| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Antimalware Doctor entfernt, trotzdem verdächtige Datei übrig (azlkl.sys)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
23.08.2010, 14:20
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Antimalware Doctor entfernt, trotzdem verdächtige Datei übrig (azlkl.sys) Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
23.08.2010, 15:09
| #2 |
 | Antimalware Doctor entfernt, trotzdem verdächtige Datei übrig (azlkl.sys) OTL Log
__________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 23.08.2010 15:53:47 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\****\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 659,11 Gb Total Space | 411,95 Gb Free Space | 62,50% Space Free | Partition Type: NTFS Drive D: | 10,23 Gb Total Space | 1,40 Gb Free Space | 13,73% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 1,88 Gb Total Space | 0,42 Gb Free Space | 22,52% Space Free | Partition Type: FAT G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive K: | 29,30 Gb Total Space | 2,38 Gb Free Space | 8,11% Space Free | Partition Type: NTFS Computer Name: **** Current User Name: **** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\****\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\update.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek) PRC - C:\Programme\Saitek\SD6\Software\ProfilerU.exe (Saitek) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) PRC - C:\Programme\Winamp\winampa.exe () PRC - C:\Programme\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - c:\hp\HPEZBTN\HPBtnSrv.exe () PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) PRC - C:\Programme\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro) ========== Modules (SafeList) ========== MOD - C:\Users\****\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (TeamViewer4) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (HPBtnSrv) -- c:\hp\HPEZBTN\HPBtnSrv.exe () ========== Driver Services (SafeList) ========== DRV - (SymIMMP) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (SaiNtBus) -- C:\Windows\System32\drivers\SaiBus.sys (Saitek) DRV - (SaiMini) -- C:\Windows\System32\drivers\SaiMini.sys (Saitek) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (npusbio) -- C:\Windows\System32\drivers\npusbio.sys (Thesycon GmbH, Germany) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.) DRV - (WmXlCore) -- C:\Windows\System32\drivers\WmXlCore.sys (Logitech Inc.) DRV - (WmVirHid) -- C:\Windows\System32\drivers\WmVirHid.sys (Logitech Inc.) DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.) DRV - (WmBEnum) -- C:\Windows\System32\drivers\WmBEnum.sys (Logitech Inc.) DRV - (msloop) -- C:\Windows\System32\drivers\loop.sys (Microsoft Corporation) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (SaiH075C) -- C:\Windows\System32\drivers\SaiH075C.sys (Saitek) DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH) DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=desktop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=desktop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)" FF - prefs.js..browser.startup.homepage: "hxxp://www.spiegel.de/" FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.21.0 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 3 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}: C:\Users\****\AppData\Roaming\Mozilla\FireFox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66} FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.25 12:20:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.26 12:25:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.03.17 10:33:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.07.03 16:13:00 | 000,000,000 | ---D | M] [2008.10.07 11:08:33 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\mozilla\Extensions [2010.08.19 12:24:37 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\ykqyfzp3.default\extensions [2010.05.07 19:05:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\ykqyfzp3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.07.10 10:55:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\ykqyfzp3.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2009.06.26 17:15:10 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\ykqyfzp3.default\extensions\battlefieldheroespatcher@ea.com [2010.06.06 13:45:56 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\ykqyfzp3.default\extensions\firefox@tvunetworks.com [2009.11.07 17:29:25 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\ykqyfzp3.default\extensions\moveplayer@movenetworks.com [2010.08.16 20:36:39 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\FireFox\Profiles\ykqyfzp3.default\searchplugins\icqplugin-1.xml [2010.07.10 10:55:50 | 000,000,168 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\FireFox\Profiles\ykqyfzp3.default\searchplugins\icqplugin.gif [2010.07.10 10:55:50 | 000,000,618 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\FireFox\Profiles\ykqyfzp3.default\searchplugins\icqplugin.src [2010.07.18 16:45:55 | 000,001,056 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\FireFox\Profiles\ykqyfzp3.default\searchplugins\icqplugin.xml [2010.08.19 12:24:37 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.03.23 18:27:48 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.03.12 11:56:45 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.03.12 11:56:45 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.12 11:56:45 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.03.12 11:56:45 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.03.12 11:56:45 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro) O4 - HKLM..\Run: [ProfilerU] C:\Programme\Saitek\SD6\Software\ProfilerU.exe (Saitek) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SaiMfd] C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek) O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O4 - Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: &AOL Toolbar-Suche - c:\Programme\AOL\AOL Toolbar 5.0\resources\de-DE\local\search.html () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {00000130-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/ACELPACM.CAB (Reg Error: Key error.) O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.03.25 23:49:00 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2d6d1f0d-93e2-11dd-93ca-001644941e23}\Shell - "" = AutoRun O33 - MountPoints2\{2d6d1f0d-93e2-11dd-93ca-001644941e23}\Shell\AutoRun\command - "" = L:\pushinst.exe -- File not found O33 - MountPoints2\{c0ee9682-01b0-11dd-866d-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{c0ee9682-01b0-11dd-866d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\stub.exe -- File not found O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.08.23 15:53:16 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe [2010.08.22 15:10:28 | 000,000,000 | ---D | C] -- C:\Programme\trend micro [2010.08.22 15:10:26 | 000,000,000 | ---D | C] -- C:\rsit [2010.08.21 23:18:58 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2010.08.21 16:38:43 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Malwarebytes [2010.08.21 16:35:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.08.21 16:35:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.08.21 16:35:28 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.08.21 16:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.08.21 16:35:14 | 003,420,304 | ---- | C] (Piriform Ltd) -- C:\Users\****\Desktop\ccsetup234.exe [2010.08.21 16:35:05 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\****\Desktop\mbam-setup.exe [2010.08.19 19:57:57 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\A631A1E0297E4A7307FA897ECBAE081B [2010.08.19 19:51:38 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\hyyeiuvxe [2010.08.19 19:51:09 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\9E5D7AD44EDC4D5D2F9AD202378D1506 [2010.08.18 19:13:49 | 000,000,000 | ---D | C] -- C:\Users\****\Desktop\Roadmaps [2010.08.16 22:23:51 | 000,000,000 | ---D | C] -- C:\Programme\VirtualBusA6CRC3 [2010.08.14 13:31:44 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\British_Airways_Virtual_F [2010.08.13 09:45:51 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2010.08.13 09:45:45 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.08.13 09:45:45 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.08.13 09:45:45 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.08.13 09:45:45 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.08.13 09:45:45 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.08.13 09:45:45 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010.08.13 09:45:45 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.08.13 09:45:45 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2010.08.13 09:45:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.08.13 09:45:44 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010.08.13 09:45:37 | 002,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.08.13 09:45:36 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.08.13 09:45:33 | 003,598,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010.08.13 09:45:32 | 003,545,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010.08.12 16:09:34 | 000,000,000 | R--D | C] -- C:\Users\****\Documents\Notes [2010.08.11 18:17:51 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\NVIDIA [2010.08.10 10:17:10 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\2K Games [2010.08.10 10:16:14 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2010.08.10 10:16:14 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2010.08.10 10:16:14 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2010.08.10 10:16:14 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2010.08.10 10:16:14 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2010.08.10 10:16:14 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2010.08.10 10:16:14 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2010.08.10 10:16:13 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2010.08.10 10:16:13 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2010.08.10 10:16:13 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2010.08.10 10:16:13 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2010.08.10 10:16:13 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2010.08.10 10:16:08 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2010.08.10 10:16:08 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2010.08.10 10:16:07 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2010.08.09 11:59:20 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam [2010.08.09 11:59:17 | 000,000,000 | ---D | C] -- C:\Programme\Steam [2010.08.08 22:50:49 | 000,000,000 | ---D | C] -- C:\Users\****\Desktop\treesbackup [2010.08.08 21:18:41 | 000,000,000 | ---D | C] -- C:\Programme\nHancer [2010.08.08 20:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon [2010.08.08 18:10:18 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010.08.08 18:08:59 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2010.08.08 18:08:59 | 011,008,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2010.08.08 18:08:59 | 005,107,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2010.08.08 18:08:59 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2010.08.08 18:08:59 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2010.08.08 18:08:57 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2010.08.08 18:08:57 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2010.08.08 18:08:57 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2010.08.08 18:08:57 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2010.08.08 18:08:57 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1922.dll [2010.08.08 18:08:57 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll [2010.08.02 15:10:57 | 000,000,000 | ---D | C] -- C:\Users\****\Desktop\MfN2 [2010.07.29 11:05:50 | 000,000,000 | ---D | C] -- C:\Users\****\Desktop\Blues Brothers 2000 [2010.07.27 12:00:01 | 000,144,384 | ---- | C] (Intel Corporation) -- C:\Windows\System32\Iacenc.dll [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.08.23 15:56:03 | 000,783,872 | ---- | M] () -- C:\Windows\System32\drivers\azlkl.sys [2010.08.23 15:54:09 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2010.08.23 15:53:43 | 004,194,304 | -HS- | M] () -- C:\Users\****\NTUSER.DAT [2010.08.23 15:52:33 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B7A6DFE8-4CD8-4873-B942-5716A181E03A}.job [2010.08.23 15:51:46 | 000,037,781 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.08.23 15:51:46 | 000,037,781 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.08.23 15:51:34 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.08.23 15:51:30 | 000,004,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.08.23 15:51:30 | 000,004,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.08.23 15:51:29 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.08.23 15:51:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.08.23 15:51:18 | 3220,480,000 | -HS- | M] () -- C:\hiberfil.sys [2010.08.23 15:47:56 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe [2010.08.22 15:34:06 | 000,524,288 | -HS- | M] () -- C:\Users\****\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2010.08.22 15:34:06 | 000,065,536 | -HS- | M] () -- C:\Users\****\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010.08.22 15:33:59 | 004,112,538 | -H-- | M] () -- C:\Users\****\AppData\Local\IconCache.db [2010.08.22 15:18:04 | 001,418,600 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.08.22 15:18:04 | 000,618,192 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.08.22 15:18:04 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.08.22 15:18:04 | 000,122,442 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.08.22 15:18:04 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.08.22 14:15:26 | 000,339,991 | ---- | M] () -- C:\Users\****\Desktop\RSIT.exe [2010.08.21 23:47:26 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.08.21 23:24:32 | 000,238,976 | ---- | M] () -- C:\Users\****\Documents\cc_20100821_232423.reg [2010.08.21 23:18:58 | 000,000,806 | ---- | M] () -- C:\Users\****\Desktop\CCleaner.lnk [2010.08.21 16:35:32 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.21 16:19:34 | 003,420,304 | ---- | M] (Piriform Ltd) -- C:\Users\****\Desktop\ccsetup234.exe [2010.08.19 21:43:00 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\****\Desktop\mbam-setup.exe [2010.08.18 19:48:02 | 000,002,579 | ---- | M] () -- C:\Users\****\Desktop\EuroScope 3.1d.lnk [2010.08.16 12:48:31 | 000,524,288 | -HS- | M] () -- C:\Users\****\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010.08.14 23:34:04 | 000,000,000 | ---- | M] () -- C:\FileOut.Cns [2010.08.14 23:34:04 | 000,000,000 | ---- | M] () -- C:\FileIn.Cns [2010.08.14 13:24:31 | 000,540,160 | ---- | M] () -- C:\Users\****\Desktop\pegasus.exe [2010.08.14 10:29:57 | 000,319,736 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.08.09 12:05:34 | 000,000,788 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2010.08.05 16:04:10 | 046,989,789 | ---- | M] () -- C:\Users\****\Desktop\M2_KITH_US.wmv [2010.08.05 11:19:14 | 000,715,934 | ---- | M] () -- C:\Users\****\Desktop\PMC1B-HV-Blockprakt_2009_Aenderung.pdf [2010.08.05 11:19:08 | 001,193,835 | ---- | M] () -- C:\Users\****\Desktop\PMC1A-HV-WS0910.pdf [2010.08.05 11:18:52 | 002,255,228 | ---- | M] () -- C:\Users\****\Desktop\PMC1-VV-WS0910.pdf [2010.07.30 18:50:43 | 000,016,197 | ---- | M] () -- C:\Users\****\Desktop\Panela300backup.cfg [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.08.22 15:01:55 | 000,339,991 | ---- | C] () -- C:\Users\****\Desktop\RSIT.exe [2010.08.21 23:24:26 | 000,238,976 | ---- | C] () -- C:\Users\****\Documents\cc_20100821_232423.reg [2010.08.21 23:18:58 | 000,000,806 | ---- | C] () -- C:\Users\****\Desktop\CCleaner.lnk [2010.08.21 16:35:32 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.19 19:51:59 | 000,783,872 | ---- | C] () -- C:\Windows\System32\drivers\azlkl.sys [2010.08.14 13:33:31 | 000,540,160 | ---- | C] () -- C:\Users\****\Desktop\pegasus.exe [2010.08.09 11:59:17 | 000,000,788 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2010.08.08 23:22:09 | 000,000,571 | ---- | C] () -- C:\Users\****\Desktop\0_eddf_fs9_vtp.Bgl [2010.08.08 18:25:18 | 000,037,781 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010.08.08 18:25:18 | 000,037,781 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010.08.08 18:08:59 | 000,009,596 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2010.08.05 11:19:14 | 000,715,934 | ---- | C] () -- C:\Users\****\Desktop\PMC1B-HV-Blockprakt_2009_Aenderung.pdf [2010.08.05 11:19:08 | 001,193,835 | ---- | C] () -- C:\Users\****\Desktop\PMC1A-HV-WS0910.pdf [2010.08.05 11:18:51 | 002,255,228 | ---- | C] () -- C:\Users\****\Desktop\PMC1-VV-WS0910.pdf [2010.08.02 19:13:54 | 046,989,789 | ---- | C] () -- C:\Users\****\Desktop\M2_KITH_US.wmv [2010.07.30 22:28:16 | 000,016,197 | ---- | C] () -- C:\Users\****\Desktop\Panela300backup.cfg [2010.07.27 12:00:01 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll [2010.06.25 19:16:36 | 000,005,378 | ---- | C] () -- C:\Windows\PSPICEEV.INI [2010.06.25 19:16:35 | 000,176,128 | ---- | C] () -- C:\Windows\System32\lffax60n.dll [2010.06.25 19:16:35 | 000,141,824 | ---- | C] () -- C:\Windows\System32\lfcmp60n.dll [2010.06.25 19:16:35 | 000,110,080 | ---- | C] () -- C:\Windows\System32\lfpng60n.dll [2010.06.25 19:16:35 | 000,046,080 | ---- | C] () -- C:\Windows\System32\lftif60n.dll [2010.06.25 19:16:35 | 000,043,008 | ---- | C] () -- C:\Windows\System32\ltfil60n.dll [2010.06.25 19:16:35 | 000,023,552 | ---- | C] () -- C:\Windows\System32\lfpcx60n.dll [2010.06.25 19:16:35 | 000,022,528 | ---- | C] () -- C:\Windows\System32\lfpct60n.dll [2010.06.25 19:16:35 | 000,022,528 | ---- | C] () -- C:\Windows\System32\lfeps60n.dll [2010.06.25 19:16:35 | 000,022,016 | ---- | C] () -- C:\Windows\System32\lfbmp60n.dll [2010.06.25 19:16:35 | 000,020,480 | ---- | C] () -- C:\Windows\System32\lfpsd60n.dll [2010.06.25 19:16:35 | 000,019,968 | ---- | C] () -- C:\Windows\System32\lftga60n.dll [2010.06.25 19:16:35 | 000,019,456 | ---- | C] () -- C:\Windows\System32\lfwpg60n.dll [2010.06.25 19:16:35 | 000,019,456 | ---- | C] () -- C:\Windows\System32\lfwmf60n.dll [2010.06.25 19:16:35 | 000,018,432 | ---- | C] () -- C:\Windows\System32\lfmsp60n.dll [2010.06.25 19:16:35 | 000,017,920 | ---- | C] () -- C:\Windows\System32\lfmac60n.dll [2010.06.25 19:16:35 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll [2010.03.21 17:20:34 | 000,000,993 | ---- | C] () -- C:\Windows\STBC.ini [2009.07.14 17:15:00 | 000,178,432 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2009.06.25 22:42:55 | 000,139,152 | ---- | C] () -- C:\Users\****\AppData\Roaming\PnkBstrK.sys [2009.02.23 23:03:52 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2008.11.02 01:20:29 | 000,000,083 | ---- | C] () -- C:\Users\****\AppData\Local\X-Plane Installer.prf [2008.11.02 01:20:08 | 000,000,049 | ---- | C] () -- C:\Users\****\AppData\Local\x-plane_install.txt [2008.10.31 13:09:14 | 000,009,216 | ---- | C] () -- C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.10.25 16:04:10 | 000,138,384 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2008.10.11 00:01:25 | 000,000,138 | ---- | C] () -- C:\Users\****\AppData\Roaming\wklnhst.dat [2008.10.10 22:29:01 | 000,022,016 | ---- | C] () -- C:\Windows\System32\prospeed_bmp2jpg.dll [2008.03.25 23:42:55 | 000,000,342 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2008.03.25 22:37:36 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll [2008.03.25 22:37:36 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll [2007.05.01 16:11:28 | 000,005,632 | ---- | C] () -- C:\Windows\System32\SaiC075C_11.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.09.01 19:14:08 | 000,097,280 | ---- | C] () -- C:\Windows\System32\TSRemote.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:40D3D3E8 < End of report > Extras.txt OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 23.08.2010 15:53:47 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Nils Friedrich\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 659,11 Gb Total Space | 411,95 Gb Free Space | 62,50% Space Free | Partition Type: NTFS
Drive D: | 10,23 Gb Total Space | 1,40 Gb Free Space | 13,73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1,88 Gb Total Space | 0,42 Gb Free Space | 22,52% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 29,30 Gb Total Space | 2,38 Gb Free Space | 8,11% Space Free | Partition Type: NTFS
Computer Name: ****
Current User Name: ****
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CB16A58-3AC5-47E5-9CC8-FAA678142E6D}" = lport=3290 | protocol=17 | dir=in | name=fs internet |
"{55B12F61-0228-45AE-BC10-286C15F1F49A}" = lport=8590 | protocol=6 | dir=in | name=aa |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{060C78B9-5872-40F9-A389-7A99751E0CE5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0757426F-9F02-4617-8000-959A9D1236DA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{094040F2-709B-49B7-959B-76D5E91E54D4}" = protocol=17 | dir=in | app=c:\battlefield 2\bf2.exe |
"{09D44283-5225-4BB2-B75F-B88699C3592B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09DDB459-A969-4E85-B691-75F817A70869}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0B092F34-E00B-40AA-9571-8FF09A0AFDD1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C7755BA-3218-4CFB-B74C-9E345F57110A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C9E0D8D-3635-4F34-BA4E-434A2B002988}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0EF8B00E-4E50-4FA2-B13F-B0174B3D58C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F5164F6-ED1B-414B-A8CD-6234DD8B235A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F9B5948-A8A1-4207-88E7-98EC0E8DA666}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0FE60B04-6C12-4A5E-92B1-277DB1B6D387}" = protocol=17 | dir=in | app=c:\program files\concept design\onlinetv 4\onlinetv.exe |
"{1013D944-22E4-479D-812C-650410C690AE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1193A736-EC87-4E7F-B6D1-08155A4CCC85}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1402143A-4D84-4846-AD1F-B0A00663182A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{15272FE3-A4EA-4270-8C5B-544ED6C90CF5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{16D296E4-AFA4-4BBE-A870-1337B39FBF62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{18B73335-B2F0-4744-A755-AABEB817B60F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{191582EC-7B95-4BD5-A6A2-C2AB31D7831B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{192EBDEE-A1AD-4D47-B45E-030565820CAB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{193B7124-A8BF-47B0-B4E8-7439D59036CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1BC274BD-3450-487F-B9EB-8A50DCBB6265}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{1BCCCD58-6047-4820-B88F-82F7EC492872}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1C0AC365-CDD5-49C3-B948-759ABB39735A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1D7B447F-1291-4906-B404-FDF4D598DE7C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1DA875A7-9277-4068-BA81-E3B4B895A23E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1E2A2B94-228D-4054-BDCC-98C81AEC3871}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1EC633F2-B018-4019-ABE6-313369D4A8E7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22077E96-A977-4C87-BBD8-47CB536416B7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{247E40BE-6F0D-4EDF-A2E9-EA8F027363B2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{24E8C64E-1825-42D3-90AB-AC36D49783D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25EB16B1-905A-4D3C-BD42-942B863BAF2D}" = protocol=6 | dir=in | app=c:\battlefield 2\bf2.exe |
"{27DD9F54-19EA-432F-9C32-745D28E1899F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E81290E-B003-4498-8E2B-124281DA32EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2EDD1032-E0B6-4618-A2DE-892A21CFD886}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2EE8595A-BC32-410C-A5B2-8DF7436B88BD}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{2F788239-4574-4FBD-9B3F-8F772C33C067}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2FA70D61-E627-42B7-8001-B9319F2F46BD}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{31F42B8C-2AD1-498F-A726-0A2DF3981901}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |
"{337C2844-9119-42DF-8AC1-F3523F376445}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{351A0D84-17C5-4976-A05D-B2690EF5FDCC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3805AD25-5AE8-40F4-A1CC-902E589C7CC6}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{3960885B-0692-44B6-80E6-8BFD788029BD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{39E9C597-2409-495A-891F-C47FD432C002}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{3A26DA9D-9871-44F9-A0B5-08CB5380B6BC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3DDF5E83-9E73-4674-9F30-0E9511F45A35}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3EC04D90-693C-4B94-8173-78E98B694DA0}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{3ECE06FB-B644-463F-9F5B-E146BDAA2935}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{3F44DFB3-E17A-4D52-A70F-CD9318236528}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3F698082-916F-4920-A681-18285BE2EEC8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4199FEA0-7016-459E-9E62-5F2034208BAE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{43296C52-061F-4A58-A545-6ACACFFD77A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{45503D69-921A-4287-8AB2-77AD00C70C98}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{461F82FB-0AC2-47AE-BC56-56C42AC33EF5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{465C2F41-CB90-4F68-AFF6-285F7184A8DD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5087D26C-119C-4598-93B7-2280B4757417}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{514CE0CD-DE2E-46C6-B45E-18FABF64CF58}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{52458CB8-843E-4156-B3CB-289055361D52}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5396EF0E-7B29-4B7B-A4C5-F6202457C22F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{560926D5-3717-4FEF-8C69-0CB686C54E99}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{570E3865-12E0-4466-A795-281A15A62605}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mafia ii - public demo\launcher.exe |
"{5B8AA2DE-8EFE-4C78-9254-7C86D9335AB0}" = protocol=6 | dir=in | app=c:\spiele\gtaiv\grand theft auto iv\launchgtaiv.exe |
"{5D046BFB-532A-43BD-B740-EFF1912DCB48}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E01E992-A69D-43A1-A1C9-31F9D0884601}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{5E557849-5188-46EF-9641-16FFCCA64032}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5EA274FF-CE0F-4A9E-9227-129C185B1B60}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{614DA832-5E82-48ED-A8D5-1CDC4F1ACD6E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{615DA2A2-D38E-4DEC-9474-44ECB8F031FD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{620950F1-3B1C-4410-8013-F9E341CC7E07}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{62146642-2583-453D-BF33-A7158346DFDB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{62730A6A-BFCD-4D5F-AA17-2ED87DE3E986}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{62DF3D57-F807-4A38-A3C8-F8FA0F5583CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{630BD6CF-2306-4E25-8B46-C9E934C52187}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{63F1A681-3673-499C-AF6D-E97BEC5EA57D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64F6CC07-E6B7-43C1-9BDC-3AF7876DBBC9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6A8AFFCD-9FED-480F-86B3-4505796A09C0}" = protocol=17 | dir=in | app=c:\program files\logmein hamachi\hamachi-2-ui.exe |
"{6CA63DAE-95CB-40C3-BDF7-EFA7F8AF0785}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CCA280D-1272-4BE4-96D4-C9C058C16408}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6FA2CE4E-3AE3-42B6-A02E-AD42720EC84E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{73A4AAF1-3987-4544-B724-D3E627ABE597}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{73AAD54C-0CCA-4C39-9361-1D878230A7FC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7406F0D0-DC20-437E-8540-F6597B14A173}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{74419F6B-5A3B-4746-99AE-7680342496C5}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{761E7DDC-89D4-403D-9943-79776A44DA8F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{783F9DD1-A556-4976-A1A9-F0C21DC0BAE4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78838572-9495-4247-9F12-66B6EA4045C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7A5D9F3E-01A6-4C70-9327-C8AD9A11EC61}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7B5DEAB9-4699-4389-98E7-2D71E98DF4E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7B6BFB58-814B-4C38-86DD-0D5CCF53A830}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7EC4E16C-5C01-4F3B-B331-188F8974E2D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7ED99049-C669-48E0-AB0D-FB0182CE358B}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{7F2F73CB-3A7D-419F-AB30-04ED20AB19DC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7F65455A-A322-4E1C-B5E0-57AD63E1FB45}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7FB5934E-0CB2-49E6-BBD9-4FA1DCA4A32D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{813B3666-799E-46DA-BF97-F47F7F04E232}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8177357C-FBB9-4A81-A8D5-268A3BB3E7F8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{819C4148-098F-41E8-98DB-4A3356A524C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{83C1C1BF-1AB3-43DF-9B13-365984C35BA9}" = protocol=6 | dir=in | app=c:\program files\concept design\onlinetv 4\onlinetv.exe |
"{851AEF6C-2D3C-4569-AA28-0E5125D8D533}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{857ED66D-B51A-4E29-929B-DBC9ECE18ED1}" = protocol=6 | dir=in | app=c:\program files\logmein hamachi\hamachi-2-ui.exe |
"{864DCD15-488E-4452-A41E-9C61CE2D43F2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8933C867-2F02-4F61-BFFB-E0289A534713}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{89365C6D-26E0-4F40-9D91-2417C9989BEE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{89ADFD42-6C51-4204-A981-45956EEE5B43}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A7C2933-C7A2-4323-8B3E-2C3370B11C71}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8BCB5543-5045-4738-8947-4CF254382911}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C982FB6-AF1C-46A9-88A5-48FD377BA402}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8D20E051-72B9-43D4-9E00-6C4DB8B003C2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8D4095D3-760A-40D2-B260-7769EA729B83}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{8D5433D9-58B1-4836-88CC-E0B3B8BAF77D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8DE037F2-C752-4BC1-99B0-26E6C62E84CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{916E74FA-8529-49F9-917A-39D6DF05A04B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9314837C-C123-46CE-9FC1-ED37CFB02F71}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{95238B4B-E7E4-4BD5-8F2E-712D52E87CD8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96BBCB24-19CB-4E6E-BF81-5696A8EBEEDE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{970DB045-03C6-4EEA-A710-FD8EE248737C}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{978FD010-8987-4DFA-AA33-2A34C9BBB156}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9AADD9FA-77D4-47A8-B7A5-763D8A4DDAC4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B604191-1783-48A8-A22D-10BE098C5DC3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9CA5DCFB-8ED8-418C-A1D1-58F0534F7587}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9EA62D87-06AB-4904-8692-93569BC3107D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9F720118-F9DF-47FD-9848-1B22DCDA7BE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9FB663B1-A112-4AB2-8B66-49D08B841C9F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1454C67-1271-4824-9C29-3DA67F80E54A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A17FA013-9234-4463-9620-F2D126FB1C6D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2237C43-D03F-476D-A989-F83A74CBA2D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A472E87A-2F4A-4759-B3DC-3AACA2A98D93}" = protocol=17 | dir=in | app=c:\spiele\gtaiv\grand theft auto iv\launchgtaiv.exe |
"{A5127336-7211-4470-A3F7-554F2256E7EF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A533E1D2-DFFF-4ADC-901C-F14624634373}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{A646891E-EFFA-4C76-953B-2B1067F24DE5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA2DE1C0-ACD8-4EB5-9DDF-30FFBCF9AEC4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA78F454-53C9-49FE-A13D-A8F5B4FA2641}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB07C68C-F264-499B-A394-72155CD6001D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ACE35864-6519-432F-8DE4-88AE5ACF1639}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AD7D409C-2C55-4540-8931-F46352F99BE8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE4FB651-9248-4860-B735-B582FA2D6F1F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B2266667-D8AD-44FE-A4F3-540856D1BF4C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B2C5BDEB-1DED-4B86-8755-AA1B21049188}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{B489F199-6DDA-4E06-A879-47EF49C60605}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5F15B61-2BA4-472A-8CC4-EC781EDED410}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B6CC106F-BEE1-4BF6-99AE-7839E9F07783}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{B74D3D2B-052C-429C-B909-07C99FCECF4C}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{B7D4D7E5-BEC1-4F02-8DB7-B20A98C08E3C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BA999722-F776-486F-8C0D-97490AD32B89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB202562-0C2E-49AC-87B8-59A61436A29A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD0438A7-8A51-4429-AB17-7B6A950AC189}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF8CFC5A-6A2B-40D0-BAF8-B24675E1A7C1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C08F7BC3-9B8A-4D2C-A76E-A373297867B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C2B2BC92-9B00-46A0-B0F4-F5274A74D95F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C3BD596C-414B-48AC-A42B-DB4B58533444}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C4A4CD35-82E4-4A55-BBA3-B6C282896F57}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C4F7215C-14E5-413B-AF69-7CC0FD7F25EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA84BD22-5F8F-4173-8FBE-8B4707AF8E5F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CAE2B5D4-E08D-4C39-92A6-DE74624C50CA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CCFB2D69-F6DB-4539-BC70-84195FAF2741}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD3E4D33-0738-44E5-B64E-FF22A225A431}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2687DF1-0DB5-4E58-8881-571D2F85BB92}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D27F51D2-82CD-4AAA-BACE-9138B5AFEDEC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2908FB8-DE39-4689-AB54-60994C3A0C39}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4DAAAD4-290B-426A-8002-88BBD9F4E2F2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D7D8C294-5619-49FB-B550-E2141AFE0A76}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mafia ii - public demo\launcher.exe |
"{D8283BAD-F2A1-4206-A66A-1DCE0397F999}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D831DB66-DC09-48E8-BD7F-3C4F1CC8BF30}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{DB8F0F77-5D9C-472A-82C1-E61D981A0E05}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DC14A2AE-FDCF-4F3F-BCBE-E3FBB8CF7E7D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DDB907F0-A920-4AC9-ABCC-1F9B3D6E4520}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |
"{DDDE6CFA-0434-4265-93DD-5C2B2FAB7508}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{DE4DC58F-85C5-4E04-95DA-64FBECDE48E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E01E2FAD-7E0C-4D8C-9661-D340C1F6FD6F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E23F4B41-24F4-4DD2-9A2D-D8AF7A98B048}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E5DA3B4A-44AF-4651-9004-BDD6A922C34B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E734FA17-4581-4751-A790-F86059148999}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E8094055-5AC7-4EDA-9129-0D6103890FEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E91F7DC9-613D-4A96-81D8-3F4058982B89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E9444AC8-43AA-4B45-8F6B-E7581EB1D4B8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EA8E67A0-B9F5-4D7C-AD9E-7C7055FE9C52}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EB02ACA6-C8AD-4BB9-88D8-E210F7564989}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EC51555A-8581-4D7F-869F-10F19AF5DCB8}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{ED5C12EE-F247-4076-A71A-82B6D63B6FA6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EE9C201D-D86D-45D3-9EEF-A3C30E36E06C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F00A8E9A-3835-4938-9A7D-AC29C9137C34}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F191BA2E-F8E4-4591-9AC5-AAD186CD89E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F4152E76-68BB-4816-BBA3-47779D0F162A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F664DBB7-E7FA-4071-96F0-459C20938187}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F7076C8E-7B54-4A13-B945-AA4E773533AE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F7193C1D-7BD9-4A1B-8BAF-68FD9FC7C762}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FA1B47EA-7A59-4FCA-982A-8D0872E9FC1C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB69400F-0859-4D5C-BB4A-95F6808EC703}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC066956-2C7E-46B7-B4C3-962E57764310}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC687A8B-80CE-41D2-9241-51593FC2A90E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC9EB617-EE10-4B40-9F87-C6D37854B142}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FCF2F18E-9B64-491D-A0C2-FBB8B1E35DF1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{0F80DFF0-64CE-4EDA-AEB0-7522A081FFFF}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{17E3A1AF-E723-4805-89DA-9DA87525B4B1}K:\flight simulator 9\fs9.exe" = protocol=6 | dir=in | app=k:\flight simulator 9\fs9.exe |
"TCP Query User{1B60F557-3671-424A-AE2A-FAA9ABFCBF6D}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{20E5DCFB-C2CC-45A4-B40D-67E26D32AD67}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{21CA18DC-DE62-4340-9BBE-989E39C7C929}K:\fshost\fshost32.exe" = protocol=6 | dir=in | app=k:\fshost\fshost32.exe |
"TCP Query User{24930F27-23E9-41E6-9042-3CBD584DCDCA}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{29445C86-D600-4AC3-A5BD-4162033C48FC}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{2C0976CF-5704-4042-9672-005CB35EF08C}C:\program files\microsoft games\microsoft flight simulator x\fsx.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\microsoft flight simulator x\fsx.exe |
"TCP Query User{2C811BED-9BE9-4502-88DA-6498EEEB6593}C:\program files\euroscope\euroscope.exe" = protocol=6 | dir=in | app=c:\program files\euroscope\euroscope.exe |
"TCP Query User{3D258BD7-8008-41CF-A62A-6F8B13AC5A1B}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{4D92BE20-B2ED-404C-8D7E-96CCFB36FF9D}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{4F70C021-556D-43CE-9B37-093B9D0040F6}C:\program files\fsfdt\control panel\fsfdtcp.exe" = protocol=6 | dir=in | app=c:\program files\fsfdt\control panel\fsfdtcp.exe |
"TCP Query User{50B4F2FE-4757-465B-91D4-8765AC1E7C49}C:\program files\csernakgergely\euroscope\euroscope.exe" = protocol=6 | dir=in | app=c:\program files\csernakgergely\euroscope\euroscope.exe |
"TCP Query User{5CEB38A8-2BA7-4A0E-AC8B-0E2F1A1DE651}K:\flight simulator 9\ibmegaserv.exe" = protocol=6 | dir=in | app=k:\flight simulator 9\ibmegaserv.exe |
"TCP Query User{622FB040-24D8-4B58-95AC-1EFB4F01BCF2}C:\program files\csernakgergely\euroscope\euroscope.exe" = protocol=6 | dir=in | app=c:\program files\csernakgergely\euroscope\euroscope.exe |
"TCP Query User{63541456-DD75-444E-9CB2-A263A1AFD151}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{6B0F27D8-006E-4478-A09D-BDCECE21DCF7}C:\program files\microsoft games\microsoft flight simulator x\fsx.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\microsoft flight simulator x\fsx.exe |
"TCP Query User{78542D6C-B8A7-4DC9-839C-78FF5BB45479}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{7B810D73-7F39-47EA-917B-A90F77EDB307}C:\spiele\gtaiv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\spiele\gtaiv\grand theft auto iv\gtaiv.exe |
"TCP Query User{8E932D1B-3543-4DE2-B4BC-3F7E4F034ED9}C:\program files\squawkbox\squawkbox_fs.exe" = protocol=6 | dir=in | app=c:\program files\squawkbox\squawkbox_fs.exe |
"TCP Query User{91D81178-7187-40CC-B463-CC5E8E77E520}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{9C67350B-0B2B-42DE-A800-78E67A688786}C:\program files\java\jre1.6.0_01\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_01\bin\javaw.exe |
"TCP Query User{9F0A58B2-2F35-49F5-BAD5-472D1F221363}C:\america's army\system\armyops.exe" = protocol=6 | dir=in | app=c:\america's army\system\armyops.exe |
"TCP Query User{A20048EA-D843-49FB-BC8D-F2727132B236}C:\program files\vrc\vrc.exe" = protocol=6 | dir=in | app=c:\program files\vrc\vrc.exe |
"TCP Query User{BE5758A7-21B7-4015-845A-86962F9B1DE4}C:\program files\america's army deploy client\aadeployclient.exe" = protocol=6 | dir=in | app=c:\program files\america's army deploy client\aadeployclient.exe |
"TCP Query User{CF4878CD-A837-49FF-8D01-2A2A874A558B}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{D46A192C-254F-4F07-BEEF-866351A7C2D5}C:\program files\fsfdt\fwinn\fwinn.exe" = protocol=6 | dir=in | app=c:\program files\fsfdt\fwinn\fwinn.exe |
"TCP Query User{D5327594-A78A-48D9-8810-7B6F852E925D}C:\program files\fsfdt\fwinn\fwinn.exe" = protocol=6 | dir=in | app=c:\program files\fsfdt\fwinn\fwinn.exe |
"TCP Query User{D53C6214-404E-493A-844E-98FB139AC0F3}K:\flight simulator 9\ibserv.exe" = protocol=6 | dir=in | app=k:\flight simulator 9\ibserv.exe |
"TCP Query User{E26B55B3-3157-402C-85E3-65B0A87E4724}C:\users\****\appdata\local\apps\2.0\p2zv3e7e.7hd\lhh9q00e.ykd\vat_..tion_6024084954dcf4d0_0000.0004_4c74de6f177183a4\vat_earth_fs.exe" = protocol=6 | dir=in | app=c:\users\****\appdata\local\apps\2.0\p2zv3e7e.7hd\lhh9q00e.ykd\vat_..tion_6024084954dcf4d0_0000.0004_4c74de6f177183a4\vat_earth_fs.exe |
"TCP Query User{E78BA2BD-69E9-43BD-ABAA-07ACF8C0A9B9}C:\program files\euroscope\euroscope.exe" = protocol=6 | dir=in | app=c:\program files\euroscope\euroscope.exe |
"TCP Query User{EF627B74-63C0-457C-87D9-5EEFA4C9960B}K:\flight simulator 9\fs9.exe" = protocol=6 | dir=in | app=k:\flight simulator 9\fs9.exe |
"TCP Query User{F0F2977F-B839-4C13-881C-093FCC86A320}C:\spiele\gtaiv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\spiele\gtaiv\grand theft auto iv\gtaiv.exe |
"TCP Query User{FD4765EC-4987-45F6-BD82-866988AC9C05}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{01B0DF2B-B843-428C-9EF1-D29A82A585C8}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"UDP Query User{03A01042-975D-4863-9D78-5DCB34F37D25}C:\program files\squawkbox\squawkbox_fs.exe" = protocol=17 | dir=in | app=c:\program files\squawkbox\squawkbox_fs.exe |
"UDP Query User{121BBF8E-6007-45EC-B439-0ADECD3A2E8C}C:\program files\euroscope\euroscope.exe" = protocol=17 | dir=in | app=c:\program files\euroscope\euroscope.exe |
"UDP Query User{14491DFA-1089-4F17-83E6-F4D0EA4B320A}K:\flight simulator 9\fs9.exe" = protocol=17 | dir=in | app=k:\flight simulator 9\fs9.exe |
"UDP Query User{149BCFFE-2EB1-49E8-9D1E-59DCB48A5D6D}C:\program files\america's army deploy client\aadeployclient.exe" = protocol=17 | dir=in | app=c:\program files\america's army deploy client\aadeployclient.exe |
"UDP Query User{1CC13B49-0B13-4A88-BA85-5A0BA7FB1AC0}K:\fshost\fshost32.exe" = protocol=17 | dir=in | app=k:\fshost\fshost32.exe |
"UDP Query User{222D1AC4-739E-4285-A17D-F76D12DEFCA6}C:\program files\vrc\vrc.exe" = protocol=17 | dir=in | app=c:\program files\vrc\vrc.exe |
"UDP Query User{29795FD3-0F14-4394-B3C1-3D0C8FB136C6}C:\program files\csernakgergely\euroscope\euroscope.exe" = protocol=17 | dir=in | app=c:\program files\csernakgergely\euroscope\euroscope.exe |
"UDP Query User{2CE3DFD6-F157-44F2-AB4A-5FCF287152A9}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{48E26E55-F2A1-422D-9149-5CD65468696F}K:\flight simulator 9\ibserv.exe" = protocol=17 | dir=in | app=k:\flight simulator 9\ibserv.exe |
"UDP Query User{523C3799-E727-4C90-A78A-DEE5827531F2}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"UDP Query User{5278F693-BA47-415D-86D3-D1CFE2EDF7F0}C:\america's army\system\armyops.exe" = protocol=17 | dir=in | app=c:\america's army\system\armyops.exe |
"UDP Query User{56BF4D18-B9E2-4B2C-AC00-B60A2158C9C5}K:\flight simulator 9\ibmegaserv.exe" = protocol=17 | dir=in | app=k:\flight simulator 9\ibmegaserv.exe |
"UDP Query User{5DAC5E41-95EB-4587-9CAA-806AFFB5F8BC}C:\program files\euroscope\euroscope.exe" = protocol=17 | dir=in | app=c:\program files\euroscope\euroscope.exe |
"UDP Query User{6B8EE9A0-D0A4-4962-AFAC-7043FF059DFF}C:\program files\fsfdt\fwinn\fwinn.exe" = protocol=17 | dir=in | app=c:\program files\fsfdt\fwinn\fwinn.exe |
"UDP Query User{6C20CCBE-6565-4989-8052-699206BD37D0}C:\users\****\appdata\local\apps\2.0\p2zv3e7e.7hd\lhh9q00e.ykd\vat_..tion_6024084954dcf4d0_0000.0004_4c74de6f177183a4\vat_earth_fs.exe" = protocol=17 | dir=in | app=c:\users\****\appdata\local\apps\2.0\p2zv3e7e.7hd\lhh9q00e.ykd\vat_..tion_6024084954dcf4d0_0000.0004_4c74de6f177183a4\vat_earth_fs.exe |
"UDP Query User{72E0A699-8856-4C44-B248-7DB8B8C28DCD}K:\flight simulator 9\fs9.exe" = protocol=17 | dir=in | app=k:\flight simulator 9\fs9.exe |
"UDP Query User{77F74A01-37E3-4136-8DD0-AB06B85768B1}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{83676D78-2294-4ED0-95B8-620E121CD132}C:\program files\microsoft games\microsoft flight simulator x\fsx.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\microsoft flight simulator x\fsx.exe |
"UDP Query User{8486BF05-55B9-46A1-81DF-887E6FD773DA}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{9B17A73C-D5BF-4CEF-BD5D-24FE5A37FC30}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{9D941D1B-2A5D-499B-9BCA-FC2D8B480B77}C:\program files\java\jre1.6.0_01\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_01\bin\javaw.exe |
"UDP Query User{A6046E9E-994E-41D4-9DC4-02E52B844A2D}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{A92CB28B-4011-4663-879D-9559CB304A47}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{AFB99A5F-6E3C-4B25-A839-8C8D5AAE3228}C:\program files\fsfdt\control panel\fsfdtcp.exe" = protocol=17 | dir=in | app=c:\program files\fsfdt\control panel\fsfdtcp.exe |
"UDP Query User{B18C76A0-9BB4-4BC4-B054-4FB8113A3647}C:\program files\microsoft games\microsoft flight simulator x\fsx.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\microsoft flight simulator x\fsx.exe |
"UDP Query User{C4210705-CDD7-43C4-A183-43E3C7DE07CA}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{CA3F7A0C-B050-4D2D-B487-4488EA4A245C}C:\program files\fsfdt\fwinn\fwinn.exe" = protocol=17 | dir=in | app=c:\program files\fsfdt\fwinn\fwinn.exe |
"UDP Query User{CDDF7765-3343-4672-A262-95B67C40CFB5}C:\program files\csernakgergely\euroscope\euroscope.exe" = protocol=17 | dir=in | app=c:\program files\csernakgergely\euroscope\euroscope.exe |
"UDP Query User{D0D8860A-4595-4F99-BD2F-A10820317BF7}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{D2EB9370-5D43-46F9-AD69-D372BF544C50}C:\spiele\gtaiv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\spiele\gtaiv\grand theft auto iv\gtaiv.exe |
"UDP Query User{DA0F9B2A-7EED-4350-AF48-035D2121E7D4}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{DD4D26FC-BA47-462B-A7C9-3E7FE4E9CB9B}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{FD61BFEF-39A6-401D-A5D9-A73845C402DE}C:\spiele\gtaiv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\spiele\gtaiv\grand theft auto iv\gtaiv.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01C3630A-7FD2-46DF-B514-A4B829B0021A}" = aerosoft's - German Airports 2 X - FSX
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{04B73EB2-7538-4CC4-BBD6-5463E508B69B}" = aerosoft's - Balearic Islands X for FSX
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{0705EEB6-2F15-4D19-B37D-84C953E93D18}" = aerosoft's - German Airports 2 X - FS2004
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0A902DF4-B767-49DB-98D3-D413E6F1E703}" = World of Subways Vol.2
"{0E19A83E-F53B-40CF-8C91-96F32D955E6A}" = LightScribe System Software 1.10.23.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4200" = Canon iP4200
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series" = Canon iP4700 series Printer Driver
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{1BCE2581-B7CA-4BB4-BDFB-D113506AA38B}" = HP Easy Setup - Frontend
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{2F76FF6D-B992-4FD9-8686-F09F868B2C58}" = FSNavigator
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{4D401B5C-5407-41E8-808F-584E5F46F2EB}" = aerosoft's - German Airports 3 X - FS2004
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}" = MSTS Patch 1.8.0521 EN
"{59FF06C1-A663-4839-9792-5AE37C724072}" = Just Flight World Airports 2 FS2004 v1.00
"{5EE08A0C-9C8B-4FEA-9E1D-31124A90FF75}" = aerosoft's - Balearic Islands X for FS2004
"{6360C5E9-2842-4213-88B9-47D814FAAD54}" = aerosoft's - German Airports 3 X - FSX
"{64B20B36-AEE7-4DD4-897C-C5DA5C218F60}" = Logitech Gaming Software 5.02
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C3D43F9-72E2-4DEB-98E9-E98AB49BDBCF}" = Kamchatka. The Lost World
"{6D6204C8-6B1D-4FBA-ADA9-CB6DFF9BF80D}" = America's Army Deploy Client
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8F702E8C-D01F-4128-AD93-4A9AE07603A9}" = Aerosoft's - German Airfields FREE - Wasserkuppe
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91309FCB-3520-4579-9BD8-6B8BF39C773A}_is1" = VRS F/A-18E Superbug
"{93878DDD-E621-4AFF-8203-2658451A3636}" = EuroScope 3.1d
"{93E61AF4-29C4-11D9-A9CC-0080AD30B67D}" = Landscape Germany Mesh
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{97679567-0095-464E-B5F2-E218A1CF3421}" = PMDG747_400 Queen of the Skies
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B71B617-17A0-46C8-88CD-D21FD1F427C8}" = ActiveSky Version 6 and ActiveSky Graphics
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A486DC51-FE1D-4ADE-B12D-1501002978AE}" = XAcars for MSFS
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A901BF63-29AD-49A3-B067-231925E98B62}_is1" = Version 1.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA755AA7-B941-48A0-828C-7F43975E3EDE}_is1" = XAcars for Microsoft Flightsimulator
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.3 - Deutsch
"{AF7362B6-BD39-4848-A991-3BA4319444AC}" = Landscape Germany Landclass
"{B578C85A-A84C-4230-A177-C5B2AF565B8C}" = Microsoft Games for Windows - LIVE Redistributable
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C539AF6F-9DB3-458C-9274-1F3EE3291FB1}" = Abacus EZ-Libraries
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C87E5016-201A-11D9-A9CC-0080AD30B67D}" = Landscape Germany Rivers
"{C8D47273-7A1A-4614-A3D8-263632D8A5ED}" = HP Customer Experience Enhancements
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF48A02C-E0F0-4A8A-BAB3-EDB68DD0BD49}" = Saitek SD6 Programming Software 6.6.6.9
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D873FA4B-C374-4F8A-8D9A-130DB56FAB16}" = America's Army
"{DE3FCA5F-7B8A-482B-89A9-CC9BD5F656A1}" = UEFA EURO 2008™
"{DF270969-CDFB-4005-B0A1-0CE6F19AB76A}_is1" = MSTS Bernina Bahn v0.7
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E63F475A-0FA0-4D63-9A83-09DDF8A7D226}" = KVB Linie 5 Version 3
"{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}" = Microsoft Flight Simulator X Service Pack 2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3CA05B7-B4C0-4C9B-AAA6-16B868B35DF2}" = TrackIR5
"{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"{F722E488-A5B5-47ff-AA9B-4DE6CE7914CA}" = Windows 7 Upgrade Advisor
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FB9C5329-F982-435C-AEC5-EE0A75EE6395}" = muvee autoProducer 6.1
"{fef8097e-662d-49b3-aa77-2919db3746d7}" = HP Total Care Advisor
"{FF61952D-09F6-4BE4-A1EA-8AA6EA060A1C}" = Virtual Dispatch
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFC78FC9-2FE6-4648-BFEB-446C61C2D61E}" = FSacars
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"ActivityChanger 1.5" = ActivityChanger 1.5
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AirSimmer A320 Family SL" = AirSimmer A320 Family SL 0.5.0
"ALMATY9 V2.0" = ALMATY9 V2.0
"AOL Toolbar" = AOL Toolbar 5.0
"Audacity_is1" = Audacity 1.2.6
"Auf der Marschbahn nach Westerland" = Auf der Marschbahn nach Westerland
"AutoAtis_is1" = AutoAtis v3.0.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"BOB Integral" = BOB Integral
"Bridge Commander" = Star Trek Bridge Commander
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"Carenado Mooney M20J" = Carenado Mooney M20J
"CCleaner" = CCleaner
"DCS Black Shark" = DCS Black Shark
"Der VerkehrsGigant" = Der VerkehrsGigant
"Dolomynum" = Dolomynum (remove only)
"Durch den Schwarzwald nach Offenburg" = Durch den Schwarzwald nach Offenburg
"Euro Truck Simulator" = Euro Truck Simulator 1.00
"Eve of Destruction Levels_is1" = Eve of Destruction 2.0 Levels
"Eve of Destruction_is1" = Eve of Destruction v2.0
"Faros Freeplay FMGS for A320" = Faros Freeplay FMGS for A320
"FinnMesh 2.0" = FinnMesh 2.0
"FinnTerrain 1.8" = FinnTerrain 1.8
"FIS2005_is1" = FIS2005 1.0
"Flight Book System" = Flight Book System 1.0
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt
"FlightGear_is1" = FlightGear v2.0.0
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.0
"FreeZ" = FreeZ
"FSCheckride1.4 by FS2Crew" = FSCheckride1.4 by FS2Crew
"FSFDT FSCopilot" = FSFDT FSCopilot
"FSFDT FSInn" = FSFDT FSInn
"FSFDT VIP Standard 2004" = FSFDT VIP Standard 2004
"FS-ScenerySync_is1" = FS-ScenerySync 1.0.0.1
"Google Updater" = Google Updater
"Hamburg-City Scenery " = Hamburg-City Scenery
"HolmenkollbanenV1.1" = HolmenkollbanenV1.1
"HOMESTUDENTR" = Microsoft Office Home and Student 2007-Testversion
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"IBNetPlayer" = IBNetPlayer
"ICQToolbar" = ICQ Toolbar
"IFSD Irish Scenery1.11 Full" = IFSD Irish Scenery
"Indeo® software" = Indeo® software
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"ISD PROJECT LIML2004" = ISD PROJECT LIML2004
"KVB B-Wagen Pack Vol. 3" = KVB B-Wagen Pack Vol. 3
"KVB K4000 Pack Vol. 1" = KVB K4000 Pack Vol. 1
"KVB Linie 6/12/15" = KVB Linie 6/12/15 1.30
"KVB-SWB K5000-Pack Vol.2" = KVB-SWB K5000-Pack Vol.2
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malta Intl. Airport V1.0" = Malta Intl. Airport V1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mega Scenery Zvartnots - Armenia 2008 for FS2004 1.00" = Mega Scenery Zvartnots - Armenia 2008 for FS2004 1.00
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"Mumble" = Mumble and Murmur
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnose Tools
"ProTrain 12 Karlsruhe - Basel 1.0" = ProTrain 12 Karlsruhe - Basel 1.0
"ProTrain 12 Weihnachtsspecial 1.0" = ProTrain 12 Weihnachtsspecial 1.0
"ProTrain 17 München-Salzburg 1.0" = ProTrain 17 München-Salzburg 1.0
"ProTrain 25 Koblenz - Giessen "Lahntalbahn" 1.0" = ProTrain 25 Koblenz - Giessen "Lahntalbahn" 1.0
"PSpice Student" = PSpice Student 9.1
"PunkBusterSvc" = PunkBuster Services
"QIP 2005_is1" = QIP 2005 8081
"QIP2005" = QIP 2005 Uninstall
"RealPlayer 12.0" = RealPlayer
"Rigs of Rods" = Rigs of Rods 0.36.2
"Ruta Sierras de Cordoba" = Ruta Sierras de Cordoba 1.0
"Ryanair Photoreal Repaint v4" = Ryanair Photoreal Repaint v4
"Samdim Design Antonov An-24RV" = Samdim Design Antonov An-24RV
"sceenPusher_is1" = screenPusher 1.3
"SimSig Edinburgh_is1" = SimSig Edinburgh V2.207
"SimSig System_is1" = SimSig V2.103
"SkyTest® Piloten Edition, Vista-Update 1_is1" = SkyTest® Piloten Edition, Vista-Update 1
"SkyTest® Piloten Edition_is1" = SkyTest® Piloten Edition 2.1
"Soekarno-Hatta airport scenery" = Soekarno-Hatta airport scenery
"SP1_F535B2CF-C9BB-4162-B03A-02D6971F32CC" = Microsoft Flight Simulator X Service Pack 1
"SquawkBox" = SquawkBox
"ST6UNST #1" = ICAO Editor
"Steam App 50280" = Mafia II - Demo
"STP DB ICE3 403" = STP DB ICE3 403
"Straßenbahn ( GT8-80-C ) 1.0" = Straßenbahn ( GT8-80-C ) 1.0
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 4" = TeamViewer 4
"TmNationsForever_is1" = TmNationsForever
"Train Simulator 1.0" = Microsoft Train Simulator
"Train Store V3.2" = Train Store V3.2
"Tramway de Bordeaux - Ligne A v2.5 beta" = Tramway de Bordeaux - Ligne A v2.5 beta
"TVUPlayer" = TVUPlayer 2.5.3.1
"UK2000 Birmingham Xtreme" = Remove UK2000 Birmingham Xtreme files
"UK2000 Edinburgh Xtreme" = Remove UK2000 Edinburgh Xtreme files
"UK2000 Gatwick FREE" = Remove UK2000 Gatwick FREE files
"UK2000 Gatwick Xtreme" = Remove UK2000 Gatwick Xtreme files
"UK2000 Glasgow Xtreme" = Remove UK2000 Glasgow Xtreme files
"UK2000 Heathrow Xtreme" = Remove UK2000 Heathrow Xtreme files
"UK2000 Stansted Xtreme" = Remove UK2000 Stansted Xtreme files
"vasFMC FS2004 Gauge_is1" = vasFMC 2.0a9
"VATroute" = VATroute 0.0.1.021
"vBus 2.2.1" = vBus 2.2.1
"VERONA VFR SCENERY" = VERONA VFR SCENERY
"VirtualBus" = VirtualBus A6C RC2.2
"VirtualBus_is1" = VirtualBus A6C RC3
"VRC" = VRC
"WildTangent hp Master Uninstall" = My HP Games
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"XMedia Recode" = XMedia Recode 2.1.8.4
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
" Coche Motor Zanello - FCC" = Coche Motor Zanello - FCC
"03a05e79d7136a65" = VATEarth Flight Simulator Client
"171a3bd25b2ddd36" = vroute.info
"5b954f6f7a1d5673" = Wee Tune Beastie
"737 Pilot in Command" = 737 Pilot in Command
"737 Pilot in Command (FSX - Vista)" = 737 Pilot in Command (FSX - Vista)
"De Hoekse Lijn v1.0" = De Hoekse Lijn v1.0
"Erfurt 2008" = Erfurt 2008
"Flyscenery Merrill C. Meigs Field Airport (KCGX)" = Flyscenery Merrill C. Meigs Field Airport (KCGX)
"Fokker 70-100" = Fokker 70-100
"Fokker 70-100 FSX" = Fokker 70-100 FSX
"QIP 2005" = QIP 2005 8092
"Rübelandbahn Version 1.1" = Rübelandbahn Version 1.1
"Seamulator 2009 Demo" = Seamulator 2009 Demo
"vBus" = vBus
"Wupper Express 11 Actpack 1.0" = Wupper Express 11 Actpack 1.0
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
| Themen zu Antimalware Doctor entfernt, trotzdem verdächtige Datei übrig (azlkl.sys) |
| adware.resultdns, antivir guard, avgntflt.sys, avira, bho, browser, computer, desktop, device driver, diagnostics, fehler, google, hijack, hijackthis, home, home premium, iastor.sys, install.exe, installation, local\temp, logfile, malware bytes, mozilla, nicht gefunden, plug-in, programdata, prozesse, quelldatei, realtek, registry, rogue.antimalwaredoctor, rundll, senden, software, start menu, stick, system, usb, warnung |
Hybrid-Darstellung
