| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt....Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
24.04.2011, 16:22
| #1 |
| |  Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... Hallo liebe Spezialisten Ich habe mir auch diesen /TRKazy.mekml.1 eingefangen. Habe mbam.exe drüberlaufen lassen OTL ist auch fertig Logfiles von Ccleaner mit unhide.exe die Ordner wieder sichtbar gemacht Hier die verschiedenen Logfiles in der Reihenfolge: mbam 1tes mal mbam 2tes mal OTL extras OTL.txt CCleaner Ich hoffe ich hab alles richtig gemacht. Hab versucht mich absolut an eure Regeln zu halten, und hoffe auf eure Hilfe. Vielen Dank im Voraus Grüße von der Alb Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6433
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
24.04.2011 16:28:20
mbam-log-2011-04-24 (16-28-20).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 144611
Laufzeit: 5 Minute(n), 27 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 1
Infizierte Dateien: 4
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LyxDpHvjYMMKj (Trojan.FakeAlert) -> Value: LyxDpHvjYMMKj -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
c:\Users\Ziemann\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery (Trojan.FakeAV) -> Quarantined and deleted successfully.
Infizierte Dateien:
c:\programdata\lyxdphvjymmkj.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Ziemann\AppData\Local\Temp\adobe_flash_player.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Ziemann\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery\uninstall windows recovery.lnk (Trojan.FakeAV) -> Quarantined and deleted successfully.
c:\Users\Ziemann\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery\windows recovery.lnk (Trojan.FakeAV) -> Quarantined and deleted successfully.
Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6433
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
24.04.2011 16:37:41
mbam-log-2011-04-24 (16-37-40).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 144490
Laufzeit: 5 Minute(n), 10 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter OTL Extras logfile created on: 24.04.2011 17:04:55 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Ziemann\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 43,07 Gb Free Space | 18,50% Space Free | Partition Type: NTFS
Drive D: | 74,53 Gb Total Space | 23,11 Gb Free Space | 31,01% Space Free | Partition Type: NTFS
Drive F: | 1,90 Gb Total Space | 0,42 Gb Free Space | 22,21% Space Free | Partition Type: FAT
Drive J: | 7,82 Gb Total Space | 7,81 Gb Free Space | 99,88% Space Free | Partition Type: FAT32
Computer Name: ZIEMANN-PC | User Name: Ziemann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.reg [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-808143684-1996383929-3073386593-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{059978B8-AF11-4939-B34B-C911E983DFB4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\crysis 2 - demo\bin32\crysis2demo.exe |
"{05B4BEB6-765A-41E9-92BA-15DE974200C5}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{1B829170-4ACF-4568-99EA-F4B65F21F838}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe |
"{1BA71F88-2CBE-435D-9E6E-F0A42B16F2D4}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{1C3697FF-FE79-4DDD-A274-7B15BA06352C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{1D66389A-A8AC-4092-884B-A7EA0932281F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{208B3107-9265-4D0D-8AB5-73DE5950180E}" = protocol=6 | dir=in | app=c:\programme\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{2735988D-3820-4929-A114-EE056E604D04}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe |
"{2B1F4074-5452-4601-9BEC-30825B886A44}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe |
"{2B5019B1-D7FF-414D-87FC-708A7FDB10F2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2BD1BC36-C18D-4F27-8B5C-E4FB57E2FA94}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{2C604F80-0680-4CB6-9EAF-6B48EC4BB6E1}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{2DD92269-074C-4103-A4F5-1FDF92E4810E}" = protocol=17 | dir=in | app=c:\programme2\rockstar games social club\rgsclauncher.exe |
"{3AA01309-D94B-4CB1-8747-30FD9E2AAD0E}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{438AAD80-1AD4-436D-9449-B676699130EB}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4B98948B-8C70-4043-A864-25DA190B7C36}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\crysis 2 - demo\bin32\crysis2demo.exe |
"{4C8221CC-F3CC-4C02-814A-F4336F58F6AF}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{4CBACA5A-B53B-440B-9BBD-90F15F868129}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{52C234EF-5969-40C1-8C49-DD22515AE32C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{53281C8C-8ED7-4F7E-9BF4-3086AAC779CF}" = protocol=17 | dir=in | app=d:\tobit clipinc\player\clipinc-player.exe |
"{54808D7C-13AB-4314-9081-E8BCFA995ED2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{5FC03FF6-8BFC-4B08-9A12-293332B4F768}" = protocol=6 | dir=in | app=c:\program files\eidos\kane and lynch dead men\kaneandlynch.exe |
"{62C3AABA-741A-4FA0-85CC-BABFE25F32FB}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{66B4120F-0EA0-44E7-8B4C-29AB6A2D710B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{6F70F964-463A-4DBE-BDB7-B8CACB78DC20}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{711DFE40-A36D-4680-BC56-87F3E58E1084}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"{7332E6AA-F503-4E31-8189-553C356CAC02}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{7432A757-603B-494F-8F6A-694FADB48D37}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7504475D-91F2-4313-B179-88EB5169DDC5}" = protocol=17 | dir=in | app=c:\program files\eidos\kane and lynch dead men\kaneandlynch.exe |
"{7A22056E-BD4B-489E-B98D-C70711B831FD}" = protocol=17 | dir=in | app=d:\tobit clipinc\server\clipinc-server.exe |
"{7D563071-1E59-47F0-B7B7-FD5DF9D56372}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"{80552943-6D5A-4B1D-8B5D-BB5B1200F860}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{82783FBC-4E74-4F30-AA5D-CAA18500E877}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{921B19AD-865A-4EF3-96D9-CE670F414654}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{9369548D-7406-4DEB-9BF4-A2CCCF3A170E}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{946467C3-02B5-4C52-A8C8-320F4D88326B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{958D04E7-D273-449F-96A0-A3F5A87850EF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{9AE73EAA-1087-4473-B1C9-44463A4C2D64}" = protocol=17 | dir=in | app=c:\programme2\grand theft auto iv\launchgtaiv.exe |
"{9BF38E43-37A9-4149-A722-4B8DD6555B37}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{9DA6B879-EAEA-4333-91D6-80FD212BAE3D}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"{A25A9BB3-347A-465F-93C2-A8D1DA189A65}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{A5F6B4A7-8894-4F5E-922C-B3C3F77D23F0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A61E849F-DD1C-43A0-8896-C07248BD35D2}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{B2EE82F2-29F9-4649-BDEC-EDE9EF5D6307}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{B8265303-1924-4904-9A52-6338F584D9C5}" = protocol=6 | dir=in | app=d:\tobit clipinc\player\clipinc-player.exe |
"{BE8A6BEE-6747-4DF9-953B-874BF92C0A71}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{CC3FD93F-7797-4F6C-924D-2B0955D0B99B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe |
"{CD15DC1A-DD59-4946-BAA7-B3D890A9C5C1}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"{CE10EE14-D10A-4EC6-A629-CF7B707DD973}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{CEF0F78E-15A8-4D05-AD15-D4AEF33A0B9E}" = protocol=6 | dir=in | app=c:\programme2\grand theft auto iv\launchgtaiv.exe |
"{D8200DDB-FAA4-457C-A671-CE1BE9DEB6FF}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{D9A891C0-12A2-4F91-84C7-C0F53D8B225E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{DA5B2794-45EA-412B-AF3E-35338604BB09}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E59FE447-5098-4DEA-B052-8CA2B620C9AC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{E94D8B80-45E3-4341-A5F4-D90131DE3A22}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"{F07A353A-09E5-4172-9E83-A2E6D966345A}" = protocol=6 | dir=in | app=d:\tobit clipinc\server\clipinc-server.exe |
"{F4A6CB0F-EA78-4CEA-BD13-4D86E0E8511E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F6746176-654E-414E-9632-EBA0EEEA5CA2}" = protocol=6 | dir=in | app=c:\programme2\rockstar games social club\rgsclauncher.exe |
"{F71D3346-E9EE-4151-A4B4-FC7C27D8F5DC}" = protocol=17 | dir=in | app=c:\programme\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{FCBD527C-1AB5-42D3-8BFF-3CC5FDA0CEE1}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"TCP Query User{036C6779-99CC-4536-907E-A31034BB50F6}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{0412A432-1B15-4C7F-9639-02E68FCC3EAB}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{10DC371D-C9FC-400B-B8A0-F3515ECBA589}C:\program files\zyxel\ndu\ndu.exe" = protocol=6 | dir=in | app=c:\program files\zyxel\ndu\ndu.exe |
"TCP Query User{280B771B-735C-4C7A-BC0B-29931FBBA162}C:\program files\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{3051CCC2-CA5F-468C-9376-49D030CE76CD}C:\wsftp\ws_ftp\ws_ftp95.exe" = protocol=6 | dir=in | app=c:\wsftp\ws_ftp\ws_ftp95.exe |
"TCP Query User{348184B3-CEF8-4833-B9B6-E63B3FB34CCF}C:\program files\eidos\kane and lynch dead men\kaneandlynch.exe" = protocol=6 | dir=in | app=c:\program files\eidos\kane and lynch dead men\kaneandlynch.exe |
"TCP Query User{375C6E67-DA3D-465F-9A17-FB16D2582259}C:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{69DCEE35-812C-4ACE-A740-4B2C8506671D}C:\program files\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty\codmp.exe |
"TCP Query User{71B0EC0E-2815-4A41-983C-93FBFC45337E}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{7DCD9BA6-84FD-48A9-B984-D56E1A9573FE}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{7F590617-4810-4ABC-A346-62AE7438AC5A}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{7FC5CB51-11B0-465B-93D6-C8B05B230812}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"TCP Query User{89611584-29E5-483D-9E9B-42765FF48195}C:\programme2\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\programme2\grand theft auto iv\gtaiv.exe |
"TCP Query User{909E323D-FE33-4244-9DC0-0F0935FAE7D6}C:\program files\zyxel\ndu\ndu.exe" = protocol=6 | dir=in | app=c:\program files\zyxel\ndu\ndu.exe |
"TCP Query User{9EB7C65F-E263-48F8-8FF4-24CED99D60B3}C:\program files\digion\dixim media client\dmclient.exe" = protocol=6 | dir=in | app=c:\program files\digion\dixim media client\dmclient.exe |
"TCP Query User{A4A5AD72-C2E4-4058-803D-B14748452409}C:\program files\activision\call of duty - world at war\codwawmp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"TCP Query User{A81DB1B7-109C-450F-A598-D6E661DCB9B8}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{B4720D6B-DDC3-4816-A933-677B9B7C78B0}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{B4756518-DC13-4ABD-9A0D-3C752E9A1AF1}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{BE5CA166-99F9-4A15-B3F7-CED2E5E5749D}C:\program files\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty\codmp.exe |
"TCP Query User{C6DED90D-7B9B-447B-AB98-70497AA2D1C9}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{D9DEF336-125E-4B55-B90A-114FAE6619B0}C:\program files\atari\deer hunter 2005 demo\dh2005demo.exe" = protocol=6 | dir=in | app=c:\program files\atari\deer hunter 2005 demo\dh2005demo.exe |
"TCP Query User{DB8E233A-AAE1-4A1D-8EBB-0351509104BE}C:\program files\jägerprüfungbw\jägerprüfung-bw.exe" = protocol=6 | dir=in | app=c:\program files\jägerprüfungbw\jägerprüfung-bw.exe |
"TCP Query User{E4D5B0A9-2159-436E-BC7A-24F7EC499DB2}C:\program files\electronic arts\medal of honor\binaries\moh.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\medal of honor\binaries\moh.exe |
"TCP Query User{E7B8B283-C157-436D-8571-023AACE29143}C:\program files\electronic arts\medal of honor\mp\mohmpgame.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\medal of honor\mp\mohmpgame.exe |
"TCP Query User{F5F4201A-C5A7-44BB-90FE-294EBA877F02}C:\program files\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"UDP Query User{09AE6510-B18B-4A77-9A17-42D23B3EDEA1}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{11C24341-3B74-4EA3-B378-AE98A3CE5DE0}C:\program files\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty\codmp.exe |
"UDP Query User{1DAED162-00A9-4DB0-B78B-5062F7D2D2E3}C:\program files\activision\call of duty - world at war\codwawmp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"UDP Query User{1E6D7FDE-7B83-406B-BB68-28F5B0FB8076}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{2A0776A1-2A3C-46AA-888A-497B6714A166}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{3B8844FD-7DDC-4CF4-BE9A-06F4264690CF}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{4A084CB2-0BD1-4D73-8760-989FABF66ECE}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{4FAEB8C2-3D7E-4529-A576-15A7E8E83F05}C:\program files\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty\codmp.exe |
"UDP Query User{7F8CE61D-D5E2-4DE5-BD70-31FA7F484193}C:\program files\jägerprüfungbw\jägerprüfung-bw.exe" = protocol=17 | dir=in | app=c:\program files\jägerprüfungbw\jägerprüfung-bw.exe |
"UDP Query User{8381D1C1-A44A-4FC6-AF05-E1906404B54F}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"UDP Query User{919B6444-B4E2-4174-8990-F500CCA39741}C:\programme2\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\programme2\grand theft auto iv\gtaiv.exe |
"UDP Query User{9BD9F474-D2D9-4C08-8C00-B67CCEFD9303}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{9D1ACABC-B1F5-4BFF-9153-A0260ED58FA2}C:\program files\electronic arts\medal of honor\mp\mohmpgame.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\medal of honor\mp\mohmpgame.exe |
"UDP Query User{9FD8A361-F0C0-4D99-8689-654955588A03}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{A024925B-5FDD-4A19-AA76-D9FEADDE5314}C:\program files\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"UDP Query User{A21D7854-F79A-44AF-99C5-9F15D7C12B00}C:\program files\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"UDP Query User{A5BED59B-529A-4F2C-B7D8-500929BBA63D}C:\program files\digion\dixim media client\dmclient.exe" = protocol=17 | dir=in | app=c:\program files\digion\dixim media client\dmclient.exe |
"UDP Query User{AB5B6DFA-C7E5-49B1-BAA0-0906201A11E6}C:\wsftp\ws_ftp\ws_ftp95.exe" = protocol=17 | dir=in | app=c:\wsftp\ws_ftp\ws_ftp95.exe |
"UDP Query User{AC136E5A-4260-4F82-9D43-C063D2BE6648}C:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{BEFC07F2-6FF5-4B8E-A257-A742DB7B2882}C:\program files\eidos\kane and lynch dead men\kaneandlynch.exe" = protocol=17 | dir=in | app=c:\program files\eidos\kane and lynch dead men\kaneandlynch.exe |
"UDP Query User{CA523E88-3F03-4016-9D9F-93C5F7AFB8AD}C:\program files\zyxel\ndu\ndu.exe" = protocol=17 | dir=in | app=c:\program files\zyxel\ndu\ndu.exe |
"UDP Query User{CF3D0B56-7ECC-489B-BFEC-1268CED81BA8}C:\program files\electronic arts\medal of honor\binaries\moh.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\medal of honor\binaries\moh.exe |
"UDP Query User{D87244C1-6302-4A4A-819F-4FD0B428D351}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{E07FE89D-3821-4677-9E68-5056C5AE1CCB}C:\program files\zyxel\ndu\ndu.exe" = protocol=17 | dir=in | app=c:\program files\zyxel\ndu\ndu.exe |
"UDP Query User{E52E99A9-A782-4B9C-AC09-112F0475A700}C:\program files\atari\deer hunter 2005 demo\dh2005demo.exe" = protocol=17 | dir=in | app=c:\program files\atari\deer hunter 2005 demo\dh2005demo.exe |
"UDP Query User{EE686BEA-F1AE-4534-9028-F1C5A2CC2025}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{18B5996A-643E-4176-9BEB-27C45C9F1FC3}" = Nokia Map Loader
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1A34A639-9B62-4FCD-842F-E67140F86C8D}" = Zusatzmodul GPS-Pilot
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = PhotoStitch
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{37A54340-6655-4FFC-BC4C-0B945764DA4B}" = Canon PhotoRecord
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90840407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90AF0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB}" = PC Connectivity Solution
"{A66C4716-7E10-4A53-8101-00C3C11D6A9C}" = Kane and Lynch: Dead Men
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B009CA39-449B-4733-B12D-DDBEC83F1963}" = NDU
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}" = LevelOne WNC-0301
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA75B93A-AA3C-4B4F-B942-C078432E9A10}" = Tacho+Personal
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Windows-Treiberpaket - Nokia Modem (06/09/2010 4.5)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AfuP - Amateurfunkprüfungstraining_is1" = AfuP 1.6.1
"a-squared Free_is1" = a-squared Free 4.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Call of Duty" = Call of Duty
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem (03/05/2008 3.7)
"CCleaner" = CCleaner
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Combat Arms EU" = Combat Arms EU
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem (03/13/2008 6.86.0.1)
"EA Download Manager" = EA Download Manager
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"EEEE705096F837B7907659F100C9FE6DA001970F" = Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.7)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}" = LevelOne WNC-0301
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"mp3-2-wav" = mp3-2-wav converter 1.14
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Philips DF2000 GSM Handset" = Philips DF2000 GSM Handset Software
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"SimpleOCR 3.1" = SimpleOCR 3.1
"SpeedFan" = SpeedFan (remove only)
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.3
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 34830" = Sniper: Ghost Warrior
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 99850" = Crysis 2 Demo
"SystemRequirementsLab" = System Requirements Lab
"TachoPlusFreeDriver" = TachoPlusFreeDriver
"Uninstall_is1" = Uninstall 1.0.0.1
"Video mp3 Extractor_is1" = Video mp3 Extractor
"VLC media player" = VLC media player 0.9.8a
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22.04.2011 15:38:30 | Computer Name = Ziemann-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 23.04.2011 02:54:40 | Computer Name = Ziemann-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 23.04.2011 17:32:58 | Computer Name = Ziemann-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 24.04.2011 04:54:09 | Computer Name = Ziemann-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 24.04.2011 08:41:58 | Computer Name = Ziemann-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 24.04.2011 09:04:15 | Computer Name = Ziemann-PC | Source = EventSystem | ID = 4609
Description =
Error - 24.04.2011 09:34:24 | Computer Name = Ziemann-PC | Source = EventSystem | ID = 4609
Description =
Error - 24.04.2011 09:37:10 | Computer Name = Ziemann-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 0.0.0.0, Zeitstempel 0x4d334d98,
fehlerhaftes Modul iexplore.exe, Version 0.0.0.0, Zeitstempel 0x4d334d98, Ausnahmecode
0x40000015, Fehleroffset 0x0008cb40, Prozess-ID 0x36c, Anwendungsstartzeit 01cc0284b4ec743b.
Error - 24.04.2011 10:03:03 | Computer Name = Ziemann-PC | Source = System Restore | ID = 8209
Description =
Error - 24.04.2011 10:30:56 | Computer Name = Ziemann-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ System Events ]
Error - 24.04.2011 11:05:42 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 24.04.2011 11:05:47 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 24.04.2011 11:05:47 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 24.04.2011 11:05:47 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 24.04.2011 11:05:47 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 24.04.2011 11:05:47 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 24.04.2011 11:05:58 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 24.04.2011 11:06:28 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 24.04.2011 11:06:58 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 24.04.2011 11:07:28 | Computer Name = Ziemann-PC | Source = Service Control Manager | ID = 7001
Description =
< End of report >
Code:
ATTFilter OTL logfile created on: 24.04.2011 17:04:55 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Ziemann\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 43,07 Gb Free Space | 18,50% Space Free | Partition Type: NTFS Drive D: | 74,53 Gb Total Space | 23,11 Gb Free Space | 31,01% Space Free | Partition Type: NTFS Drive F: | 1,90 Gb Total Space | 0,42 Gb Free Space | 22,21% Space Free | Partition Type: FAT Drive J: | 7,82 Gb Total Space | 7,81 Gb Free Space | 99,88% Space Free | Partition Type: FAT32 Computer Name: ZIEMANN-PC | User Name: Ziemann | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Ziemann\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Windows\System32\sdclt.exe (Microsoft Corporation) PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) PRC - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) PRC - C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Ziemann\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (a2free) -- C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software GmbH) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH) ========== Driver Services (SafeList) ========== DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (fwlanusbn) -- C:\Windows\System32\drivers\fwlanusbn.sys (AVM GmbH) DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin) DRV - (SNP2STD) USB2.0 PC Camera (SNP2STD) -- C:\Windows\System32\drivers\snp2sxp.sys () DRV - (RTL85n86) -- C:\Windows\System32\drivers\RTL85n86.sys (Realtek) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation) DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider) DRV - (pgsmmdm) -- C:\Windows\System32\drivers\pgsmmdm.sys (MCCI) DRV - (pgsmmdfl) -- C:\Windows\System32\drivers\pgsmmdfl.sys (MCCI) DRV - (pgsmbus) Philips DF2000 GSM Handset Composite Device driver (WDM) -- C:\Windows\System32\drivers\pgsmbus.sys (MCCI) DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) DRV - (DT T-Sinus 130data(R)) DT T-Sinus 130data(R) -- C:\Windows\System32\drivers\dtusbxp.sys (Deutsche Telekom) DRV - (giveio) -- C:\Windows\system32\giveio.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://forum.waffen-online.de/" FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..keyword.URL: "hxxp://" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.17 10:23:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.09.10 15:02:50 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2011.02.12 16:42:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.17 10:23:09 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.03 21:08:42 | 000,000,000 | ---D | M] [2009.12.25 12:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ziemann\AppData\Roaming\Mozilla\Extensions [2011.04.01 18:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ziemann\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions [2011.04.24 15:52:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.04.24 15:52:58 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.04.24 15:52:58 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Ziemann\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.04.24 15:52:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.04.24 15:52:59 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2011.04.24 15:52:59 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2011.04.24 15:52:57 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\engine@conduit.com [2011.04.24 15:52:57 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\foxyproxy@eric.h.jung [2011.04.24 15:52:57 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tmyu75u7.default\extensions\youtube2mp3@mondayx.de [2011.04.01 18:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2010.03.17 10:23:13 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2009.01.04 18:59:59 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll [2009.12.02 10:31:53 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2009.12.02 10:31:53 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2009.12.02 10:31:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2009.12.02 10:31:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2009.12.02 10:31:53 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.01.06 17:51:22 | 000,290,820 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 10017 more lines... O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found. O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKCU..\RunOnce: [Shockwave Updater] File not found O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe (Clarus, Inc.) O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.) O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/x-mrml {C51721BE-858B-4A66-A8BF-D2882FF49820} - C:\Program Files\Common Files\A&W\MidRadio.ocx (YAMAHA CORPORATION) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0a3e5456-cff7-11dc-9765-0030f1997c69}\Shell - "" = AutoRun O33 - MountPoints2\{0a3e5456-cff7-11dc-9765-0030f1997c69}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a O33 - MountPoints2\{2be37705-c9f2-11df-9913-0019db67d58c}\Shell\AutoRun\command - "" = J:\wd_windows_tools\setup.exe O33 - MountPoints2\{968a0305-f270-11dc-b6cd-0030f1997c69}\Shell - "" = AutoRun O33 - MountPoints2\{968a0305-f270-11dc-b6cd-0030f1997c69}\Shell\AutoRun\command - "" = J:\pushinst.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.24 17:00:14 | 003,050,664 | ---- | C] (Piriform Ltd) -- C:\Users\xxx\Desktop\ccsetup305.exe [2011.04.24 16:58:20 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe [2011.04.24 16:19:15 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Malwarebytes [2011.04.24 16:19:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.24 16:19:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.24 16:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.24 16:19:04 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.04.24 16:19:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.04.16 21:42:45 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Neuer Ordner (3) [2011.04.15 08:01:22 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.04.15 08:01:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.04.15 08:01:15 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.04.15 08:01:15 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011.04.15 08:01:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011.04.15 08:01:09 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.04.15 08:01:08 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.04.15 08:01:08 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.15 08:01:08 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.15 08:01:08 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.04.15 08:01:08 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.15 08:01:07 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.15 08:01:07 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.15 08:01:07 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2011.04.15 08:01:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.15 08:00:55 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.04.15 08:00:42 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.15 08:00:42 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.04.09 08:56:05 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\bernd [2011.04.08 16:15:36 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\kochend [2011.04.08 12:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\Clarus [2011.04.08 12:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [2011.04.07 21:20:57 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\smf filme [2011.04.07 18:00:58 | 001,291,624 | ---- | C] (Microsoft Corporation) -- C:\Users\xxx\Desktop\wlsetup-web__1_.exe [2011.04.01 17:28:40 | 022,229,776 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Users\xxx\Desktop\FreeYouTubeToMp3Converter.exe [2007.11.28 13:52:11 | 000,151,552 | ---- | C] ( ) -- C:\Windows\System32\rsnp2std.dll [2007.11.28 13:52:11 | 000,077,824 | ---- | C] ( ) -- C:\Windows\System32\csnp2std.dll ========== Files - Modified Within 30 Days ========== [2011.04.24 17:05:44 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.24 17:00:25 | 003,050,664 | ---- | M] (Piriform Ltd) -- C:\Users\XXX\Desktop\ccsetup305.exe [2011.04.24 16:58:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\XXX\Desktop\OTL.exe [2011.04.24 16:55:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.24 16:46:39 | 000,504,657 | ---- | M] () -- C:\Users\XXXX\Desktop\unhide.exe [2011.04.24 16:36:44 | 000,633,342 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.24 16:36:44 | 000,599,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.24 16:36:44 | 000,128,590 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.24 16:36:44 | 000,105,816 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.24 16:30:26 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.24 16:30:24 | 000,004,048 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.24 16:30:24 | 000,004,048 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.24 16:30:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.24 16:30:15 | 3220,488,192 | -HS- | M] () -- C:\hiberfil.sys [2011.04.24 16:19:08 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.24 15:25:48 | 001,006,778 | ---- | M] () -- C:\Users\XXX\Desktop\rkill.com [2011.04.24 15:07:21 | 000,001,356 | ---- | M] () -- C:\Users\XXX\AppData\Local\d3d9caps.dat [2011.04.24 14:40:09 | 236,165,665 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.04.23 23:35:03 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C42FFE37-96F3-42C2-A8DA-888F1ED50969}.job [2011.04.22 11:57:41 | 000,238,588 | ---- | M] () -- C:\Users\XXX\Desktop\test3.pdf [2011.04.17 20:33:01 | 000,203,928 | ---- | M] () -- C:\Users\XXX\Desktop\waffe_IMG_8780.jpg [2011.04.17 13:16:45 | 000,011,761 | ---- | M] () -- C:\Users\XXX\Desktop\Via_listeNEU.ods [2011.04.17 13:07:28 | 000,075,826 | ---- | M] () -- C:\Users\XXX\Desktop\passat.jpg [2011.04.17 12:56:46 | 000,013,499 | ---- | M] () -- C:\Users\XXX\Desktop\Via_liste.ods [2011.04.17 01:15:38 | 000,253,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.08 17:15:49 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job [2011.04.08 16:28:30 | 000,209,408 | ---- | M] () -- C:\Users\XXXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.04.08 12:06:00 | 000,001,569 | ---- | M] () -- C:\Users\XXXX\Desktop\Samsung Auto Backup.lnk [2011.04.08 12:06:00 | 000,000,715 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk [2011.04.08 12:05:59 | 000,000,735 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk [2011.04.08 12:05:59 | 000,000,719 | ---- | M] () -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk [2011.04.07 19:15:40 | 020,586,196 | ---- | M] () -- C:\Users\XXX\Desktop\vlc-1.1.8-win32.exe [2011.04.07 19:02:10 | 000,055,830 | ---- | M] () -- C:\Users\XXX\Desktop\CombatWombatLive.jpg [2011.04.07 18:01:01 | 001,291,624 | ---- | M] (Microsoft Corporation) -- C:\Users\Ziemann\Desktop\wlsetup-web__1_.exe [2011.04.06 20:59:10 | 000,014,167 | ---- | M] () -- C:\Users\XXX\Desktop\Stellungnahme Security.odt [2011.04.01 18:30:56 | 000,087,917 | ---- | M] () -- C:\Users\XXX\Desktop\Krankenhaus.jpg [2011.04.01 17:32:24 | 000,001,032 | ---- | M] () -- C:\Users\XXX\Desktop\DVDVideoSoft Free Studio.lnk [2011.04.01 17:32:12 | 000,001,191 | ---- | M] () -- C:\Users\XXXX\Desktop\Free YouTube to MP3 Converter.lnk [2011.04.01 17:30:02 | 022,229,776 | ---- | M] (DVDVideoSoft Limited. ) -- C:\Users\Ziemann\Desktop\FreeYouTubeToMp3Converter.exe [2011.03.29 21:25:05 | 000,028,398 | ---- | M] () -- C:\Users\XXX\Desktop\Kac_warzone_revolver.jpg ========== Files Created - No Company Name ========== [2011.04.24 17:05:44 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.24 16:46:37 | 000,504,657 | ---- | C] () -- C:\Users\XXXX\Desktop\unhide.exe [2011.04.24 16:19:08 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.24 15:36:24 | 3220,488,192 | -HS- | C] () -- C:\hiberfil.sys [2011.04.24 15:34:00 | 001,006,778 | ---- | C] () -- C:\Users\XXXX\Desktop\rkill.com [2011.04.24 14:39:51 | 236,165,665 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011.04.22 11:57:39 | 000,238,588 | ---- | C] () -- C:\Users\XXX\Desktop\test3.pdf [2011.04.17 20:33:00 | 000,203,928 | ---- | C] () -- C:\Users\XXXX\Desktop\waffe_IMG_8780.jpg [2011.04.17 13:16:43 | 000,011,761 | ---- | C] () -- C:\Users\XXXX\Desktop\Via_listeNEU.ods [2011.04.17 13:07:28 | 000,075,826 | ---- | C] () -- C:\Users\XXX\Desktop\passat.jpg [2011.04.17 12:56:44 | 000,013,499 | ---- | C] () -- C:\Users\XXXX\Desktop\Via_liste.ods [2011.04.08 12:06:00 | 000,001,569 | ---- | C] () -- C:\Users\XXX\Desktop\Samsung Auto Backup.lnk [2011.04.08 12:05:59 | 000,000,735 | ---- | C] () -- C:\Users\XXXn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk [2011.04.08 12:05:59 | 000,000,719 | ---- | C] () -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk [2011.04.08 12:05:59 | 000,000,715 | ---- | C] () -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk [2011.04.07 19:14:17 | 020,586,196 | ---- | C] () -- C:\Users\XXX\Desktop\vlc-1.1.8-win32.exe [2011.04.07 19:02:10 | 000,055,830 | ---- | C] () -- C:\Users\XXX\Desktop\CombatWombatLive.jpg [2011.04.01 18:31:10 | 000,087,917 | ---- | C] () -- C:\Users\XXXX\Desktop\Krankenhaus.jpg [2011.04.01 17:32:12 | 000,001,191 | ---- | C] () -- C:\Users\XXX\Desktop\Free YouTube to MP3 Converter.lnk [2011.04.01 14:35:08 | 000,014,167 | ---- | C] () -- C:\Users\XXX\Desktop\Stellungnahme Security.odt [2011.03.29 21:25:04 | 000,028,398 | ---- | C] () -- C:\Users\Ziemann\Desktop\Kac_warzone_revolver.jpg [2010.12.30 19:57:29 | 000,000,104 | ---- | C] () -- C:\Windows\CDDOOR5.INI [2010.12.05 21:18:00 | 000,000,138 | ---- | C] () -- C:\Windows\System32\VideoGenieSetup.ini [2010.10.14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.10.05 18:12:07 | 002,601,752 | ---- | C] () -- C:\Windows\System32\pbsvc_moh.exe [2010.06.24 18:31:02 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe [2009.11.19 04:34:46 | 000,022,723 | ---- | C] () -- C:\Windows\System32\suge1l3.dll [2009.05.22 15:14:26 | 000,000,804 | ---- | C] () -- C:\Windows\cdplayer.ini [2009.03.24 18:28:33 | 000,144,384 | ---- | C] () -- C:\Windows\System32\miccyhook.dll [2009.02.02 17:21:34 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.01.18 14:29:44 | 000,221,184 | ---- | C] () -- C:\Windows\System32\hp_nls.dll [2009.01.02 19:09:02 | 000,085,609 | ---- | C] () -- C:\Program Files\HitmanBloodMoneyTrainerPlus10.zip [2008.11.21 23:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008.11.21 23:44:16 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll [2008.11.21 18:45:43 | 002,250,024 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008.09.24 22:12:48 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll [2008.08.03 16:39:53 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2008.08.03 16:39:53 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.07.10 11:16:40 | 000,000,142 | ---- | C] () -- C:\Windows\SoftWriting.ini [2008.07.10 11:08:15 | 000,000,035 | ---- | C] () -- C:\Windows\Ulead32.INI [2008.07.10 11:07:13 | 000,285,216 | ---- | C] () -- C:\Windows\System32\drivers\Onsio.sys [2008.07.10 11:07:13 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\Onsreged.sys [2008.06.13 13:36:06 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI [2008.06.06 20:30:54 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2008.06.06 20:30:53 | 000,383,238 | ---- | C] () -- C:\Windows\System32\libmp3lame-0.dll [2008.06.05 09:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.03.15 11:30:26 | 000,015,573 | ---- | C] () -- C:\Windows\System32\drivers\fwlanusbn.bin [2008.03.12 16:38:29 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2008.01.21 13:10:28 | 000,000,008 | ---- | C] () -- C:\Windows\System32\mcbw.ini [2008.01.12 20:06:11 | 000,081,920 | ---- | C] () -- C:\Windows\System32\GkSui20.EXE [2007.11.30 17:12:23 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat [2007.11.28 13:52:11 | 012,039,552 | ---- | C] () -- C:\Windows\System32\drivers\snp2sxp.sys [2007.11.28 13:52:11 | 000,025,472 | ---- | C] () -- C:\Windows\System32\drivers\sncamd.sys [2007.11.28 13:52:11 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini [2007.11.22 16:42:18 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI [2007.11.22 16:08:37 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI [2007.11.22 15:54:54 | 000,000,010 | ---- | C] () -- C:\Windows\WININIT.INI [2007.11.22 15:23:46 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html [2007.11.22 13:54:00 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2007.11.22 13:53:54 | 000,002,302 | ---- | C] () -- C:\Windows\mozver.dat [2007.11.22 12:26:42 | 000,139,832 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2007.11.22 12:26:42 | 000,138,056 | ---- | C] () -- C:\Users\XXX\AppData\Roaming\PnkBstrK.sys [2007.11.22 12:26:11 | 000,218,496 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2007.11.22 12:26:03 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2007.11.22 11:38:56 | 000,209,408 | ---- | C] () -- C:\Users\XXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.11.21 12:28:05 | 000,001,356 | ---- | C] () -- C:\Users\XXX\AppData\Local\d3d9caps.dat [2006.11.02 17:33:31 | 000,633,342 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,128,590 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,253,184 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,599,940 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,105,816 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2004.06.14 00:00:00 | 000,000,670 | ---- | C] () -- C:\Windows\mbcase.ini [1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 498 bytes -> C:\ProgramData\TEMP:05EE1EEF < End of report > Code:
ATTFilter a-squared Free 4.5 Emsi Software GmbH 26.01.2010 106,4MB 4.5
Adobe AIR Adobe Systems Inc. 18.10.2010 28,4MB 2.0.2.12610
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 07.04.2011 10.2.153.1
Adobe Flash Player ActiveX Adobe Systems Incorporated 29.11.2007 9.0.47.0
Adobe Reader 8.1.3 - Deutsch Adobe Systems Incorporated 04.12.2008 99,8MB 8.1.3
Adobe Shockwave Player 11.5 Adobe Systems, Inc. 29.09.2009 11.5.1.601
AfuP 1.6.1 Junghard Bippes, DF1IAV 28.04.2008 4,81MB 1.6.1
Avira AntiVir Personal - Free Antivirus Avira GmbH 27.06.2009 65,3MB
Battlefield: Bad Company™ 2 Electronic Arts 23.06.2010 1.773MB 1.0.0.0
Call of Duty 21.11.2007 1.182MB
Call of Duty(R) - World at War(TM) Activision 20.11.2008 6.791MB 1.1
Call of Duty(R) 4 - Modern Warfare(TM) Activision 21.11.2007 6.381MB 1.7
Call of Duty: Black Ops Treyarch 08.11.2010 7.957MB
Call of Duty: Black Ops - Multiplayer Treyarch 08.11.2010 7.957MB
Call of Duty: Modern Warfare 2 Infinity Ward 09.11.2009 11.493MB
Call of Duty: Modern Warfare 2 - Multiplayer Infinity Ward 09.11.2009 11.493MB
Canon PhotoRecord Cisra 21.11.2007 80,5MB 02.02.04002
Canon Utilities Easy-PhotoPrint 21.11.2007 30,0MB
CCleaner Piriform 23.04.2011 3,41MB 3.05
Combat Arms EU 04.01.2009 1.727MB
Crysis 2 Demo 01.03.2011 1.836MB
DHTML Editing Component Microsoft Corporation 07.12.2007 0,45MB 6.02.0001
DivX Codec DivX, Inc. 12.12.2008 1,40MB 6.8.5
DivX Converter DivX, Inc. 12.12.2008 30,4MB 6.6.1
DivX Player 12.12.2008 15,4MB 6.8.2
DivX Web Player DivX,Inc. 12.12.2008 2,92MB 1.4.2
EA Download Manager Electronic Arts, Inc. 18.10.2010 26,9MB 6.0.4.124
EA Download Manager UI Electronic Arts 18.10.2010 0,77MB 6.0.4.124
Far Cry 2 Ubisoft 06.04.2009 3.246MB 1.02.00
Free Audio CD Burner version 1.4.7 DVDVideoSoft Limited. 31.03.2011 2,60MB
Free WMA to MP3 Converter 1.16 Jodix Technologies Ltd. 05.12.2010 2,84MB
Free YouTube to MP3 Converter version 3.9.35.324 DVDVideoSoft Limited. 31.03.2011 3,72MB
Google Earth Google 28.09.2010 85,4MB 5.2.1.1588
Google Gears Google 11.02.2011 9,05MB 0.5.3600
Google SketchUp 6 Google 23.09.2008 64,3MB 6.0.01337
Grand Theft Auto IV Rockstar Games 11.02.2010 15.339MB 1.00.0000
ICQ6 ICQ 21.11.2007 36,0MB 6.00.0000
Java(TM) 6 Update 18 Sun Microsystems, Inc. 02.05.2010 97,1MB 6.0.180
Java(TM) 6 Update 3 Sun Microsystems, Inc. 24.11.2007 133,2MB 1.6.0.30
Kane and Lynch: Dead Men Eidos 28.12.2007 3.731MB 1.00.0000
LevelOne WNC-0301 05.02.2009 8,77MB 1.00.0000
LogMeIn Hamachi LogMeIn, Inc. 08.12.2010 2,93MB 2.0.3.89
Malwarebytes' Anti-Malware Malwarebytes Corporation 23.04.2011 4,80MB
Medal of Honor (TM) Electronic Arts 18.10.2010 3.455MB 1.0.0.0
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 22.08.2009 37,0MB
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 21.08.2009 37,0MB
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 03.11.2010 120,3MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 03.11.2010 24,5MB 4.0.30319
Microsoft Games for Windows - LIVE Microsoft Corporation 15.11.2010 6,01MB 3.4.54.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 15.11.2010 31,3MB 3.4.18.0
Microsoft Office Excel Viewer 2003 Microsoft Corporation 15.04.2011 31,1MB 11.0.8173.0
Microsoft Office PowerPoint Viewer 2003 Microsoft Corporation 25.01.2008 4,00MB 11.0.8305.0
Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Corporation 15.04.2011 92,6MB 12.0.6425.1000
Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 15.04.2011 51,0MB 12.0.6425.1000
Microsoft Silverlight Microsoft Corporation 20.04.2011 14,9MB 4.0.60310.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 19.04.2010 1,74MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.11.2009 0,41MB 8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 19.04.2010 0,19MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 18.10.2010 0,58MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 27.06.2009 0,58MB 9.0.30729
Microsoft Visual J# 2.0 Redistributable Package Microsoft Corporation 15.11.2008 96,2MB
Mozilla Firefox (3.5.6) Mozilla 24.12.2009 38,2MB 3.5.6 (de)
mp3-2-wav converter 1.14 10.05.2009
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 17.11.2009 1,28MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 24.11.2009 1,34MB 4.20.9876.0
NDU ZyXEL 06.02.2009 8,88MB 1.0.0.1
Nokia Connectivity Cable Driver Nokia 30.11.2010 3,22MB 7.1.31.0
Nokia Map Loader Nokia 18.03.2009 2,69MB 2.0.1
Nokia PC Suite Nokia 09.09.2010 49,7MB 7.1.51.0
Nokia Software Updater Nokia Corporation 30.11.2010 45,4MB 02.06.006.44298
Notepad++ 23.09.2010 10,5MB 5.8
NVIDIA Drivers 24.11.2008
NVIDIA PhysX NVIDIA Corporation 18.10.2010 119,9MB 9.09.0203
OpenAL 28.12.2007 0,75MB
OpenOffice.org 3.2 OpenOffice.org 02.05.2010 371MB 3.2.9483
Pando Media Booster Pando Networks Inc. 03.01.2009 5,57MB 2.2.1.1
PC Connectivity Solution Nokia 30.11.2010 12,9MB 10.42.0.0
Philips DF2000 GSM Handset Software 04.12.2010 0,50MB
PunkBuster Services Even Balance, Inc. 18.10.2010 0.989
QuickTime Apple Inc. 22.11.2007 76,9MB 7.3.0.70
RealPlayer RealNetworks 16.03.2010 67,7MB
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista Realtek 20.11.2007 0,58MB 1.00.0000
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 02.02.2009 14,1MB 6.0.1.5772
Rockstar Games Social Club Rockstar Games 11.02.2010 1,89MB 1.00.0000
Samsung Auto Backup Clarus 07.04.2011 19,4MB 4.1.371.0
SimpleOCR 3.1 09.07.2008 24,2MB
Skype™ 3.6 Skype Technologies S.A. 29.11.2007 31,8MB 3.6.216
Sniper: Ghost Warrior City Interactive S.A. 10.09.2010 4.844MB
SpeedFan (remove only) 23.03.2009 4,73MB
Spelling Dictionaries Support For Adobe Reader 8 Adobe Systems 04.12.2008 32,5MB 8.0.0
Spybot - Search & Destroy 1.3 Safer Networking Limited 27.11.2007 11,8MB 1.3
Steam Valve Corporation 09.11.2009 42,3MB 1.0.0.0
System Requirements Lab 24.11.2008 0,99MB
TachoPlusFreeDriver SoftProject 15.11.2008 2,53MB
TuneUp Utilities 2008 TuneUp Software 11.03.2008 34,0MB 7.0.7991
Uninstall 1.0.0.1 31.03.2011 30,9MB
USB2.0 PC Camera (SN9C201&202) Sonix 27.11.2007 4,20MB 5.7.22.000
Video mp3 Extractor GeoVid 06.05.2009 2,38MB
VLC media player 0.9.8a VideoLAN Team 08.01.2009 60,4MB 0.9.8a
Windows Live Essentials Microsoft Corporation 19.04.2010 70,6MB 14.0.8089.0726
Windows Live ID Sign-in Assistant Microsoft Corporation 15.11.2010 4,69MB 6.500.3165.0
Windows Live Sync Microsoft Corporation 19.04.2010 2,79MB 14.0.8089.726
Windows Live-Uploadtool Microsoft Corporation 19.04.2010 0,22MB 14.0.8014.1029
Windows Media Player Firefox Plugin Microsoft Corp 28.02.2009 0,29MB 1.0.0.8
Windows-Treiberpaket - Nokia Modem (03/05/2008 3.7) Nokia 18.03.2009 03/05/2008 3.7
Windows-Treiberpaket - Nokia Modem (03/13/2008 6.86.0.1) Nokia 18.03.2009 03/13/2008 6.86.0.1
Windows-Treiberpaket - Nokia Modem (06/09/2010 4.5) Nokia 09.09.2010 691MB 06/09/2010 4.5
Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.7) Nokia 09.09.2010 691MB 06/09/2010 7.01.0.7
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) Nokia 30.11.2010 08/22/2008 7.0.0.0
WinRAR 25.12.2007 3,66MB
|
| Themen zu Auch Probleme mit TR/Kazy.mekml.1 (schon alles befolgt.... |
| alternate, autorun, avgntflt.sys, avira, bho, black, call of duty, canon, ccsetup, conduit, defender, device driver, disabletaskmgr, error, excel, flash player, format, google, google earth, grand theft auto, home, iexplore.exe, install.exe, location, mozilla, mp3, nvlddmkm.sys, oldtimer, plug-in, realtek, registry, rundll, saver, searchplugins, security, server, shell32.dll, shortcut, sketchup, software, start menu, system, tcp, trojan.fakeav, udp, usb, vista, wma, world at war |
Baum-Darstellung