\Firefox\Profiles\uijtwrg2.default\extensions\toolbar@ask.com
[2010.04.05 17:39:51 | 000,000,873 | ---- | M] () -- C:\Users\Slemani\AppData\Roaming\Mozilla\FireFox\Profiles\uijtwrg2.default\searchplugins\conduit.xml
[2010.07.02 22:03:19 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.03.20 18:29:56 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.04.19 16:27:16 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Programme\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010.03.12 11:06:15 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.12 11:06:16 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.12 11:06:16 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.12 11:06:16 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.12 11:06:16 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Paltalk Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Paltalk Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Paltalk Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Programme\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Programme\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000 begin_of_the_skype_highlighting              075-444553540000      end_of_the_skype_highlighting} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Slemani\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O24 - Desktop BackupWallPaper: C:\Users\Slemani\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.11.15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.11 19:03:48 | 000,000,054 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{8d5f73c1-88e6-11de-b9ca-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8d5f73c1-88e6-11de-b9ca-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2008.11.15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.07.03 15:14:28 | 000,000,000 | ---D | C] -- C:\Users\Slemani\AppData\Roaming\Malwarebytes
[2010.07.03 15:14:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.07.03 15:14:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.07.03 15:14:13 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.07.03 15:14:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.03 12:19:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2010.07.03 11:19:15 | 000,000,000 | ---D | C] -- C:\Programme\ClearProg
[2010.07.02 20:41:17 | 000,000,000 | ---D | C] -- C:\Users\Slemani\AppData\Local\Rockstar Games
[2010.07.02 20:24:36 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.07.02 20:18:15 | 000,000,000 | ---D | C] -- C:\Users\Slemani\Documents\Games for Windows - LIVE Demos
[2010.07.02 20:16:43 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.07.02 20:16:41 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.07.02 19:49:38 | 000,000,000 | ---D | C] -- C:\Programme\Rockstar Games
[2010.07.01 22:23:58 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010.07.01 22:08:56 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010.07.01 22:08:47 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010.07.01 22:08:21 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010.07.01 22:08:15 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010.07.01 22:07:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010.07.01 22:07:33 | 000,000,000 | ---D | C] -- C:\Programme\AVG
[2010.07.01 22:07:16 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010.07.01 20:41:15 | 000,000,000 | ---D | C] -- C:\63944cafe4d7453d83fd0b1c
[2010.07.01 19:54:15 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.07.01 19:54:14 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.07.01 19:54:14 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.07.01 19:54:13 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.07.01 19:54:12 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010.07.01 18:11:09 | 000,000,000 | ---D | C] -- C:\Users\Slemani\Documents\Rockstar Games
[2010.07.01 17:16:46 | 000,000,000 | RH-D | C] -- C:\Users\Slemani\AppData\Roaming\SecuROM
[2010.07.01 17:15:38 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.07.01 17:15:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.07.01 17:15:38 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.07.01 17:15:37 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.07.01 17:15:36 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.07.01 17:15:35 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.07.01 17:15:34 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.07.01 17:15:34 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010.07.01 17:15:33 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010.07.01 17:15:33 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.07.01 17:14:35 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.07.01 17:14:35 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.07.01 17:14:33 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.07.01 17:14:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010.07.01 17:14:27 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Games for Windows - LIVE
[2010.06.27 17:31:36 | 000,000,000 | ---D | C] -- C:\Users\Slemani\Desktop\hiwa music
[2010.06.26 16:45:44 | 000,000,000 | --SD | C] -- C:\Users\Slemani\Desktop\Privat
[2010.06.24 15:07:22 | 000,000,000 | ---D | C] -- C:\Programme\Pontifex Demo
[2010.06.16 16:45:17 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010.06.16 16:41:58 | 000,000,000 | ---D | C] -- C:\Users\Slemani\AppData\Local\Nokia
[2010.06.16 16:41:54 | 000,000,000 | ---D | C] -- C:\Users\Slemani\AppData\Local\NokiaAccount
[2010.06.16 16:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2010.06.16 16:35:02 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Nokia
[2010.06.16 16:34:20 | 000,000,000 | ---D | C] -- C:\Programme\DIFX
[2010.06.16 16:34:18 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010.06.16 16:33:30 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution
[2010.06.16 16:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\OviInstallerCache
[2010.06.16 16:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010.06.16 16:25:12 | 000,000,000 | ---D | C] -- C:\Users\Slemani\AppData\Roaming\Nokia
[2010.06.16 16:23:22 | 000,000,000 | ---D | C] -- C:\Users\Slemani\AppData\Roaming\PC Suite
[2010.06.16 16:20:49 | 000,091,136 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2010.06.16 16:20:49 | 000,000,000 | ---D | C] -- C:\Programme\Nokia
[2010.06.11 20:30:21 | 000,000,000 | ---D | C] -- C:\Users\Slemani\AppData\Roaming\TS3Client
[2010.06.11 20:29:41 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2010.06.09 09:25:09 | 000,000,000 | ---D | C] -- C:\Users\Slemani\Desktop\dalya gul
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.07.03 15:18:36 | 003,670,016 | -HS- | M] () -- C:\Users\Slemani\ntuser.dat
[2010.07.03 15:14:18 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.03 15:00:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.03 14:57:31 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.03 14:57:31 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.03 13:34:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.07.03 12:14:19 | 000,033,069 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.07.03 12:14:19 | 000,033,069 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.07.03 11:19:18 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\ClearProg.lnk
[2010.07.03 11:11:57 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.03 11:04:06 | 000,656,262 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.03 11:04:06 | 000,614,440 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.03 11:04:06 | 000,121,228 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.03 11:04:06 | 000,108,030 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.03 11:04:05 | 001,491,156 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.03 11:03:28 | 061,608,586 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010.07.03 10:57:31 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.03 10:57:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.03 10:57:14 | 3220,496,384 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.03 01:25:03 | 004,499,439 | -H-- | M] () -- C:\Users\Slemani\AppData\Local\IconCache.db
[2010.07.02 23:02:27 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{36344970-D69B-4C67-A179-A8F6B3698A32}.job
[2010.07.02 20:24:36 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.07.02 20:22:03 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2010.07.02 19:49:38 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2010.07.02 12:54:50 | 000,004,083 | ---- | M] () -- C:\Users\Slemani\AppData\Local\ffvunml_navps.dat
[2010.07.02 09:08:46 | 000,003,306 | ---- | M] () -- C:\Users\Slemani\AppData\Local\ffvunml.dat
[2010.07.02 07:00:36 | 000,000,092 | ---- | M] () -- C:\Users\Slemani\AppData\Local\gxqbsl.bat
[2010.07.01 22:09:16 | 000,001,653 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010.07.01 22:08:56 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010.07.01 22:08:47 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010.07.01 22:08:21 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010.07.01 22:08:15 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010.07.01 22:08:15 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010.07.01 21:36:46 | 000,524,288 | -HS- | M] () -- C:\Users\Slemani\ntuser.dat{d50eb9ad-8547-11df-889f-001e9003f87f}.TMContainer00000000000000000002.regtrans-ms
[2010.07.01 21:36:46 | 000,524,288 | -HS- | M] () -- C:\Users\Slemani\ntuser.dat{d50eb9ad-8547-11df-889f-001e9003f87f}.TMContainer00000000000000000001.regtrans-ms
[2010.07.01 21:36:46 | 000,065,536 | -HS- | M] () -- C:\Users\Slemani\ntuser.dat{d50eb9ad-8547-11df-889f-001e9003f87f}.TM.blf
[2010.07.01 21:10:41 | 000,327,680 | ---- | M] () -- C:\Windows\SPInstall.etl
[2010.07.01 18:13:57 | 109,388,216 | ---- | M] () -- C:\Users\Slemani\Desktop\gta4_1.0.7.0.zip
[2010.07.01 17:46:30 | 000,000,959 | ---- | M] () -- C:\Users\Slemani\Desktop\LaunchGTAIV.exe - Verknüpfung.lnk
[2010.06.30 23:21:51 | 000,000,284 | ---- | M] () -- C:\Users\Slemani\AppData\Roaming\wklnhst.dat
[2010.06.30 21:01:07 | 000,248,064 | ---- | M] () -- C:\Users\Slemani\AppData\Local\ffvunml_nav.dat
[2010.06.30 18:56:54 | 000,000,437 | ---- | M] () -- C:\Users\Slemani\Desktop\sakey.cfg
[2010.06.30 16:16:34 | 013,989,259 | ---- | M] () -- C:\Users\Slemani\Desktop\afagaghaahahhahahahahahahahhaah.wma
[2010.06.30 16:15:16 | 003,512,611 | ---- | M] () -- C:\Users\Slemani\Desktop\JIR ASAADDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD.wma
[2010.06.30 16:14:32 | 005,318,415 | ---- | M] () -- C:\Users\Slemani\Desktop\dgrfgrzhhhdrhdhdhdhd.wma
[2010.06.28 20:06:55 | 000,608,256 | ---- | M] () -- C:\Users\Slemani\Desktop\blackra1n(2).exe
[2010.06.28 19:58:56 | 004,570,608 | ---- | M] () -- C:\Users\Slemani\Desktop\Spirit.exe
[2010.06.28 19:36:11 | 239,139,281 | ---- | M] () -- C:\Users\Slemani\Desktop\iPhone1,2_3.1.3_7E18_Restore.ipsw
[2010.06.27 23:16:37 | 000,137,722 | ---- | M] () -- C:\Users\Slemani\Desktop\Unbenannt.jpg
[2010.06.27 23:16:31 | 000,025,635 | ---- | M] () -- C:\Users\Slemani\Desktop\thomasperle.jpg
[2010.06.24 15:07:24 | 000,000,845 | ---- | M] () -- C:\Users\Slemani\Desktop\Pontifex Demo.lnk
[2010.06.23 18:15:06 | 000,000,882 | ---- | M] () -- C:\Users\Slemani\Desktop\Bridge Building Game.lnk
[2010.06.20 10:17:27 | 001,771,489 | ---- | M] () -- C:\Users\Slemani\Desktop\sa-mp-102.png
[2010.06.19 21:23:51 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.06.16 19:03:18 | 000,000,081 | ---- | M] () -- C:\Users\Slemani\Desktop\keybinder_settings.ini
[2010.06.16 16:45:27 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2010.06.16 16:45:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010.06.16 16:42:42 | 000,016,384 | ---- | M] () -- C:\Users\Slemani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.16 16:39:56 | 000,000,108 | ---- | M] () -- C:\Users\Slemani\Desktop\index.htm
[2010.06.16 16:38:11 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010.06.16 16:25:40 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Lifeblog 2.5.lnk
[2010.06.15 13:34:43 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2010.06.13 17:18:36 | 001,450,196 | ---- | M] () -- C:\Users\Slemani\Desktop\sa-mp-015.png
[2010.06.11 20:29:43 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.06.09 19:38:44 | 000,000,318 | ---- | M] () -- C:\Windows\System32\USERDATA.DAT
[2010.06.05 20:01:31 | 000,200,132 | ---- | M] () -- C:\Users\Slemani\Desktop\energetics.jpg
[2010.06.05 13:11:14 | 000,001,444 | ---- | M] () -- C:\Users\Slemani\Desktop\DivX Movies.lnk
[2010.06.05 13:11:00 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.06.05 13:10:51 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.07.03 15:14:18 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.03 11:19:18 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\ClearProg.lnk
[2010.07.02 20:22:03 | 000,001,983 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2010.07.02 19:49:38 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2010.07.01 22:09:16 | 000,001,653 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010.07.01 22:08:15 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010.07.01 22:07:43 | 061,608,586 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010.07.01 21:36:46 | 000,524,288 | -HS- | C] () -- C:\Users\Slemani\ntuser.dat{d50eb9ad-8547-11df-889f-001e9003f87f}.TMContainer00000000000000000002.regtrans-ms
[2010.07.01 21:36:46 | 000,524,288 | -HS- | C] () -- C:\Users\Slemani\ntuser.dat{d50eb9ad-8547-11df-889f-001e9003f87f}.TMContainer00000000000000000001.regtrans-ms
[2010.07.01 21:36:46 | 000,065,536 | -HS- | C] () -- C:\Users\Slemani\ntuser.dat{d50eb9ad-8547-11df-889f-001e9003f87f}.TM.blf
[2010.07.01 20:39:37 | 000,327,680 | ---- | C] () -- C:\Windows\SPInstall.etl
[2010.07.01 18:06:00 | 109,388,216 | ---- | C] () -- C:\Users\Slemani\Desktop\gta4_1.0.7.0.zip
[2010.07.01 17:46:30 | 000,000,959 | ---- | C] () -- C:\Users\Slemani\Desktop\LaunchGTAIV.exe - Verknüpfung.lnk
[2010.06.30 16:16:05 | 013,989,259 | ---- | C] () -- C:\Users\Slemani\Desktop\afagaghaahahhahahahahahahahhaah.wma
[2010.06.30 16:15:09 | 003,512,611 | ---- | C] () -- C:\Users\Slemani\Desktop\JIR ASAADDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD.wma
[2010.06.30 16:14:22 | 005,318,415 | ---- | C] () -- C:\Users\Slemani\Desktop\dgrfgrzhhhdrhdhdhdhd.wma
[2010.06.30 13:40:18 | 000,004,083 | ---- | C] () -- C:\Users\Slemani\AppData\Local\ffvunml_navps.dat
[2010.06.30 13:40:17 | 000,248,064 | ---- | C] () -- C:\Users\Slemani\AppData\Local\ffvunml_nav.dat
[2010.06.30 13:40:16 | 000,003,306 | ---- | C] () -- C:\Users\Slemani\AppData\Local\ffvunml.dat
[2010.06.28 20:06:53 | 000,608,256 | ---- | C] () -- C:\Users\Slemani\Desktop\blackra1n(2).exe
[2010.06.28 19:58:32 | 004,570,608 | ---- | C] () -- C:\Users\Slemani\Desktop\Spirit.exe
[2010.06.28 19:14:41 | 239,139,281 | ---- | C] () -- C:\Users\Slemani\Desktop\iPhone1,2_3.1.3_7E18_Restore.ipsw
[2010.06.27 23:16:36 | 000,137,722 | ---- | C] () -- C:\Users\Slemani\Desktop\Unbenannt.jpg
[2010.06.27 23:16:31 | 000,025,635 | ---- | C] () -- C:\Users\Slemani\Desktop\thomasperle.jpg
[2010.06.24 15:07:24 | 000,000,845 | ---- | C] () -- C:\Users\Slemani\Desktop\Pontifex Demo.lnk
[2010.06.23 18:15:06 | 000,000,882 | ---- | C] () -- C:\Users\Slemani\Desktop\Bridge Building Game.lnk
[2010.06.20 10:17:26 | 001,771,489 | ---- | C] () -- C:\Users\Slemani\Desktop\sa-mp-102.png
[2010.06.16 19:03:18 | 000,000,081 | ---- | C] () -- C:\Users\Slemani\Desktop\keybinder_settings.ini
[2010.06.16 16:45:27 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2010.06.16 16:45:25 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010.06.16 16:45:17 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2010.06.16 16:39:54 | 000,000,108 | ---- | C] () -- C:\Users\Slemani\Desktop\index.htm
[2010.06.16 16:38:11 | 000,002,047 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010.06.16 16:25:40 | 000,001,911 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Lifeblog 2.5.lnk
[2010.06.13 17:18:35 | 001,450,196 | ---- | C] () -- C:\Users\Slemani\Desktop\sa-mp-015.png
[2010.06.11 20:29:43 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.06.05 20:01:30 | 000,200,132 | ---- | C] () -- C:\Users\Slemani\Desktop\energetics.jpg
[2010.06.05 13:11:13 | 000,001,444 | ---- | C] () -- C:\Users\Slemani\Desktop\DivX Movies.lnk
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.02.07 01:49:05 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.12.12 11:06:03 | 000,053,248 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.10.19 20:30:23 | 000,138,592 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.10.19 20:29:53 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2009.08.14 18:01:39 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009.08.14 18:01:39 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009.08.14 17:40:46 | 000,000,342 | ---- | C] () -- C:\Windows\{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}_WiseFW.ini
[2009.08.03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2006.08.11 10:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2005.01.25 16:15:42 | 000,010,240 | ---- | C] () -- C:\Windows\System32\PA207Usd.dll
 
========== LOP Check ==========
 
[2010.01.02 19:59:54 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Azureus
[2010.07.03 11:08:03 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\DNA
[2010.01.13 09:07:38 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\GHISLER
[2010.04.05 01:50:03 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\ManyCam
[2010.06.16 16:44:03 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Nokia
[2010.02.21 19:46:33 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\OpenOffice.org
[2009.11.15 22:20:19 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Paltalk
[2010.06.16 16:25:32 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\PC Suite
[2001.12.31 16:43:47 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\TeamViewer
[2010.02.21 01:37:43 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Template
[2010.06.11 20:31:15 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\TS3Client
[2010.06.29 23:04:10 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\TuneUpMedia
[2010.03.30 13:33:05 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\widestream
[2010.04.05 12:27:22 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Youtube Downloader HD
[2010.07.03 01:25:33 | 000,032,520 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.07.02 23:02:27 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{36344970-D69B-4C67-A179-A8F6B3698A32}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> C:\Users\Slemani\Documents\Clip0000.AVI:TOC.WMV
< End of report >
         
--- --- ---
[2010.07.03 15:21:28 | 000,000,000 | R--D | M] -- C:\Users\Slemani\Downloads
[2010.07.03 15:21:28 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Local\Temp
[2010.07.03 15:20:39 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Skype
[2010.07.03 15:18:36 | 003,670,016 | -HS- | M] () -- C:\Users\Slemani\ntuser.dat
[2010.07.03 15:18:36 | 000,262,144 | -H-- | M] () -- C:\Users\Slemani\ntuser.dat.LOG1
[2010.07.03 15:14:28 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Malwarebytes
[2010.07.03 15:14:20 | 000,000,000 | ---D | M] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.07.03 15:14:18 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.03 15:14:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2010.07.03 15:08:31 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\skypePM
[2010.07.03 15:08:28 | 000,000,000 | ---D | M] -- C:\Users\Slemani\Tracing
[2010.07.03 15:00:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.03 13:34:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.07.03 12:19:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\SecuROM
[2010.07.03 12:18:44 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Local\Rockstar Games
[2010.07.03 12:18:16 | 000,000,000 | ---D | M] -- C:\Programme\Rockstar Games
[2010.07.03 12:14:19 | 000,033,069 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.07.03 12:14:19 | 000,033,069 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.07.03 11:48:36 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Local\PMB Files
[2010.07.03 11:19:18 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\ClearProg.lnk
[2010.07.03 11:19:18 | 000,000,000 | ---D | M] -- C:\Programme\ClearProg
[2010.07.03 11:11:57 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.03 11:08:03 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\DNA
[2010.07.03 11:04:06 | 000,656,262 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.03 11:04:06 | 000,614,440 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.03 11:04:06 | 000,121,228 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.03 11:04:06 | 000,108,030 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.03 11:04:05 | 001,491,156 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.03 10:57:55 | 000,000,000 | ---D | M] -- C:\Programme\DNA
[2010.07.03 10:57:45 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA
[2010.07.03 10:57:31 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.03 10:57:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.03 01:25:03 | 004,499,439 | -H-- | M] () -- C:\Users\Slemani\AppData\Local\IconCache.db
[2010.07.02 23:02:27 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{36344970-D69B-4C67-A179-A8F6B3698A32}.job
[2010.07.02 20:40:19 | 000,000,000 | ---D | M] -- C:\Users\Slemani\Desktop
[2010.07.02 20:22:03 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2010.07.02 20:18:15 | 000,000,000 | R--D | M] -- C:\Users\Slemani\Videos
[2010.07.02 20:18:15 | 000,000,000 | R--D | M] -- C:\Users\Slemani\Documents
[2010.07.02 20:18:13 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Local\Microsoft
[2010.07.02 20:16:53 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft Games for Windows - LIVE
[2010.07.02 19:51:57 | 000,000,000 | -H-D | M] -- C:\Programme\InstallShield Installation Information
[2010.07.02 19:49:38 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2010.07.02 13:10:22 | 000,000,000 | ---D | M] -- C:\Programme\Nokia
[2010.07.02 12:54:50 | 000,004,083 | ---- | M] () -- C:\Users\Slemani\AppData\Local\ffvunml_navps.dat
[2010.07.02 09:08:46 | 000,003,306 | ---- | M] () -- C:\Users\Slemani\AppData\Local\ffvunml.dat
[2010.07.02 07:18:56 | 000,000,000 | ---D | M] -- C:\Programme\Windows Sidebar
[2010.07.02 07:18:56 | 000,000,000 | ---D | M] -- C:\Programme\Windows Media Player
[2010.07.02 07:18:56 | 000,000,000 | ---D | M] -- C:\Programme\Windows Mail
[2010.07.02 07:18:56 | 000,000,000 | ---D | M] -- C:\Programme\Windows Journal
[2010.07.02 07:18:56 | 000,000,000 | ---D | M] -- C:\Programme\Windows Collaboration
[2010.07.02 07:18:56 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\Services
[2010.07.02 07:18:56 | 000,000,000 | ---D | M] -- C:\Programme\Movie Maker
[2010.07.02 07:18:56 | 000,000,000 | ---D | M] -- C:\Programme\Internet Explorer
[2010.07.02 07:00:36 | 000,000,092 | ---- | M] () -- C:\Users\Slemani\AppData\Local\gxqbsl.bat
[2010.07.01 23:06:01 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2010.07.01 22:39:21 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\microsoft shared
[2010.07.01 22:38:35 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft
[2010.07.01 22:09:16 | 000,001,653 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010.07.01 22:07:33 | 000,000,000 | ---D | M] -- C:\Programme\AVG
[2010.07.01 22:07:32 | 000,000,000 | ---D | M] -- C:\ProgramData\avg9
[2010.07.01 22:06:33 | 000,000,000 | --SD | M] -- C:\Users\Slemani\AppData\Roaming\Microsoft
[2010.07.01 22:04:56 | 000,000,000 | ---D | M] -- C:\Programme\DriftCity
[2010.07.01 22:04:28 | 000,000,000 | ---D | M] -- C:\Programme\Monopolie
[2010.07.01 22:01:33 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\Nokia
[2010.07.01 22:00:07 | 000,000,000 | ---D | M] -- C:\Programme\NortonInstaller
[2010.07.01 21:59:57 | 000,000,000 | ---D | M] -- C:\Programme\Norton Security Scan
[2010.07.01 21:59:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Norton
[2010.07.01 21:36:46 | 000,524,288 | -HS- | M] () -- C:\Users\Slemani\ntuser.dat{d50eb9ad-8547-11df-889f-001e9003f87f}.TMContainer00000000000000000002.regtrans-ms
[2010.07.01 21:36:46 | 000,524,288 | -HS- | M] () -- C:\Users\Slemani\ntuser.dat{d50eb9ad-8547-11df-889f-001e9003f87f}.TMContainer00000000000000000001.regtrans-ms
[2010.07.01 21:36:46 | 000,065,536 | -HS- | M] () -- C:\Users\Slemani\ntuser.dat{d50eb9ad-8547-11df-889f-001e9003f87f}.TM.blf
[2010.07.01 21:10:41 | 000,327,680 | ---- | M] () -- C:\Windows\SPInstall.etl
[2010.07.01 18:13:57 | 109,388,216 | ---- | M] () -- C:\Users\Slemani\Desktop\gta4_1.0.7.0.zip
[2010.07.01 17:46:30 | 000,000,959 | ---- | M] () -- C:\Users\Slemani\Desktop\LaunchGTAIV.exe - Verknüpfung.lnk
[2010.07.01 17:16:46 | 000,000,000 | RH-D | M] -- C:\Users\Slemani\AppData\Roaming\SecuROM
[2010.07.01 14:40:33 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Local\Google
[2010.06.30 23:21:51 | 000,000,284 | ---- | M] () -- C:\Users\Slemani\AppData\Roaming\wklnhst.dat
[2010.06.30 21:01:07 | 000,248,064 | ---- | M] () -- C:\Users\Slemani\AppData\Local\ffvunml_nav.dat
[2010.06.30 18:57:04 | 000,000,000 | ---D | M] -- C:\Programme\Cossacks - The Art Of War
[2010.06.30 18:56:54 | 000,000,437 | ---- | M] () -- C:\Users\Slemani\Desktop\sakey.cfg
[2010.06.30 18:53:20 | 000,000,000 | ---D | M] -- C:\Programme\Bridge Building Game
[2010.06.30 16:34:55 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\vlc
[2010.06.30 16:16:34 | 013,989,259 | ---- | M] () -- C:\Users\Slemani\Desktop\afagaghaahahhahahahahahahahhaah.wma
[2010.06.30 16:15:16 | 003,512,611 | ---- | M] () -- C:\Users\Slemani\Desktop\JIR ASAADDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD.wma
[2010.06.30 16:14:32 | 005,318,415 | ---- | M] () -- C:\Users\Slemani\Desktop\dgrfgrzhhhdrhdhdhdhd.wma
[2010.06.29 23:12:12 | 000,000,000 | R--D | M] -- C:\Users\Slemani\Contacts
[2010.06.29 23:04:10 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\TuneUpMedia
[2010.06.28 22:48:16 | 000,000,000 | R--D | M] -- C:\Users\Slemani\Favorites
[2010.06.28 20:06:55 | 000,608,256 | ---- | M] () -- C:\Users\Slemani\Desktop\blackra1n(2).exe
[2010.06.28 19:58:56 | 004,570,608 | ---- | M] () -- C:\Users\Slemani\Desktop\Spirit.exe
[2010.06.28 19:36:11 | 239,139,281 | ---- | M] () -- C:\Users\Slemani\Desktop\iPhone1,2_3.1.3_7E18_Restore.ipsw
[2010.06.28 07:50:54 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox
[2010.06.27 23:16:37 | 000,137,722 | ---- | M] () -- C:\Users\Slemani\Desktop\Unbenannt.jpg
[2010.06.27 23:16:31 | 000,025,635 | ---- | M] () -- C:\Users\Slemani\Desktop\thomasperle.jpg
[2010.06.25 13:05:30 | 000,000,000 | ---D | M] -- C:\Programme\Ask.com
[2010.06.24 15:08:33 | 000,000,000 | ---D | M] -- C:\Programme\Pontifex Demo
[2010.06.24 15:07:24 | 000,000,845 | ---- | M] () -- C:\Users\Slemani\Desktop\Pontifex Demo.lnk
[2010.06.23 18:15:06 | 000,000,882 | ---- | M] () -- C:\Users\Slemani\Desktop\Bridge Building Game.lnk
[2010.06.22 13:54:36 | 000,000,000 | ---D | M] -- C:\Programme\Messenger Plus! Live
[2010.06.20 10:17:27 | 001,771,489 | ---- | M] () -- C:\Users\Slemani\Desktop\sa-mp-102.png
[2010.06.19 21:23:51 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.06.16 19:03:18 | 000,000,081 | ---- | M] () -- C:\Users\Slemani\Desktop\keybinder_settings.ini
[2010.06.16 16:44:03 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Nokia
[2010.06.16 16:42:42 | 000,016,384 | ---- | M] () -- C:\Users\Slemani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.16 16:41:58 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Local\Nokia
[2010.06.16 16:41:56 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2010.06.16 16:41:54 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Local\NokiaAccount
[2010.06.16 16:39:56 | 000,000,108 | ---- | M] () -- C:\Users\Slemani\Desktop\index.htm
[2010.06.16 16:38:11 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010.06.16 16:38:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Nokia
[2010.06.16 16:37:00 | 000,000,000 | ---D | M] -- C:\Programme\Common Files
[2010.06.16 16:34:20 | 000,000,000 | ---D | M] -- C:\Programme\DIFX
[2010.06.16 16:33:30 | 000,000,000 | ---D | M] -- C:\Programme\PC Connectivity Solution
[2010.06.16 16:28:34 | 000,000,000 | ---D | M] -- C:\ProgramData\OviInstallerCache
[2010.06.16 16:25:40 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Lifeblog 2.5.lnk
[2010.06.16 16:25:32 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\PC Suite
[2010.06.15 13:34:45 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Local\GamersFirst LIVE!
[2010.06.15 13:34:43 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2010.06.15 13:34:26 | 000,000,000 | ---D | M] -- C:\ProgramData\PMB Files
[2010.06.13 17:18:36 | 001,450,196 | ---- | M] () -- C:\Users\Slemani\Desktop\sa-mp-015.png
[2010.06.11 20:31:15 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\TS3Client
[2010.06.11 20:29:43 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.06.11 20:29:43 | 000,000,000 | ---D | M] -- C:\Programme\TeamSpeak 3 Client
[2010.06.11 07:11:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2010.06.09 19:38:44 | 000,000,318 | ---- | M] () -- C:\Windows\System32\USERDATA.DAT
[2010.06.06 11:05:49 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft Silverlight
[2010.06.05 20:01:31 | 000,200,132 | ---- | M] () -- C:\Users\Slemani\Desktop\energetics.jpg
[2010.06.05 14:43:35 | 000,000,000 | ---D | M] -- C:\ProgramData\DivX
[2010.06.05 13:11:15 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\DivX Shared
[2010.06.05 13:11:14 | 000,001,444 | ---- | M] () -- C:\Users\Slemani\Desktop\DivX Movies.lnk
[2010.06.05 13:11:14 | 000,000,000 | ---D | M] -- C:\Programme\DivX
[2010.06.05 13:11:00 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.06.05 13:10:51 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.07.03 15:18:36 | 003,670,016 | -HS- | M] () -- C:\Users\Slemani\ntuser.dat
[2010.07.03 15:14:18 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.03 15:00:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.03 14:57:31 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.03 14:57:31 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.03 13:34:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.07.03 12:14:19 | 000,033,069 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.07.03 12:14:19 | 000,033,069 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.07.03 11:19:18 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\ClearProg.lnk
[2010.07.03 11:11:57 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.03 11:04:06 | 000,656,262 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.03 11:04:06 | 000,614,440 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.03 11:04:06 | 000,121,228 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.03 11:04:06 | 000,108,030 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.03 11:04:05 | 001,491,156 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.03 11:03:28 | 061,608,586 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010.07.03 10:57:31 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.03 10:57:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.03 10:57:14 | 3220,496,384 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.03 01:25:03 | 004,499,439 | -H-- | M] () -- C:\Users\Slemani\AppData\Local\IconCache.db
[2010.07.02 23:02:27 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{36344970-D69B-4C67-A179-A8F6B3698A32}.job
[2010.07.02 20:24:36 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.07.02 20:22:03 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2010.07.02 19:49:38 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2010.07.02 12:54:50 | 000,004,083 | ---- | M] () -- C:\Users\Slemani\AppData\Local\ffvunml_navps.dat
[2010.07.02 09:08:46 | 000,003,306 | ---- | M] () -- C:\Users\Slemani\AppData\Local\ffvunml.dat
[2010.07.02 07:00:36 | 000,000,092 | ---- | M] () -- C:\Users\Slemani\AppData\Local\gxqbsl.bat
[2010.07.01 22:09:16 | 000,001,653 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010.07.01 22:08:56 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010.07.01 22:08:47 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010.07.01 22:08:21 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010.07.01 22:08:15 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010.07.01 22:08:15 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010.07.01 21:36:46 | 000,524,288 | -HS- | M] () -- C:\Users\Slemani\ntuser.dat{d50eb9ad-8547-11df-889f-001e9003f87f}.TMContainer00000000000000000002.regtrans-ms
[2010.07.01 21:36:46 | 000,524,288 | -HS- | M] () -- C:\Users\Slemani\ntuser.dat{d50eb9ad-8547-11df-889f-001e9003f87f}.TMContainer00000000000000000001.regtrans-ms
[2010.07.01 21:36:46 | 000,065,536 | -HS- | M] () -- C:\Users\Slemani\ntuser.dat{d50eb9ad-8547-11df-889f-001e9003f87f}.TM.blf
[2010.07.01 21:10:41 | 000,327,680 | ---- | M] () -- C:\Windows\SPInstall.etl
[2010.07.01 18:13:57 | 109,388,216 | ---- | M] () -- C:\Users\Slemani\Desktop\gta4_1.0.7.0.zip
[2010.07.01 17:46:30 | 000,000,959 | ---- | M] () -- C:\Users\Slemani\Desktop\LaunchGTAIV.exe - Verknüpfung.lnk
[2010.06.30 23:21:51 | 000,000,284 | ---- | M] () -- C:\Users\Slemani\AppData\Roaming\wklnhst.dat
[2010.06.30 21:01:07 | 000,248,064 | ---- | M] () -- C:\Users\Slemani\AppData\Local\ffvunml_nav.dat
[2010.06.30 18:56:54 | 000,000,437 | ---- | M] () -- C:\Users\Slemani\Desktop\sakey.cfg
[2010.06.30 16:16:34 | 013,989,259 | ---- | M] () -- C:\Users\Slemani\Desktop\afagaghaahahhahahahahahahahhaah.wma
[2010.06.30 16:15:16 | 003,512,611 | ---- | M] () -- C:\Users\Slemani\Desktop\JIR ASAADDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD.wma
[2010.06.30 16:14:32 | 005,318,415 | ---- | M] () -- C:\Users\Slemani\Desktop\dgrfgrzhhhdrhdhdhdhd.wma
[2010.06.28 20:06:55 | 000,608,256 | ---- | M] () -- C:\Users\Slemani\Desktop\blackra1n(2).exe
[2010.06.28 19:58:56 | 004,570,608 | ---- | M] () -- C:\Users\Slemani\Desktop\Spirit.exe
[2010.06.28 19:36:11 | 239,139,281 | ---- | M] () -- C:\Users\Slemani\Desktop\iPhone1,2_3.1.3_7E18_Restore.ipsw
[2010.06.27 23:16:37 | 000,137,722 | ---- | M] () -- C:\Users\Slemani\Desktop\Unbenannt.jpg
[2010.06.27 23:16:31 | 000,025,635 | ---- | M] () -- C:\Users\Slemani\Desktop\thomasperle.jpg
[2010.06.24 15:07:24 | 000,000,845 | ---- | M] () -- C:\Users\Slemani\Desktop\Pontifex Demo.lnk
[2010.06.23 18:15:06 | 000,000,882 | ---- | M] () -- C:\Users\Slemani\Desktop\Bridge Building Game.lnk
[2010.06.20 10:17:27 | 001,771,489 | ---- | M] () -- C:\Users\Slemani\Desktop\sa-mp-102.png
[2010.06.19 21:23:51 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.06.16 19:03:18 | 000,000,081 | ---- | M] () -- C:\Users\Slemani\Desktop\keybinder_settings.ini
[2010.06.16 16:45:27 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2010.06.16 16:45:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010.06.16 16:42:42 | 000,016,384 | ---- | M] () -- C:\Users\Slemani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.16 16:39:56 | 000,000,108 | ---- | M] () -- C:\Users\Slemani\Desktop\index.htm
[2010.06.16 16:38:11 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010.06.16 16:25:40 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Lifeblog 2.5.lnk
[2010.06.15 13:34:43 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2010.06.13 17:18:36 | 001,450,196 | ---- | M] () -- C:\Users\Slemani\Desktop\sa-mp-015.png
[2010.06.11 20:29:43 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.06.09 19:38:44 | 000,000,318 | ---- | M] () -- C:\Windows\System32\USERDATA.DAT
[2010.06.05 20:01:31 | 000,200,132 | ---- | M] () -- C:\Users\Slemani\Desktop\energetics.jpg
[2010.06.05 13:11:14 | 000,001,444 | ---- | M] () -- C:\Users\Slemani\Desktop\DivX Movies.lnk
[2010.06.05 13:11:00 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.06.05 13:10:51 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== LOP Check ==========

[2010.01.02 19:59:54 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Azureus
[2010.07.03 11:08:03 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\DNA
[2010.01.13 09:07:38 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\GHISLER
[2010.04.05 01:50:03 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\ManyCam
[2010.06.16 16:44:03 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Nokia
[2010.02.21 19:46:33 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\OpenOffice.org
[2009.11.15 22:20:19 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Paltalk
[2010.06.16 16:25:32 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\PC Suite
[2001.12.31 16:43:47 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\TeamViewer
[2010.02.21 01:37:43 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Template
[2010.06.11 20:31:15 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\TS3Client
[2010.06.29 23:04:10 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\TuneUpMedia
[2010.03.30 13:33:05 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\widestream
[2010.04.05 12:27:22 | 000,000,000 | ---D | M] -- C:\Users\Slemani\AppData\Roaming\Youtube Downloader HD
[2010.07.03 01:25:33 | 000,032,520 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.07.02 23:02:27 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{36344970-D69B-4C67-A179-A8F6B3698A32}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Slemani\Documents\Clip0000.AVI:TOC.WMV

< End of report >
__________________

Alt 03.07.2010, 14:34   #4
azulkun
 
iexplore.exe startet im hintergrund - Standard

iexplore.exe startet im hintergrund



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 03.07.2010 15:17:28 - Run 1
OTL by OldTimer - Version 3.2.7.0     Folder = C:\Users\Slemani\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,84 Gb Total Space | 161,44 Gb Free Space | 53,13% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 465,65 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive E: | 150,20 Gb Total Space | 150,11 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
Drive F: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SLEMANI-PC
Current User Name: Slemani
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1AB639F5-C24A-4238-A5EC-D35CFEBE7E96}" = rport=137 | protocol=17 | dir=out | app=system | 
"{22208FEC-D48A-4BDA-9CEC-116A30B51C95}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{3E81C43E-D306-4A9B-B015-702DD013AF20}" = rport=445 | protocol=6 | dir=out | app=system | 
"{3F6AA2D3-BF87-4DE2-A324-3A807A781B78}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{54ABD0EA-2D23-4B72-9EF6-7DCA067E4349}" = rport=139 | protocol=6 | dir=out | app=system | 
"{5638031B-EEE5-47FE-8D22-E8193616DB96}" = lport=137 | protocol=17 | dir=in | app=system | 
"{58C706A0-544B-48A1-93E2-9134AB8A4BD5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{7598F0E7-EE4B-4C0A-BEA8-790FC329B71B}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B92F992C-43ED-4F2B-A9BB-3FF0486E1519}" = lport=138 | protocol=17 | dir=in | app=system | 
"{D906481C-851C-45B4-A34B-25E65F701D78}" = lport=445 | protocol=6 | dir=in | app=system | 
"{EAFD055A-FD70-4635-801D-F4DBC60B224C}" = rport=138 | protocol=17 | dir=out | app=system | 
"{F021B547-3478-4E35-B387-B636EB1CC157}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{018B2A81-BAED-4EC9-9FF3-CA0D8DD2F589}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{03E2DE70-6444-4ADD-A62A-EBC1EDE2BC48}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0606F200-643C-4456-AE27-79EAD2E3CCF5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0A788F02-64FD-444C-B197-9D3C21F1B9C1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0CA50644-F5B0-43A3-885A-30387038D423}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{0DCF97E8-8911-4E93-9672-646F49DDF3E5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{11EDFEC9-888D-43E0-BCC2-FB7DDDF3D29D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{132651AF-9816-42BD-960C-415469A2D6E3}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{14C56AB4-2362-4A9A-94F5-FE349AF39367}" = protocol=6 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe | 
"{17814C10-025C-4519-880D-FF49A79E0745}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{179605D4-FA7B-4D30-AE17-FE3B32B384AD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1B1CBF01-9CF8-4E3E-969D-AAEBD8407EAA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1CDC2EB0-FE94-4A37-AF15-7077EC063017}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1CFBBCD5-BE56-4942-A845-616179082C54}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{2112ED4B-1BD6-4A9D-BE53-E427689833B6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{21AB3451-EA3E-4F31-96CF-C39BFC08EA4D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{22004701-5F6E-4CE3-9186-AB1D59305674}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{22DDC3E9-1A26-4A82-9693-649B2625689E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{24E59C68-E00C-46CE-958D-1A202C1EDA28}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{255513F5-3F61-40A7-AF75-C38642A25153}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{25806DA3-23B9-4D52-939E-03067F88CF0A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2654F7CB-9B86-4575-AACF-9E0057826C6B}" = protocol=17 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe | 
"{26AB6419-D830-4840-A8F1-7839CCDE66E4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{27390D6B-A15E-442C-B7D1-31185C62B552}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{273E9DD2-9A5B-4100-8D85-2A5D7C52C12A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2905DB8E-FF45-469F-9DC8-D7A6CDCC5AB7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{29818F04-192F-410D-9882-8D6CD7E71998}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2D4B8BE1-2D65-4E97-901D-B504E6A18DF4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2DC6079D-F52E-48ED-AE26-7D433A6C5670}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2DD7D35C-EFF1-4A72-9C62-DA7D7FA1C48D}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{2F7FFC07-2759-49C8-9653-451BF99B7C20}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{33012317-02ED-4B12-A98A-861F2ED8F894}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe | 
"{338AD0C7-2FC3-48DB-99E5-42196E1755CF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{34738408-5320-4BEB-84C2-D404904FD7B9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{34889CBA-97D4-40EE-A954-3D956E51281C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{35D0127B-EDE9-485D-8E8A-395C00CFE7EA}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | 
"{37087E20-438E-4B92-A1B6-EA9732F0403A}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{374478DA-996F-45C4-8843-01C528A70839}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{381421CA-C58B-4451-8AEE-BAE5F4D85029}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3862AED5-784F-4203-B10E-F0823D3B150C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{39ECA34D-3CD1-4D8F-8D93-FBDF15F8B10C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3C4E0BFE-A026-4856-8D44-55A290EC9AC8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3C87522A-B0FD-40B2-9110-1E190F7740F5}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{3E22797F-6507-4B4A-B1EE-6444D80C98CC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3EA93328-7E23-4FC2-845B-3B3B54BFA682}" = protocol=6 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe | 
"{43134881-47C1-4872-B8BB-E13AD54D566F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{44EFBD33-5D4B-49C1-860C-93FE24FF4000}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{456D9D81-9348-45B5-BEDD-4B207623821A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{470656FA-C49E-4785-BBE4-19C66D98406C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{497D9CB1-68DE-4D05-B48A-18D26DA227E5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4BEE9007-CC59-4402-A728-49FB9B6EBD84}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4C6AEA1A-D2B9-441E-BC67-F7E8A1C27CDB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4D06BDA5-F546-49E6-9F1A-BC0CE3D703BA}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{4D17A11C-4120-455D-8536-E7B341DADB9E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4DF21308-7914-4A4F-8F18-903E5A455F16}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | 
"{51242EEE-DE78-43AD-A64D-E158E4A85E9A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{51EE5E46-9064-4CEA-BA96-788F9DBC2C43}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{53AB5118-0025-421E-AD2F-730254F2804E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{56556729-D0C9-4587-B413-471011FA3EED}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5757698C-AEC5-438E-8EAD-E583011F2605}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5792CD24-D924-42D6-A073-A211481F4BD1}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{58533A74-1191-440E-AD52-3D0E74BF6574}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5A478D5F-0D42-4D87-9614-F619F81B004C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5B3AA204-4BEC-45BB-BC39-8F767932E86B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5B893418-5A08-417E-BC73-E3BF886C4AF6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{5CBDCAA7-6BE4-449D-BAE8-555087715837}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5E330382-CE1D-4AEA-AB0C-93AA43A346D9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5E976E06-67EF-4B75-8F13-8FAE8215B475}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{619E407A-92E2-41BD-8F3D-C8C49F6E322E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{624EFA22-7871-49DD-8423-156F99FC768E}" = protocol=6 | dir=in | app=c:\program files\cracked steam\steam.exe | 
"{62FC1F49-B15B-4671-A1B6-89D95D5089DB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{64637F9C-62A3-4204-94AF-4933FEB7B8F5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{65CEF1F8-0A46-493A-8C8D-82CA238EE751}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6614EEFC-689E-4859-AAA7-83FB5F844016}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{68BA1743-CBC3-4202-8693-82C88EF9C669}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{6F2465A2-69BF-4216-BC82-70ABDFF2190E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6F90D56E-DFC6-410C-96C0-A8D176501505}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6FCD6F5D-B7DE-4914-A047-509158807AF3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6FEE642D-FFB1-487D-8626-10AF2474A0D5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{700203D2-1E23-4FAC-842A-630F7A13F711}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{72C34ACD-4E64-4AC3-AAE5-04ACC5BDF16F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{79D75CB8-10EA-4B24-A4ED-10FCA9714BE8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7BCD9D92-F841-49D5-92BE-35A00D44F1CF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7C1DA0A3-C594-415C-9C96-0675159BD30B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7D383645-E2D0-4C4B-9AEB-AD5CD11B1AFD}" = protocol=17 | dir=in | app=c:\gpotato.eu\allods online\bin\aogame.exe | 
"{7E4E940E-3903-4A55-A964-5112D864A868}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{802237A2-69AE-495A-B84F-F1DA4C7CD2C6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{816525CB-6671-4A5C-8ACE-D900B4F21C58}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{833A0BA3-10A9-4BD9-A593-34C2568A3333}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{856137FC-12F4-446E-A9B0-56E1A7703296}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{866DBD3E-B93D-433C-B1A6-E1DA3764696A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8B51F344-4C0C-40D3-BC32-F9894353F502}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8BE9229C-ECFF-43B9-B5B0-1CB614ADDDC7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8C3D1DE4-EA71-4051-941F-FF4A6514DAD4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8CF64927-B6FA-4C07-9DBF-6DBDBA8DE0EE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8DADE3B0-BE76-4FD0-9A6D-0DDA2416CB9F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{90DF88CF-5DAE-44BF-B9AF-EA31D7BC2CF5}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{94EBA2FE-6CA3-40E8-8575-C0F35C70331C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{98997C12-A073-4370-8F80-7BA9789F90F5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{99F7B2B3-41C5-4986-9ACD-AE350ADC49CA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9B5E3A18-95CF-43D9-B441-85EB4AC66726}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9DC6D8EE-58E1-4970-8F12-C1E92F8D4065}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9EA772C7-ADDF-4A95-A5D7-8758503BC651}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 
"{A0EC6CDF-FFFB-45BE-8F66-6A4BE53D768E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A29BF1EE-81DE-4E76-ADEC-EADB357CA650}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A30DEB55-7ACA-43DB-A28B-080AD5A4BDDA}" = protocol=17 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe | 
"{A465A832-3817-454C-9F83-A39CB3BCD618}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A5C05BE1-F2A1-4F94-BE72-35BE69A3D31A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A6AB33E8-21A2-457C-BCBF-8CDAB9CE7CD3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A914E886-19FF-4C2D-9C1D-AA5BB08340B4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AB9BF4C2-FF7B-42A2-AD82-F82107CCFEC9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{ACF71DF6-47DB-4CA6-A2D9-9C8349BA7068}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{AD3EE06F-BC62-48ED-87D3-A8BAD767A7F4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AD9A92D9-06F4-4EC5-BC35-EE93E90A7091}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{AE6DDA55-DB1C-45C4-BC90-FE8488C109E8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AEB14A51-F8A4-4EFC-9393-FD137DAC49D9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AEEA1BD9-048A-4EA0-8AED-D12174CE00AC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AFC2BDB8-781C-4A35-8E80-2B53A0BFAE10}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{B131890D-345C-4FF6-A62E-C455A0131B9B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B176FBB1-3B0A-4703-97CD-6CC592FA03F0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B680F31A-DE28-46C9-B95E-CF03DDD9D2F4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B76CD4F0-DD26-46AA-A991-6BFD51131128}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B92488D2-17F0-4EB6-9306-93400E5B3DC2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B95C3901-6FAA-4BD3-9772-FE1A1C9529CE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BA03AC31-659A-4B4F-9F3E-A16CEB7BA5D8}" = protocol=6 | dir=in | app=c:\gpotato.eu\allods online\bin\aogame.exe | 
"{BA85BDF1-8C22-46CA-B5CF-66E473A72CF0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BAF03957-E091-4194-A87D-8DDED5A4CBD9}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{BCDBA271-0345-4CAC-90AE-D56F13561BB2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BCDCAE0B-F7C8-41CC-9BFD-0A5EC9277DB8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BD407F4F-6232-482D-87D0-13115C739975}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{BE0DC6BF-5C85-47F1-BD7E-07F8E56B7B68}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BE432A66-2C7C-400B-9439-3A5DA44D5B4D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BFD458FE-0D3B-4BD7-8C73-751C20776DC4}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{C0864407-F309-4ECA-982C-3B6382371496}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C14F8938-11E3-43B7-85A4-5809DF276E57}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe | 
"{C1718636-234C-47A8-899F-36712DC12A6C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C45F0051-0835-4065-B6F9-C78EA9E9CD7A}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{C5CE7845-6C76-4AD2-8890-E166463997E4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CBE8D7FF-696C-43A3-B703-4454CE843829}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CC3C9588-4D68-42C4-A04A-4CEF2DF1DB16}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CFF97677-1246-42F5-A95A-3E832F21411C}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2 demo\bf2.exe | 
"{D34981CB-AA14-4C77-9773-96413C1C9C1E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D4172DFE-B89A-4C1B-A0D0-74DDD9757D51}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D5082451-6524-4BD7-8F5A-4C5E09BD531E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D92555D7-B8B1-4D3E-A12C-5FA777A1754D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DA068DED-F323-43EE-A779-D928DD55295E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DA18DD35-C99C-48D0-9CB5-A89ECDFA2EF3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DBCA2FBD-EF31-4DF8-A29B-23BAEE291429}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DBE26417-FC1E-4649-A35E-247AFAE6C9B2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DC4E87BF-4701-48C1-A696-080D0C4FBE38}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DD1C5C5B-4C31-460F-8792-64DF0A6C557A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DD39286E-11AC-49FC-A26D-362991F8DD0D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DD9D103E-6A67-49C5-ABA6-0134A148E1F9}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{E16F1457-2D6D-4FC2-A184-4BC96ADD4539}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E19B8994-28C0-449C-B90A-6ED20CF1E3F3}" = protocol=17 | dir=in | app=c:\program files\cracked steam\steam.exe | 
"{E5C855A2-5829-45F6-B065-D74C7153DD32}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2 demo\bf2.exe | 
"{E62E6118-CC4C-459E-B52E-81BB18D05932}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EA902A58-F810-4FAB-B9F6-E401B2686465}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EB1F4058-D905-48EF-AFBE-B20CC737D43F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{ECFDE477-0629-42A6-A5CA-DCAF57868ACC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{ED1C18A7-2CCC-4B8D-B4FD-842EFB04B332}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{ED6ED21A-F82C-481B-9F14-F7A719A38A9F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EDD5C4BC-C6C3-43C3-8E2E-BD8D320E03B9}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe | 
"{F0BB913B-9A74-4273-86C1-AEFD036C129F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F1C267C3-9AF6-40F1-9852-653E983A11F7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F38D2B12-DBB4-4905-9E6E-335589A65B3F}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{F3EC42C9-5FD4-408A-A900-8017DE6D4846}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F56F779C-FDD4-4BC3-986A-4A13984E5578}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{F90460EF-3D9D-4C24-99E7-3F847EFFEF7A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{F95EE622-530B-4434-90FC-8C65366A12AF}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{FE5A4BF8-6D8F-4814-8872-32584865A1B1}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 
"TCP Query User{795FD343-557C-4938-A9A4-C09A837C2AC3}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe | 
"TCP Query User{DF8A6624-7722-420D-86A2-24DC26A63240}C:\program files\cracked steam\steamapps\slemani1994\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\cracked steam\steamapps\slemani1994\counter-strike source\hl2.exe | 
"UDP Query User{204FB8CF-2EE0-400C-9A36-3FB4A8B064B4}C:\program files\cracked steam\steamapps\slemani1994\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\cracked steam\steamapps\slemani1994\counter-strike source\hl2.exe | 
"UDP Query User{450A3B61-209F-4419-9716-A83EDBB4DA24}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15e13d3b-4b57-4f68-9ba4-5d86c0931833}" = Pixia
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E5E2F9A-17D3-45CA-8FF0-B0C2927D4B03}" = MobileMe Control Panel
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{2966ABA9-55DF-475E-8D10-3A2EA9F2CCEE}" = VideoCap
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3186AEAE-E104-424D-9152-1BF6A4404758}" = Nokia Software Updater
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5721A8EA-A30F-4F66-9046-3F40C43AE1DC}" = Driver Detective
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{81CD6232-10F5-4832-B3DA-1B88B1571031}" = Nero 7 Essentials
"{835525BE-63BD-4EC4-9425-00CEAD4849C2}" = Widestream6
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}" = Battlefield 2(TM) Demo
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}" = FSCLounge
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A0BCF90F-B4E4-435C-A48D-8FAAE10554F9}" = Pixia
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524}" = Apple Application Support
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E94603CA-2996-4154-8EE2-A5FCD4BFB500}" = Nokia Lifeblog 2.5
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3D-Fahrschule Demo" = 3D-Fahrschule Demo
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"8461-7759-5462-8226" = Vuze
"AC3Filter" = AC3Filter (remove only)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AstrumNival Allods" = Allods Online 1.0.06.36
"AutoHotkey" = AutoHotkey 1.0.47.06
"AVG9Uninstall" = AVG Free 9.0
"Azureus" = Azureus
"Bridge Building Game" = Bridge Building Game
"CCleaner" = CCleaner (remove only)
"ClearProg" = ClearProg 1.6.0 Final
"Cossacks : Back To War" = Cossacks - Back To War
"Cossacks : The Art Of War" = Cossacks - The Art Of War
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Dkill95" = Dkill95
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"EW : Cossacks" = Cossacks - European Wars
"ffvunml" = Favorit
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube Download_is1" = Free YouTube Download 2.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"GamersFirst LIVE!" = GamersFirst LIVE!
"GamersFirst War Rock" = War Rock
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Luxor Amun Rising" = Luxor Amun Rising (remove only)
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"NIS" = Norton Internet Security
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PalTalk8.2" = PaltalkScene
"Picasa 3" = Picasa 3
"Pontifex Demo_is1" = Pontifex Demo 10.19.01
"Silkroad" = Silkroad
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUpMedia" = TuneUp Companion 1.6.9
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 1.9
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 05.03.2010 16:38:30 | Computer Name = Slemani-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung gta_sa.exe, Version 0.0.0.0, Zeitstempel 0x427101ca,
 fehlerhaftes Modul gta_sa.exe, Version 0.0.0.0, Zeitstempel 0x427101ca, Ausnahmecode
 0xc0000005, Fehleroffset 0x002e3d17,  Prozess-ID 0x1354, Anwendungsstartzeit 01cabca39220d52f.
 
Error - 06.03.2010 05:39:10 | Computer Name = Slemani-PC | Source = SecurityCenter | ID = 3
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
 WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern
 zu überwachen.
 
Error - 06.03.2010 05:58:17 | Computer Name = Slemani-PC | Source = SecurityCenter | ID = 3
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
 WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern
 zu überwachen.
 
Error - 06.03.2010 05:58:56 | Computer Name = Slemani-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung gta_sa.exe, Version 0.0.0.0, Zeitstempel 0x427101ca,
 fehlerhaftes Modul d3d9.dll, Version 5.3.1.904, Zeitstempel 0x42bc16c8, Ausnahmecode
 0xc0000005, Fehleroffset 0x0004b9a6,  Prozess-ID 0x1554, Anwendungsstartzeit 01cabd139eb11399.
 
Error - 06.03.2010 06:06:47 | Computer Name = Slemani-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 06.03.2010 08:37:41 | Computer Name = Slemani-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung nvSCPAPISvr.exe, Version 7.16.11.9062, Zeitstempel
 0x4a891472, fehlerhaftes Modul nvSCPAPISvr.exe, Version 7.16.11.9062, Zeitstempel
 0x4a891472, Ausnahmecode 0xc0000005, Fehleroffset 0x000105a3,  Prozess-ID 0x964, 
Anwendungsstartzeit 01cabd1342269dc9.
 
Error - 06.03.2010 09:55:40 | Computer Name = Slemani-PC | Source = SecurityCenter | ID = 3
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
 WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern
 zu überwachen.
 
Error - 06.03.2010 10:53:26 | Computer Name = Slemani-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 06.03.2010 13:10:23 | Computer Name = Slemani-PC | Source = SecurityCenter | ID = 3
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
 WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern
 zu überwachen.
 
Error - 06.03.2010 14:08:04 | Computer Name = Slemani-PC | Source = WerSvc | ID = 5007
Description = 
 
[ System Events ]
Error - 25.01.2010 17:17:03 | Computer Name = Slemani-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 26.01.2010 02:46:43 | Computer Name = Slemani-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 26.01.2010 13:34:48 | Computer Name = Slemani-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 29.01.2010 02:46:15 | Computer Name = Slemani-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 29.01.2010 05:38:12 | Computer Name = Slemani-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.100 für die Netzwerkkarte mit der Netzwerkadresse
 001E9003F87F wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server
 hat eine DHCPNACK-Meldung gesendet).
 
Error - 29.01.2010 18:37:03 | Computer Name = Slemani-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 30.01.2010 13:06:14 | Computer Name = Slemani-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 30.01.2010 16:48:06 | Computer Name = Slemani-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 01.02.2010 10:39:30 | Computer Name = Slemani-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 01.02.2010 18:18:55 | Computer Name = Slemani-PC | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         
--- --- ---

Alt 03.07.2010, 14:36   #5
azulkun
 
iexplore.exe startet im hintergrund - Standard

iexplore.exe startet im hintergrund



========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1AB639F5-C24A-4238-A5EC-D35CFEBE7E96}" = rport=137 | protocol=17 | dir=out | app=system |
"{22208FEC-D48A-4BDA-9CEC-116A30B51C95}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3E81C43E-D306-4A9B-B015-702DD013AF20}" = rport=445 | protocol=6 | dir=out | app=system |
"{3F6AA2D3-BF87-4DE2-A324-3A807A781B78}" = lport=2869 | protocol=6 | dir=in | app=system |
"{54ABD0EA-2D23-4B72-9EF6-7DCA067E4349}" = rport=139 | protocol=6 | dir=out | app=system |
"{5638031B-EEE5-47FE-8D22-E8193616DB96}" = lport=137 | protocol=17 | dir=in | app=system |
"{58C706A0-544B-48A1-93E2-9134AB8A4BD5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7598F0E7-EE4B-4C0A-BEA8-790FC329B71B}" = lport=139 | protocol=6 | dir=in | app=system |
"{B92F992C-43ED-4F2B-A9BB-3FF0486E1519}" = lport=138 | protocol=17 | dir=in | app=system |
"{D906481C-851C-45B4-A34B-25E65F701D78}" = lport=445 | protocol=6 | dir=in | app=system |
"{EAFD055A-FD70-4635-801D-F4DBC60B224C}" = rport=138 | protocol=17 | dir=out | app=system |
"{F021B547-3478-4E35-B387-B636EB1CC157}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{018B2A81-BAED-4EC9-9FF3-CA0D8DD2F589}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{03E2DE70-6444-4ADD-A62A-EBC1EDE2BC48}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0606F200-643C-4456-AE27-79EAD2E3CCF5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A788F02-64FD-444C-B197-9D3C21F1B9C1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0CA50644-F5B0-43A3-885A-30387038D423}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0DCF97E8-8911-4E93-9672-646F49DDF3E5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{11EDFEC9-888D-43E0-BCC2-FB7DDDF3D29D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{132651AF-9816-42BD-960C-415469A2D6E3}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{14C56AB4-2362-4A9A-94F5-FE349AF39367}" = protocol=6 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe |
"{17814C10-025C-4519-880D-FF49A79E0745}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{179605D4-FA7B-4D30-AE17-FE3B32B384AD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1B1CBF01-9CF8-4E3E-969D-AAEBD8407EAA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1CDC2EB0-FE94-4A37-AF15-7077EC063017}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1CFBBCD5-BE56-4942-A845-616179082C54}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{2112ED4B-1BD6-4A9D-BE53-E427689833B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21AB3451-EA3E-4F31-96CF-C39BFC08EA4D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22004701-5F6E-4CE3-9186-AB1D59305674}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22DDC3E9-1A26-4A82-9693-649B2625689E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24E59C68-E00C-46CE-958D-1A202C1EDA28}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{255513F5-3F61-40A7-AF75-C38642A25153}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{25806DA3-23B9-4D52-939E-03067F88CF0A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2654F7CB-9B86-4575-AACF-9E0057826C6B}" = protocol=17 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe |
"{26AB6419-D830-4840-A8F1-7839CCDE66E4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{27390D6B-A15E-442C-B7D1-31185C62B552}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{273E9DD2-9A5B-4100-8D85-2A5D7C52C12A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2905DB8E-FF45-469F-9DC8-D7A6CDCC5AB7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{29818F04-192F-410D-9882-8D6CD7E71998}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D4B8BE1-2D65-4E97-901D-B504E6A18DF4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2DC6079D-F52E-48ED-AE26-7D433A6C5670}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2DD7D35C-EFF1-4A72-9C62-DA7D7FA1C48D}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2F7FFC07-2759-49C8-9653-451BF99B7C20}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{33012317-02ED-4B12-A98A-861F2ED8F894}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{338AD0C7-2FC3-48DB-99E5-42196E1755CF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{34738408-5320-4BEB-84C2-D404904FD7B9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{34889CBA-97D4-40EE-A954-3D956E51281C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{35D0127B-EDE9-485D-8E8A-395C00CFE7EA}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{37087E20-438E-4B92-A1B6-EA9732F0403A}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{374478DA-996F-45C4-8843-01C528A70839}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{381421CA-C58B-4451-8AEE-BAE5F4D85029}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3862AED5-784F-4203-B10E-F0823D3B150C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{39ECA34D-3CD1-4D8F-8D93-FBDF15F8B10C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C4E0BFE-A026-4856-8D44-55A290EC9AC8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C87522A-B0FD-40B2-9110-1E190F7740F5}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{3E22797F-6507-4B4A-B1EE-6444D80C98CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3EA93328-7E23-4FC2-845B-3B3B54BFA682}" = protocol=6 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe |
"{43134881-47C1-4872-B8BB-E13AD54D566F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{44EFBD33-5D4B-49C1-860C-93FE24FF4000}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{456D9D81-9348-45B5-BEDD-4B207623821A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{470656FA-C49E-4785-BBE4-19C66D98406C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{497D9CB1-68DE-4D05-B48A-18D26DA227E5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4BEE9007-CC59-4402-A728-49FB9B6EBD84}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4C6AEA1A-D2B9-441E-BC67-F7E8A1C27CDB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4D06BDA5-F546-49E6-9F1A-BC0CE3D703BA}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{4D17A11C-4120-455D-8536-E7B341DADB9E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4DF21308-7914-4A4F-8F18-903E5A455F16}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{51242EEE-DE78-43AD-A64D-E158E4A85E9A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{51EE5E46-9064-4CEA-BA96-788F9DBC2C43}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53AB5118-0025-421E-AD2F-730254F2804E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{56556729-D0C9-4587-B413-471011FA3EED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5757698C-AEC5-438E-8EAD-E583011F2605}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5792CD24-D924-42D6-A073-A211481F4BD1}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{58533A74-1191-440E-AD52-3D0E74BF6574}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A478D5F-0D42-4D87-9614-F619F81B004C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B3AA204-4BEC-45BB-BC39-8F767932E86B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B893418-5A08-417E-BC73-E3BF886C4AF6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5CBDCAA7-6BE4-449D-BAE8-555087715837}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E330382-CE1D-4AEA-AB0C-93AA43A346D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E976E06-67EF-4B75-8F13-8FAE8215B475}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{619E407A-92E2-41BD-8F3D-C8C49F6E322E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{624EFA22-7871-49DD-8423-156F99FC768E}" = protocol=6 | dir=in | app=c:\program files\cracked steam\steam.exe |
"{62FC1F49-B15B-4671-A1B6-89D95D5089DB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64637F9C-62A3-4204-94AF-4933FEB7B8F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{65CEF1F8-0A46-493A-8C8D-82CA238EE751}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6614EEFC-689E-4859-AAA7-83FB5F844016}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{68BA1743-CBC3-4202-8693-82C88EF9C669}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{6F2465A2-69BF-4216-BC82-70ABDFF2190E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6F90D56E-DFC6-410C-96C0-A8D176501505}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6FCD6F5D-B7DE-4914-A047-509158807AF3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6FEE642D-FFB1-487D-8626-10AF2474A0D5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{700203D2-1E23-4FAC-842A-630F7A13F711}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{72C34ACD-4E64-4AC3-AAE5-04ACC5BDF16F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{79D75CB8-10EA-4B24-A4ED-10FCA9714BE8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7BCD9D92-F841-49D5-92BE-35A00D44F1CF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7C1DA0A3-C594-415C-9C96-0675159BD30B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D383645-E2D0-4C4B-9AEB-AD5CD11B1AFD}" = protocol=17 | dir=in | app=c:\gpotato.eu\allods online\bin\aogame.exe |
"{7E4E940E-3903-4A55-A964-5112D864A868}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{802237A2-69AE-495A-B84F-F1DA4C7CD2C6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{816525CB-6671-4A5C-8ACE-D900B4F21C58}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{833A0BA3-10A9-4BD9-A593-34C2568A3333}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{856137FC-12F4-446E-A9B0-56E1A7703296}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{866DBD3E-B93D-433C-B1A6-E1DA3764696A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B51F344-4C0C-40D3-BC32-F9894353F502}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8BE9229C-ECFF-43B9-B5B0-1CB614ADDDC7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C3D1DE4-EA71-4051-941F-FF4A6514DAD4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8CF64927-B6FA-4C07-9DBF-6DBDBA8DE0EE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8DADE3B0-BE76-4FD0-9A6D-0DDA2416CB9F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90DF88CF-5DAE-44BF-B9AF-EA31D7BC2CF5}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{94EBA2FE-6CA3-40E8-8575-C0F35C70331C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98997C12-A073-4370-8F80-7BA9789F90F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{99F7B2B3-41C5-4986-9ACD-AE350ADC49CA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B5E3A18-95CF-43D9-B441-85EB4AC66726}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9DC6D8EE-58E1-4970-8F12-C1E92F8D4065}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9EA772C7-ADDF-4A95-A5D7-8758503BC651}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{A0EC6CDF-FFFB-45BE-8F66-6A4BE53D768E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A29BF1EE-81DE-4E76-ADEC-EADB357CA650}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A30DEB55-7ACA-43DB-A28B-080AD5A4BDDA}" = protocol=17 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe |
"{A465A832-3817-454C-9F83-A39CB3BCD618}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A5C05BE1-F2A1-4F94-BE72-35BE69A3D31A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A6AB33E8-21A2-457C-BCBF-8CDAB9CE7CD3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A914E886-19FF-4C2D-9C1D-AA5BB08340B4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB9BF4C2-FF7B-42A2-AD82-F82107CCFEC9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ACF71DF6-47DB-4CA6-A2D9-9C8349BA7068}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AD3EE06F-BC62-48ED-87D3-A8BAD767A7F4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AD9A92D9-06F4-4EC5-BC35-EE93E90A7091}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AE6DDA55-DB1C-45C4-BC90-FE8488C109E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AEB14A51-F8A4-4EFC-9393-FD137DAC49D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AEEA1BD9-048A-4EA0-8AED-D12174CE00AC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFC2BDB8-781C-4A35-8E80-2B53A0BFAE10}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B131890D-345C-4FF6-A62E-C455A0131B9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B176FBB1-3B0A-4703-97CD-6CC592FA03F0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B680F31A-DE28-46C9-B95E-CF03DDD9D2F4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B76CD4F0-DD26-46AA-A991-6BFD51131128}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B92488D2-17F0-4EB6-9306-93400E5B3DC2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B95C3901-6FAA-4BD3-9772-FE1A1C9529CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BA03AC31-659A-4B4F-9F3E-A16CEB7BA5D8}" = protocol=6 | dir=in | app=c:\gpotato.eu\allods online\bin\aogame.exe |
"{BA85BDF1-8C22-46CA-B5CF-66E473A72CF0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BAF03957-E091-4194-A87D-8DDED5A4CBD9}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{BCDBA271-0345-4CAC-90AE-D56F13561BB2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BCDCAE0B-F7C8-41CC-9BFD-0A5EC9277DB8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD407F4F-6232-482D-87D0-13115C739975}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{BE0DC6BF-5C85-47F1-BD7E-07F8E56B7B68}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BE432A66-2C7C-400B-9439-3A5DA44D5B4D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BFD458FE-0D3B-4BD7-8C73-751C20776DC4}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{C0864407-F309-4ECA-982C-3B6382371496}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C14F8938-11E3-43B7-85A4-5809DF276E57}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe |
"{C1718636-234C-47A8-899F-36712DC12A6C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C45F0051-0835-4065-B6F9-C78EA9E9CD7A}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{C5CE7845-6C76-4AD2-8890-E166463997E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CBE8D7FF-696C-43A3-B703-4454CE843829}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CC3C9588-4D68-42C4-A04A-4CEF2DF1DB16}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CFF97677-1246-42F5-A95A-3E832F21411C}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2 demo\bf2.exe |
"{D34981CB-AA14-4C77-9773-96413C1C9C1E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4172DFE-B89A-4C1B-A0D0-74DDD9757D51}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5082451-6524-4BD7-8F5A-4C5E09BD531E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D92555D7-B8B1-4D3E-A12C-5FA777A1754D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA068DED-F323-43EE-A779-D928DD55295E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA18DD35-C99C-48D0-9CB5-A89ECDFA2EF3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DBCA2FBD-EF31-4DF8-A29B-23BAEE291429}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DBE26417-FC1E-4649-A35E-247AFAE6C9B2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DC4E87BF-4701-48C1-A696-080D0C4FBE38}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD1C5C5B-4C31-460F-8792-64DF0A6C557A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD39286E-11AC-49FC-A26D-362991F8DD0D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD9D103E-6A67-49C5-ABA6-0134A148E1F9}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{E16F1457-2D6D-4FC2-A184-4BC96ADD4539}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E19B8994-28C0-449C-B90A-6ED20CF1E3F3}" = protocol=17 | dir=in | app=c:\program files\cracked steam\steam.exe |
"{E5C855A2-5829-45F6-B065-D74C7153DD32}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2 demo\bf2.exe |
"{E62E6118-CC4C-459E-B52E-81BB18D05932}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EA902A58-F810-4FAB-B9F6-E401B2686465}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EB1F4058-D905-48EF-AFBE-B20CC737D43F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ECFDE477-0629-42A6-A5CA-DCAF57868ACC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ED1C18A7-2CCC-4B8D-B4FD-842EFB04B332}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ED6ED21A-F82C-481B-9F14-F7A719A38A9F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EDD5C4BC-C6C3-43C3-8E2E-BD8D320E03B9}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{F0BB913B-9A74-4273-86C1-AEFD036C129F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F1C267C3-9AF6-40F1-9852-653E983A11F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F38D2B12-DBB4-4905-9E6E-335589A65B3F}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F3EC42C9-5FD4-408A-A900-8017DE6D4846}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F56F779C-FDD4-4BC3-986A-4A13984E5578}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F90460EF-3D9D-4C24-99E7-3F847EFFEF7A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F95EE622-530B-4434-90FC-8C65366A12AF}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{FE5A4BF8-6D8F-4814-8872-32584865A1B1}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{795FD343-557C-4938-A9A4-C09A837C2AC3}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{DF8A6624-7722-420D-86A2-24DC26A63240}C:\program files\cracked steam\steamapps\slemani1994\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\cracked steam\steamapps\slemani1994\counter-strike source\hl2.exe |
"UDP Query User{204FB8CF-2EE0-400C-9A36-3FB4A8B064B4}C:\program files\cracked steam\steamapps\slemani1994\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\cracked steam\steamapps\slemani1994\counter-strike source\hl2.exe |
"UDP Query User{450A3B61-209F-4419-9716-A83EDBB4DA24}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15e13d3b-4b57-4f68-9ba4-5d86c0931833}" = Pixia
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E5E2F9A-17D3-45CA-8FF0-B0C2927D4B03}" = MobileMe Control Panel
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{2966ABA9-55DF-475E-8D10-3A2EA9F2CCEE}" = VideoCap
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3186AEAE-E104-424D-9152-1BF6A4404758}" = Nokia Software Updater
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5721A8EA-A30F-4F66-9046-3F40C43AE1DC}" = Driver Detective
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{81CD6232-10F5-4832-B3DA-1B88B1571031}" = Nero 7 Essentials
"{835525BE-63BD-4EC4-9425-00CEAD4849C2}" = Widestream6
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}" = Battlefield 2(TM) Demo
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}" = FSCLounge
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A0BCF90F-B4E4-435C-A48D-8FAAE10554F9}" = Pixia
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524}" = Apple Application Support
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E94603CA-2996-4154-8EE2-A5FCD4BFB500}" = Nokia Lifeblog 2.5
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3D-Fahrschule Demo" = 3D-Fahrschule Demo
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8461-7759-5462-8226" = Vuze
"AC3Filter" = AC3Filter (remove only)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AstrumNival Allods" = Allods Online 1.0.06.36
"AutoHotkey" = AutoHotkey 1.0.47.06
"AVG9Uninstall" = AVG Free 9.0
"Azureus" = Azureus
"Bridge Building Game" = Bridge Building Game
"CCleaner" = CCleaner (remove only)
"ClearProg" = ClearProg 1.6.0 Final
"Cossacks : Back To War" = Cossacks - Back To War
"Cossacks : The Art Of War" = Cossacks - The Art Of War
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Dkill95" = Dkill95
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"EW : Cossacks" = Cossacks - European Wars
"ffvunml" = Favorit
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube Download_is1" = Free YouTube Download 2.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"GamersFirst LIVE!" = GamersFirst LIVE!
"GamersFirst War Rock" = War Rock
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Luxor Amun Rising" = Luxor Amun Rising (remove only)
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"NIS" = Norton Internet Security
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PalTalk8.2" = PaltalkScene
"Picasa 3" = Picasa 3
"Pontifex Demo_is1" = Pontifex Demo 10.19.01
"Silkroad" = Silkroad
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUpMedia" = TuneUp Companion 1.6.9
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 1.9

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 05.03.2010 16:38:30 | Computer Name = Slemani-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung gta_sa.exe, Version 0.0.0.0, Zeitstempel 0x427101ca,
fehlerhaftes Modul gta_sa.exe, Version 0.0.0.0, Zeitstempel 0x427101ca, Ausnahmecode
0xc0000005, Fehleroffset 0x002e3d17, Prozess-ID 0x1354, Anwendungsstartzeit 01cabca39220d52f.

Error - 06.03.2010 05:39:10 | Computer Name = Slemani-PC | Source = SecurityCenter | ID = 3
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern
zu überwachen.

Error - 06.03.2010 05:58:17 | Computer Name = Slemani-PC | Source = SecurityCenter | ID = 3
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern
zu überwachen.

Error - 06.03.2010 05:58:56 | Computer Name = Slemani-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung gta_sa.exe, Version 0.0.0.0, Zeitstempel 0x427101ca,
fehlerhaftes Modul d3d9.dll, Version 5.3.1.904, Zeitstempel 0x42bc16c8, Ausnahmecode
0xc0000005, Fehleroffset 0x0004b9a6, Prozess-ID 0x1554, Anwendungsstartzeit 01cabd139eb11399.

Error - 06.03.2010 06:06:47 | Computer Name = Slemani-PC | Source = WerSvc | ID = 5007
Description =

Error - 06.03.2010 08:37:41 | Computer Name = Slemani-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung nvSCPAPISvr.exe, Version 7.16.11.9062, Zeitstempel
0x4a891472, fehlerhaftes Modul nvSCPAPISvr.exe, Version 7.16.11.9062, Zeitstempel
0x4a891472, Ausnahmecode 0xc0000005, Fehleroffset 0x000105a3, Prozess-ID 0x964,
Anwendungsstartzeit 01cabd1342269dc9.

Error - 06.03.2010 09:55:40 | Computer Name = Slemani-PC | Source = SecurityCenter | ID = 3
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern
zu überwachen.

Error - 06.03.2010 10:53:26 | Computer Name = Slemani-PC | Source = WerSvc | ID = 5007
Description =

Error - 06.03.2010 13:10:23 | Computer Name = Slemani-PC | Source = SecurityCenter | ID = 3
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern
zu überwachen.

Error - 06.03.2010 14:08:04 | Computer Name = Slemani-PC | Source = WerSvc | ID = 5007
Description =

[ System Events ]
Error - 25.01.2010 17:17:03 | Computer Name = Slemani-PC | Source = DCOM | ID = 10010
Description =

Error - 26.01.2010 02:46:43 | Computer Name = Slemani-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 26.01.2010 13:34:48 | Computer Name = Slemani-PC | Source = DCOM | ID = 10010
Description =

Error - 29.01.2010 02:46:15 | Computer Name = Slemani-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 29.01.2010 05:38:12 | Computer Name = Slemani-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.100 für die Netzwerkkarte mit der Netzwerkadresse
001E9003F87F wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).

Error - 29.01.2010 18:37:03 | Computer Name = Slemani-PC | Source = DCOM | ID = 10010
Description =

Error - 30.01.2010 13:06:14 | Computer Name = Slemani-PC | Source = DCOM | ID = 10010
Description =

Error - 30.01.2010 16:48:06 | Computer Name = Slemani-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 01.02.2010 10:39:30 | Computer Name = Slemani-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 01.02.2010 18:18:55 | Computer Name = Slemani-PC | Source = DCOM | ID = 10010
Description =


< End of report >


Alt 03.07.2010, 14:39   #6
azulkun
 
iexplore.exe startet im hintergrund - Standard

iexplore.exe startet im hintergrund



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4269

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

03.07.2010 15:23:49
mbam-log-2010-07-03 (15-23-49).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 130253
Laufzeit: 7 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)




puh^^

Alt 03.07.2010, 15:06   #7
MalwareHero
 
iexplore.exe startet im hintergrund - Standard

iexplore.exe startet im hintergrund



Ich hab da erst eine Frage zu ein paar Downloads/Dateien auf deinem Computer.

Zitat:
c:\program files\cracked steam\steam.exe
c:\program files\cracked steam\steamapps\slemani1994\counter-strike source\hl2.exe
Hast du / lädst du cracks/keygens runter? Ehrliche Antwort, bitte.



*******************************
__________________
Arroganz ist das Selbstbewusstsein des Minderwertigkeitskomplexes.
(Jean Rostand)

Alt 03.07.2010, 15:09   #8
azulkun
 
iexplore.exe startet im hintergrund - Standard

iexplore.exe startet im hintergrund



boah
das lange her
das wahr vor nem jahr
counterstrike source wahr das
mit gecracktem steam
aber ich habs doch gelöscht warum steht es noch da?

Alt 03.07.2010, 15:36   #9
MalwareHero
 
iexplore.exe startet im hintergrund - Standard

iexplore.exe startet im hintergrund



Zitat:
Zitat von azulkun Beitrag anzeigen
boah
das lange her
das wahr vor nem jahr
counterstrike source wahr das
mit gecracktem steam
aber ich habs doch gelöscht warum steht es noch da?
Ja.

Sorry aber Keygens/Cracks etc. verstossen gegen die Forenrichtlinien. Dafür darf ich kein Support geben.

Ich rate dir deswegen und auch aufgrund der Start Probleme und der Fehlermeldungen des Computers den PC sauber neuaufzusetzen.
Anleitung und Info über dieses Thema wird in diesem Thread von "coverflow" gut wiedergegeben:
Neuaufsetzen/ Benutzung von cracks/keygens:
http://www.trojaner-board.de/87569-k...-moeglich.html

http://www.trojaner-board.de/12154-a...sicherung.html

lg.

*********************************
__________________
Arroganz ist das Selbstbewusstsein des Minderwertigkeitskomplexes.
(Jean Rostand)

Alt 03.07.2010, 15:46   #10
azulkun
 
iexplore.exe startet im hintergrund - Standard

iexplore.exe startet im hintergrund



nein sie müssen mir keinen support geben über den crack von früher
damit haben die probleme nix zu tuhen
das wahr vor einem jahr zur information
die probleme habe ich jetzt seit ca 2 wochen

Antwort

Themen zu iexplore.exe startet im hintergrund
adobe, andere probleme, ask toolbar, ask.com, avg, avg free, beendet und geschlossen, bho, defender, e-mail, firefox, google, helper, hijack, hijackthis, iexplore.exe, internet, internet explorer, intrusion prevention, mozilla, mp3, object, plug-in, prozess, rundll, security, senden, software, symantec, system, vista, warum, windows




Ähnliche Themen: iexplore.exe startet im hintergrund


  1. Ein svchost.exe startet iexplore.exe-Instanzen
    Plagegeister aller Art und deren Bekämpfung - 23.09.2015 (13)
  2. Windows 7 : iexplore startet automatisch
    Log-Analyse und Auswertung - 28.08.2013 (16)
  3. iexplore.exe läuft mehrfach im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (3)
  4. Internet iexplore.exe läuft einfach im Hintergrund
    Alles rund um Windows - 01.09.2012 (1)
  5. "Licensevalidator.exe" u.A. in den Anwendungsordnern - iexplore.exe startet im hintergrund.
    Plagegeister aller Art und deren Bekämpfung - 21.04.2012 (32)
  6. iexplore.exe startet im hintergrund und etwas sendet an 64.120.141.163
    Log-Analyse und Auswertung - 02.10.2011 (7)
  7. iexplore.exe startet unerwünscht im Hintergrund, ruft dabei Seiten auf
    Log-Analyse und Auswertung - 13.07.2010 (2)
  8. iexplore.exe startet unaufgefordert und im Hintergrund automatisch!
    Log-Analyse und Auswertung - 09.07.2010 (10)
  9. iexplore.exe startet automatisch
    Plagegeister aller Art und deren Bekämpfung - 13.03.2009 (19)
  10. bei mir öffnen sich dauernd iexplore.exe im hintergrund
    Log-Analyse und Auswertung - 12.01.2009 (2)
  11. iexplore.exe startet ohne Grund!!!
    Plagegeister aller Art und deren Bekämpfung - 27.07.2008 (3)
  12. iexplore.exe im hintergrund und office installation?
    Log-Analyse und Auswertung - 21.11.2007 (11)
  13. iexplore.exe startet dauernd
    Plagegeister aller Art und deren Bekämpfung - 01.08.2007 (1)
  14. iexplore.exe startet selbsständig
    Log-Analyse und Auswertung - 08.01.2007 (2)
  15. iexplore.exe startet imma wieda neu
    Log-Analyse und Auswertung - 28.08.2006 (3)
  16. iexplore.exe startet sich selbst !!!
    Log-Analyse und Auswertung - 05.07.2006 (1)
  17. IExplore.exe startet dauernd...
    Log-Analyse und Auswertung - 13.08.2004 (3)

Zum Thema iexplore.exe startet im hintergrund - Hallo und zwar startet iexplore.exe im hintergrund Ich beende den prozess doch es kommt immer wieder. Hier mein logfile hoffentlich könnt ihr mir helfen. Wenn ihr andere probleme findet im - iexplore.exe startet im hintergrund...
Archiv
Du betrachtest: iexplore.exe startet im hintergrund auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.