OTL:
OTL Logfile:
OTL EXTRAS Logfile: Code:
OTL logfile created on: 13.11.2010 13:32:40 - Run 2
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\*****\Desktop\MFTools
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 10,96 Gb Free Space | 22,44% Space Free | Partition Type: NTFS
Drive E: | 319,27 Gb Total Space | 74,81 Gb Free Space | 23,43% Space Free | Partition Type: NTFS
Computer Name: ***** | User Name: *****| Logged in as *****
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Mozilla Firefox 3 Beta 5\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox 3 Beta 5\firefox.exe (Mozilla Corporation)
PRC - C:\Users\*****\Desktop\MFTools\OTL.exe (OldTimer Tools)
PRC - C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Programme\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Programme\Trillian\trillian.exe (Cerulean Studios)
PRC - C:\Programme\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
PRC - C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net)
PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\COMODO\SafeSurf\cssurf.exe (COMODO)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software)
========== Modules (SafeList) ==========
MOD - C:\Users\*****\Desktop\MFTools\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\guard32.dll (COMODO)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cssdll32.dll (COMODO)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (NMIndexingService) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe File not found
SRV - (msvsmon90) -- D:\Visual Studio 9\Common7\IDE\Remote Debugger\x86\msvsmon.exe File not found
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (OpenVPNService) -- C:\Programme\OpenVPN\bin\openvpnserv.exe ()
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (GEST Service) -- C:\Program Files\GIGABYTE\GEST\GSvr.exe ()
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software)
========== Driver Services (SafeList) ==========
DRV - (VSPerfDrv90) -- D:\Visual Studio 9\Team Tools\Performance Tools\VSPerfDrv90.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (inspect) -- C:\Windows\System32\drivers\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
DRV - (cmdGuard) -- C:\Windows\System32\drivers\cmdGuard.sys (COMODO)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
DRV - (HssDrv) -- C:\Windows\System32\drivers\HssDrv.sys (AnchorFree Inc.)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (RivaTuner32) -- C:\Programme\RivaTuner v2.09\RivaTuner32.sys ()
DRV - (ET5Drv) -- C:\Windows\System32\drivers\ET5Drv.sys (Windows (R) 2000 DDK provider)
DRV - (JRAID) -- C:\Windows\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV - (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s115mgmt.sys (MCCI Corporation)
DRV - (s115obex) -- C:\Windows\System32\drivers\s115obex.sys (MCCI Corporation)
DRV - (s115mdm) -- C:\Windows\System32\drivers\s115mdm.sys (MCCI Corporation)
DRV - (s115mdfl) -- C:\Windows\System32\drivers\s115mdfl.sys (MCCI Corporation)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (tap0801) -- C:\Windows\System32\drivers\tap0801.sys (The OpenVPN Project)
DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\Windows\System32\drivers\k750bus.sys (MCCI)
DRV - (giveio) -- C:\Windows\system32\giveio.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 A3 80 EB 79 7E CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de|hxxp://www.die-staemme.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.1.106
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {B9C8BE50-7105-4ec6-8FB4-4935C0671648}:0.5.995
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.4
FF - prefs.js..extensions.enabledItems: {636fd8b0-ce2b-4e00-b812-2afbe77ee899}:1.4.5
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox 3 Beta 5\components [2010.11.01 10:31:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3 Beta 5\plugins [2010.11.01 10:31:13 | 000,000,000 | ---D | M]
[2008.05.02 14:45:06 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\mozilla\Extensions
[2010.11.13 13:05:37 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\hxnb2hy9.default\extensions
[2010.08.28 21:51:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\hxnb2hy9.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2010.02.28 12:16:11 | 000,000,000 | ---D | M] (XPather) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\hxnb2hy9.default\extensions\{636fd8b0-ce2b-4e00-b812-2afbe77ee899}
[2010.11.06 01:46:30 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\hxnb2hy9.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.04.04 01:27:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\hxnb2hy9.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}
[2010.10.16 23:26:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\hxnb2hy9.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.11.06 01:46:29 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\hxnb2hy9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.11.06 01:46:27 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\hxnb2hy9.default\extensions\elemhidehelper@adblockplus.org
[2008.09.29 13:52:09 | 000,001,840 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\FireFox\Profiles\hxnb2hy9.default\searchplugins\blasc---datenbank.xml
[2009.08.05 17:39:49 | 000,005,349 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\FireFox\Profiles\hxnb2hy9.default\searchplugins\clusty.xml
[2010.05.18 21:39:42 | 000,001,712 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\FireFox\Profiles\hxnb2hy9.default\searchplugins\linguee-de-en.xml
[2010.11.07 03:11:53 | 000,002,232 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\FireFox\Profiles\hxnb2hy9.default\searchplugins\picktorrentcom.xml
[2010.09.18 22:23:41 | 000,001,879 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\FireFox\Profiles\hxnb2hy9.default\searchplugins\skreemr-audio-search.xml
O1 HOSTS File: ([2010.10.11 09:50:32 | 000,421,636 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 14541 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (PDF-XChange Viewer IE-Plugin) - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Programme\Tracker Software\PDF Viewer\PDFXCviewIEPlugin.dll (Tracker Software Products Ltd.)
O2 - BHO: (Microsoft Web Test Recorder 9.0 Helper) - {E31CE47F-C268-41ba-897B-B415E613947D} - D:\Visual Studio 9\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO90.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [COMODO SafeSurf] C:\Program Files\COMODO\SafeSurf\cssurf.exe (COMODO)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk = C:\Programme\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O4 - Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Programme\Trillian\trillian.exe (Cerulean Studios)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\cssdll32.dll) - C:\Windows\System32\cssdll32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\*****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\*****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2bb3e323-2a9d-11dd-b5ce-001d7d06a81f}\Shell - "" = AutoRun
O33 - MountPoints2\{2bb3e323-2a9d-11dd-b5ce-001d7d06a81f}\Shell\AutoRun\command - "" = H:\Autorun.exe -- File not found
O33 - MountPoints2\{309c9af5-1870-11dd-a5e5-001d7d06a81f}\Shell - "" = AutoRun
O33 - MountPoints2\{309c9af5-1870-11dd-a5e5-001d7d06a81f}\Shell\AutoRun\command - "" = G:\Borderlands.exe -- File not found
O33 - MountPoints2\{c3f1824e-1835-11dd-ba6b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c3f1824e-1835-11dd-ba6b-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autoplay.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.11.02 10:56:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2010.11.01 10:31:00 | 000,000,000 | ---D | C] -- C:\Programme\Citrix
[2010.10.30 13:35:10 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.10.30 13:35:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.10.17 09:44:55 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2010.10.17 09:29:10 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Malwarebytes
[2010.10.17 09:28:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.10.17 09:28:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.17 09:28:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.10.17 09:28:06 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.10.17 09:26:41 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\MFTools
[2010.10.17 09:26:32 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010.10.17 09:26:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.17 09:24:28 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.17 09:24:27 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.17 09:24:20 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.17 09:24:20 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.17 09:24:20 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.17 09:24:19 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.17 09:24:19 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.10.17 09:24:19 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.10.17 09:24:19 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.17 09:24:19 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.17 09:24:19 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.10.17 09:24:19 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.17 09:24:19 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.10.17 09:24:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.10.17 09:24:19 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.10.17 09:24:19 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.10.17 09:24:19 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.17 09:24:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.17 09:24:19 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.10.17 09:24:00 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.17 09:23:44 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.17 09:23:39 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.17 09:23:36 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.17 09:23:35 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.16 22:21:47 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.10.16 22:21:46 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.10.16 22:21:46 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.10.16 22:21:46 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.10.16 22:21:46 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.10.16 22:21:40 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.10.16 22:21:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
========== Files - Modified Within 30 Days ==========
[2010.11.13 12:56:03 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.11.13 12:55:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.13 12:55:35 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.13 12:55:34 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.08 10:44:29 | 000,704,140 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.08 10:44:29 | 000,649,906 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.08 10:44:29 | 000,155,438 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.08 10:44:29 | 000,126,662 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.08 10:39:40 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.11.08 10:39:11 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.11.07 12:45:03 | 000,137,976 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.11.07 12:44:54 | 000,234,280 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.11.06 09:29:10 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.11.06 09:29:10 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.11.02 10:57:34 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2010.11.01 10:43:18 | 000,002,713 | ---- | M] () -- C:\Users\Public\Desktop\Program Neighborhood Agent.lnk
[2010.10.19 11:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.10.18 10:01:34 | 000,106,496 | ---- | M] () -- C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.17 09:44:56 | 000,000,738 | ---- | M] () -- C:\Users\*****\Desktop\NTREGOPT.lnk
[2010.10.17 09:44:56 | 000,000,719 | ---- | M] () -- C:\Users\*****\Desktop\ERUNT.lnk
[2010.10.17 09:39:51 | 000,379,192 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.17 09:28:13 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.17 09:27:36 | 000,050,477 | ---- | M] () -- C:\Users\*****\Desktop\defogger.exe
[2010.10.17 09:27:35 | 000,285,230 | ---- | M] () -- C:\Users\*****\Desktop\Gmer.zip
[2010.10.16 22:35:59 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.10.16 22:20:57 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\gdrv.sys
========== Files Created - No Company Name ==========
[2010.11.02 10:57:34 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2010.11.01 10:43:18 | 000,002,713 | ---- | C] () -- C:\Users\Public\Desktop\Program Neighborhood Agent.lnk
[2010.10.18 15:48:18 | 000,000,619 | ---- | C] () -- C:\Users\*****\Desktop\1009_S21_Vortrag_2.pdf
[2010.10.17 09:44:56 | 000,000,738 | ---- | C] () -- C:\Users\*****\Desktop\NTREGOPT.lnk
[2010.10.17 09:44:56 | 000,000,719 | ---- | C] () -- C:\Users\*****\Desktop\ERUNT.lnk
[2010.10.17 09:28:13 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.17 09:27:00 | 000,050,477 | ---- | C] () -- C:\Users\*****\Desktop\defogger.exe
[2010.10.17 09:26:46 | 000,285,230 | ---- | C] () -- C:\Users\*****\Desktop\Gmer.zip
[2010.10.16 22:35:59 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.10.11 09:53:58 | 000,000,466 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.09.19 14:50:51 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.09.19 14:50:50 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.09.04 07:50:03 | 000,001,249 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.04.16 09:13:48 | 000,000,113 | ---- | C] () -- C:\Windows\(null)toolkit.ini
[2010.04.02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.09.05 13:30:51 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.08.23 16:06:44 | 000,638,976 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.08.23 15:43:46 | 000,163,840 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.03.31 21:00:14 | 000,000,172 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.03.08 23:37:59 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.03.08 23:37:59 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.12.22 16:11:29 | 000,000,600 | ---- | C] () -- C:\Users\*****\AppData\Local\PUTTY.RND
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.06.01 21:59:21 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2008.05.24 16:43:48 | 000,004,096 | -H-- | C] () -- C:\Users\*****\AppData\Local\keyfile3.drm
[2008.05.12 22:58:39 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.05.03 00:28:36 | 000,106,496 | ---- | C] () -- C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.05.02 19:04:08 | 000,138,056 | ---- | C] () -- C:\Users\*****\AppData\Roaming\PnkBstrK.sys
[2008.05.02 19:04:08 | 000,137,976 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008.05.02 18:48:56 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.05.02 12:03:33 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2008.05.02 12:01:15 | 000,000,680 | ---- | C] () -- C:\Users\*****\AppData\Local\d3d9caps.dat
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
< End of report >
--- --- ---
--- --- ---
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 13.11.2010 13:32:40 - Run 2
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\*****\Desktop\MFTools
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 10,96 Gb Free Space | 22,44% Space Free | Partition Type: NTFS
Drive E: | 319,27 Gb Total Space | 74,81 Gb Free Space | 23,43% Space Free | Partition Type: NTFS
Computer Name: MANUPC | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 1
"DefaultInboundAction" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01922B38-1542-4F8C-93C3-0967F12B0C4A}" = lport=139 | protocol=6 | dir=in | app=system |
"{2015E81A-DBAB-4023-8407-FEBA2880DEF2}" = lport=138 | protocol=17 | dir=in | app=system |
"{24C5814B-6630-42CE-8153-040D8418EC71}" = lport=445 | protocol=6 | dir=in | app=system |
"{2ED748FC-4C8B-4D20-A6A5-F1F4180FABC5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{30279BF0-2887-4093-ABAF-7DB4A3C92003}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{414B702B-1DA0-4926-A4D6-1C804927917D}" = lport=18229 | protocol=6 | dir=in | name=emule tcp |
"{41574DE2-0290-43CE-9232-A026DB368AAD}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{4FE98232-57F5-401A-B6AB-01680AB1D813}" = lport=18239 | protocol=17 | dir=in | name=emule kad |
"{53802952-88C2-4686-869E-33D933044003}" = rport=445 | protocol=6 | dir=out | app=system |
"{6A84AC8A-6D0C-407E-94BB-D08AF7478501}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7B2F4856-7CFA-44B7-9952-AC7B597A2126}" = rport=138 | protocol=17 | dir=out | app=system |
"{7D8A26F1-3279-44BC-BD71-ECC2D9F988EA}" = lport=2799 | protocol=17 | dir=in | name=altova license metering port (udp) |
"{8A0F00DA-6063-4B7F-89F9-CB528FDB57D5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8E370068-9625-454F-949B-04353C7FD14E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8EA644E7-2A1F-4528-AD9A-A87BA718713D}" = rport=139 | protocol=6 | dir=out | app=system |
"{9AE62953-E556-48F5-B11E-C12F5481ED36}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B17E6B70-DA5A-4A67-A5C8-86DC3A2D8FD8}" = lport=137 | protocol=17 | dir=in | app=system |
"{B91E887F-5AC8-406C-97A5-1A24BB9A0816}" = lport=2799 | protocol=6 | dir=in | name=altova license metering port (tcp) |
"{C9661055-7D7E-46A7-8021-F9913BFFE2B1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D081CF1E-C326-47FA-ACED-F5F49B0E2476}" = rport=137 | protocol=17 | dir=out | app=system |
"{D3FBB72A-116C-4E41-BF6F-B3CE028B0EA3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{D62365DF-1969-47DD-BA51-DF47EABED083}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DE2ECB44-9CCA-4D29-B773-93351170D017}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F1FE44A0-61DC-422A-8721-52F21EAE265C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F7B97022-F68B-4898-B155-F2E13A869662}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004C47B0-7E0E-4F79-BBEB-FD47B8F0D9E5}" = protocol=17 | dir=in | app=e:\downloads\wow-2.4.3.8568-to-3.0.2.8916-dede-downloader.exe |
"{044B378C-A67A-4064-A0AD-7BBEBCAB0731}" = protocol=6 | dir=in | app=e:\spiele\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe |
"{058FC11B-62D8-4F09-8136-CE8B1D7DB18D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1242217E-2791-4370-818C-1DC6E84BA263}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\o0blubb0o\counter-strike source\hl2.exe |
"{1C49727A-A143-4DE2-9A61-85BB9D4F8F0A}" = protocol=6 | dir=in | app=e:\öffentlich\dokumente\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{1E2B579D-BE09-47A4-825D-55685DC2DCF2}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"{253CFA08-F89C-4290-A9BB-1473C29A2076}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{26A85A11-5777-458C-9995-D6BAF0E84702}" = protocol=17 | dir=in | app=e:\spiele\streetfighteriv\streetfighteriv.exe |
"{28E4A9C8-C59B-4EA7-8810-713647F8FB4F}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"{3DA5561D-1050-404E-97A1-CE0A5A4F9933}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\dawn of war 2\dow2.exe |
"{484B72B2-084C-42D3-8047-0837B56F2C2B}" = protocol=17 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\farcry2.exe |
"{49EE7A1C-7160-4745-B23B-ADFA610FCBF6}" = protocol=17 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\fc2launcher.exe |
"{4ACA4CB5-B094-4C92-9456-2E4979338654}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\dawn of war 2\dow2.exe |
"{4C544B95-9487-46F6-8F1C-F79DD7B11A8D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{573184DE-417A-40B9-A174-3CB8AF0BCC89}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{59232DB3-E2CD-4B71-AD1C-C2E7123B5DF9}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5BB01F44-618A-4B92-9512-3081BA7ACDA6}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6142009C-0083-49C2-803E-95644E88A556}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{65361864-4B11-4364-8A4F-D090A90A3AF6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{673C3A2A-82FC-412A-97DD-C3CAAE0D7862}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{76702C5D-DDF4-4A5F-B7FC-22F73AA8DC9D}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\command & conquer red alert 3 demo\ra3demo.exe |
"{79179DF9-626C-447E-875E-A1CD874430B7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7AD75962-B98A-4B3A-A663-55B70A904AAB}" = protocol=6 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\farcry2.exe |
"{7B208239-189E-4596-BD79-1958F1BA7F71}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\o0blubb0o\counter-strike\hl.exe |
"{7E01A4E5-6CF9-48C8-83AB-F35513004D7D}" = protocol=17 | dir=in | app=e:\öffentlich\dokumente\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{81C330AC-3989-490D-B84B-C78AFCA00B4F}" = protocol=6 | dir=in | app=e:\downloads\wow-2.4.3.8568-to-3.0.2.8916-dede-downloader.exe |
"{81FD396C-F08E-4C30-97E8-017E01995921}" = protocol=17 | dir=in | app=e:\spiele\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe |
"{86101609-7623-4A5F-98D9-F619DC71620D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8D6EB7F2-ED7E-4DEA-9C28-4AFD8D291E06}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{8FD50435-A6F3-45B0-9160-FF78EE52FB44}" = protocol=6 | dir=in | app=e:\spiele\battlefield bad company 2\bfbc2updater.exe |
"{95B6F48E-C321-4AC7-A183-09DB976D3BF9}" = protocol=6 | dir=in | app=e:\spiele\streetfighteriv\streetfighteriv.exe |
"{99A0FD1C-44D0-4EF5-82EA-AA2F950F94F3}" = protocol=17 | dir=in | app=e:\spiele\fearcombat\fearmp.exe |
"{9EFF9B75-2889-454A-9D17-34B0BD54C268}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9FF49B59-2B6E-4130-962B-B33E085C1E01}" = protocol=6 | dir=in | app=e:\spiele\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe |
"{A4C4342F-10B7-4ACD-ACB7-6A5E02B70A2A}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{A96A253D-58AF-4331-AD6E-A131137E0BBA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AD33F7CA-09FD-400B-8CCB-E61F57BA89AF}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{B398788B-A085-43A3-82A5-2543A99F1F54}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{B4CA6734-1007-43E5-AC3B-6608B1346C6B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B687424C-4ACD-4B86-8DE9-622D8B1C1681}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\o0blubb0o\counter-strike\hl.exe |
"{BCBD484A-5EBA-4EB3-92C0-93733DB03175}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C6079677-EB20-4FB8-8683-A8F20178D09D}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\o0blubb0o\counter-strike source\hl2.exe |
"{C7280D38-3762-4AC4-B4B3-18280CE134CA}" = protocol=6 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\fc2editor.exe |
"{CD45FE1D-539A-449D-9D71-57DDDD18D608}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{CF2E2D67-721E-47A3-8923-43C70FF5924C}" = protocol=17 | dir=in | app=e:\spiele\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe |
"{DE70DB62-7477-4506-9B30-7E66233F8083}" = protocol=17 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\fc2editor.exe |
"{EB27C66A-4A90-4125-A2E3-7B77773E4B11}" = protocol=6 | dir=in | app=e:\spiele\fearcombat\fearmp.exe |
"{F0289D5B-2038-4EC5-8C4C-ABC388B3CD97}" = protocol=17 | dir=in | app=e:\spiele\battlefield bad company 2\bfbc2updater.exe |
"{F181E62F-A6A6-46B9-871B-26DAEA6FF863}" = protocol=6 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\fc2launcher.exe |
"{F283DD34-78F5-4707-B5AA-9CBCADA8861F}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{F9D5DEF0-226A-4BB4-84EE-102EA8CF1DC3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{FF54524A-457E-45BE-877D-C666B2A7201D}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\command & conquer red alert 3 demo\ra3demo.exe |
"TCP Query User{02F7F307-91B8-4835-82A3-F66BF0239063}C:\program files\eclipse\eclipse rcp sr1\eclipse.exe" = protocol=6 | dir=in | app=c:\program files\eclipse\eclipse rcp sr1\eclipse.exe |
"TCP Query User{182DC708-44D6-4863-ACA2-DA4A5E1BAA96}E:\spiele\warcraft iii\war3.exe" = protocol=6 | dir=in | app=e:\spiele\warcraft iii\war3.exe |
"TCP Query User{1910A5FB-E385-49FA-8116-61406986CE1A}C:\program files\java\jre1.6.0_07\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\javaw.exe |
"TCP Query User{2D5CDE5A-CA7B-480B-8497-D828E9E33F60}C:\users\*****\appdata\local\temp\blizzard launcher temporary - 0c001878\launcher.exe" = protocol=6 | dir=in | app=c:\users\*****\appdata\local\temp\blizzard launcher temporary - 0c001878\launcher.exe |
"TCP Query User{362535A2-92DD-41AF-BF31-3746FAFB14B7}D:\wespeclispe\eclipse.exe" = protocol=6 | dir=in | app=d:\wespeclispe\eclipse.exe |
"TCP Query User{363071BA-033A-41FB-9B25-CA9D3AB71493}C:\program files\ibm\sdp70\jdk\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\ibm\sdp70\jdk\jre\bin\javaw.exe |
"TCP Query User{373C41E0-B12D-4D98-B290-8837846439C7}C:\program files\gigabyte\gest\run.exe" = protocol=6 | dir=in | app=c:\program files\gigabyte\gest\run.exe |
"TCP Query User{37566125-410D-4B18-940C-F3A16FB0FE1E}C:\program files\mozilla firefox 3 beta 5\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox 3 beta 5\firefox.exe |
"TCP Query User{41D38B53-E60C-48CD-9B3B-FB36CEBE8442}C:\program files\java\jdk1.6.0_07\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_07\bin\java.exe |
"TCP Query User{5133F1CC-67BE-4B39-9F88-7208488EF3D5}C:\program files\ibm\sdp70\runtimes\base_v61\java\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\ibm\sdp70\runtimes\base_v61\java\bin\java.exe |
"TCP Query User{57C3C50A-E04F-4235-B689-BF9F43A9B592}E:\spiele\farcry2\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\farcry2.exe |
"TCP Query User{5A4A1CBB-0DBD-4B98-98B0-60508919155F}C:\program files\java\jre1.6.0_07\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\java.exe |
"TCP Query User{61CCF17D-E26D-48F0-9A43-5EEA92C60353}C:\program files\emule xtreme\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule xtreme\emule.exe |
"TCP Query User{907B54CF-F9CE-4AA0-A54B-AFBAB252B8D6}D:\wespeclispe\eclipse.exe" = protocol=6 | dir=in | app=d:\wespeclispe\eclipse.exe |
"TCP Query User{ACC9642D-E222-478C-99EE-C8F127DADA7A}E:\spiele\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=e:\spiele\starcraft ii\versions\base16755\sc2.exe |
"TCP Query User{AE576312-2CD1-4D93-B065-8C38F5F905E0}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"TCP Query User{C005DA49-8A06-4547-A131-12DE52016FDF}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{C1C1CDA3-6DB1-460F-9F75-A7691A8EF85F}E:\emule\emule.exe" = protocol=6 | dir=in | app=e:\emule\emule.exe |
"TCP Query User{C58E99CC-2AB4-4A98-ADA5-691393D68ECD}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"TCP Query User{DF47E9A7-D6B6-480F-940F-E30C9CC297CE}E:\downloads\eclipse-rcp-ganymede-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=e:\downloads\eclipse-rcp-ganymede-win32\eclipse\eclipse.exe |
"TCP Query User{DF558798-1BE4-4A70-81C2-74E82B9A5A05}E:\spiele\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\launcher.exe |
"TCP Query User{E28597C0-A6F3-477E-98B4-845820622091}E:\emule\emule.exe" = protocol=6 | dir=in | app=e:\emule\emule.exe |
"TCP Query User{EDCDBB1E-7BA0-4E27-9352-6A46AD0C48CE}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{0DAE7E6E-4A9F-4FFC-9CA8-E60574F097F1}C:\program files\mozilla firefox 3 beta 5\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox 3 beta 5\firefox.exe |
"UDP Query User{12D0A011-3842-434D-9227-7EC7C7E348FE}D:\wespeclispe\eclipse.exe" = protocol=17 | dir=in | app=d:\wespeclispe\eclipse.exe |
"UDP Query User{1D7982D8-AE42-4E73-AB9E-E2C3397AAF12}C:\program files\java\jre1.6.0_07\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\java.exe |
"UDP Query User{23D022ED-1278-489B-A67F-97AFA2168715}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{26EADD47-64CC-4A91-AB15-F90191F513E9}E:\downloads\eclipse-rcp-ganymede-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=e:\downloads\eclipse-rcp-ganymede-win32\eclipse\eclipse.exe |
"UDP Query User{2EBE1D52-7B37-4FBC-BCAE-0F70A28194D6}E:\spiele\warcraft iii\war3.exe" = protocol=17 | dir=in | app=e:\spiele\warcraft iii\war3.exe |
"UDP Query User{47216D23-8469-436C-B142-F2768D80D6E2}E:\emule\emule.exe" = protocol=17 | dir=in | app=e:\emule\emule.exe |
"UDP Query User{66C9C0EE-5329-428B-890F-43F007407881}C:\program files\ibm\sdp70\runtimes\base_v61\java\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\ibm\sdp70\runtimes\base_v61\java\bin\java.exe |
"UDP Query User{6754ECDE-742F-4205-8F31-3C4EAB40626A}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"UDP Query User{6BCB5B49-3E18-4E48-9B1F-5C0C5C1F0FE7}C:\program files\emule xtreme\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule xtreme\emule.exe |
"UDP Query User{783A4D3D-937D-4C58-B8F0-7C4A8C189199}E:\spiele\farcry2\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=e:\spiele\farcry2\far cry 2\bin\farcry2.exe |
"UDP Query User{7F4E002C-C99F-4637-BAF4-6AC07C7B40A1}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"UDP Query User{81D3C87C-79E0-4D0E-8762-878835DFE140}C:\program files\java\jdk1.6.0_07\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_07\bin\java.exe |
"UDP Query User{996A40E7-CE01-4397-933B-443FEB7831F9}C:\program files\eclipse\eclipse rcp sr1\eclipse.exe" = protocol=17 | dir=in | app=c:\program files\eclipse\eclipse rcp sr1\eclipse.exe |
"UDP Query User{9F8A8EBA-6CA3-46D2-B713-1AB7F5B96EA8}E:\spiele\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=e:\spiele\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{A2B58C23-F1C4-4DF2-BE11-1F9A7C722752}C:\program files\java\jre1.6.0_07\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\javaw.exe |
"UDP Query User{A7D98564-7E39-4406-833C-40CE2EFEB588}E:\spiele\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\launcher.exe |
"UDP Query User{CE8A47EC-A971-467A-9D49-9096AD1F341C}D:\wespeclispe\eclipse.exe" = protocol=17 | dir=in | app=d:\wespeclispe\eclipse.exe |
"UDP Query User{DDC02128-F0AD-4A6A-9F04-3F8473F5D92A}E:\emule\emule.exe" = protocol=17 | dir=in | app=e:\emule\emule.exe |
"UDP Query User{E559B6B8-25B2-499D-9CFC-5677852B6041}C:\users\*****\appdata\local\temp\blizzard launcher temporary - 0c001878\launcher.exe" = protocol=17 | dir=in | app=c:\users\*****\appdata\local\temp\blizzard launcher temporary - 0c001878\launcher.exe |
"UDP Query User{E77E1844-6071-47D1-8DFC-EC37B286DFBF}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{F5D98E7E-3E73-4434-B377-52C6D38614AA}C:\program files\ibm\sdp70\jdk\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\ibm\sdp70\jdk\jre\bin\javaw.exe |
"UDP Query User{FD989839-E121-4B3A-812E-3BD2BA806BD0}C:\program files\gigabyte\gest\run.exe" = protocol=17 | dir=in | app=c:\program files\gigabyte\gest\run.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05A26882-6816-4EC3-AA49-25F9F53AC3B7}" = PlaNet
"{05EC21B8-4593-3037-A781-A6B5AFFCB19D}" = Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools - enu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0DF3AE91-E533-3960-8516-B23737F8B7A2}" = Visual C++ 2008 x64 Runtime - (v9.0.30729)
"{0DF3AE91-E533-3960-8516-B23737F8B7A2}.vc_x64runtime_30729_01" = Visual C++ 2008 x64 Runtime - v9.0.30729.01
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1D222324-249C-4744-8784-3377909C59B3}" = Power Toys for the Microsoft .NET Compact Framework 3.5
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{22E23C71-C27A-3F30-8849-BB6129E50679}" = Visual C++ 2008 IA64 Runtime - (v9.0.30729)
"{22E23C71-C27A-3F30-8849-BB6129E50679}.vc_i64runtime_30729_01" = Visual C++ 2008 IA64 Runtime - v9.0.30729.01
"{23170F69-40C1-2701-0465-000001000000}" = 7-Zip 4.65
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{241F2BF7-69EB-42A4-9156-96B2426C7504}" = Microsoft SQL Server Compact 3.5 for Devices ENU
"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite
"{2624B680-02BC-4CBC-839C-DA20DF6EF6EC}" = Citrix Presentation Server Client
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2E1A71D5-7897-4F3F-B0E3-B412C86A646D}" = Need for Speed™ ProStreet
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{33BBE45C-6296-488A-B7D5-37E692E71B3F}" = TortoiseSVN 1.6.5.16974 (32 bit)
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C11D2DA-6802-3F66-BE6B-B2C046AFE866}" = Visual C++ 2008 x64 Runtime - (v9.0.30729.4148)
"{3C11D2DA-6802-3F66-BE6B-B2C046AFE866}.vc_x64runtime_30729_4148" = Visual C++ 2008 x64 Runtime - v9.0.30729.4148
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01]
"{43651afa-9eef-4988-a878-3e3c7eb3fab5}" = Nero 9 Essentials
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5869CE1E-BC0B-4648-B1AE-6EF4A985590C}" = Dynamic Energy Saver 1.0 B8.0128.1
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{5DB161C0-7C9C-41D7-8DA1-CB112F60946B}" = Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack
"{64c5b887-b5ee-42b8-8596-78905a6b5f1f}" = Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{6C9F6D23-E9AD-43C9-B43A-011562AAF876}" = Windows Mobile 5.0 SDK R2 for Pocket PC
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{703D0527-B57E-4502-AB0B-82F8E6F48C97}" = AnkhSVN 2.1.7141.181
"{72CCBEA1-8D57-4981-A337-81019F28C5BA}" = Microsoft .NET Compact Framework 3.5
"{75E607CF-7BAE-4B88-84B3-97F3DF44BA28}" = FEARCombat
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B33F480-496D-334A-BAC2-205DEC0CBC2D}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.4148)
"{7B33F480-496D-334A-BAC2-205DEC0CBC2D}.vc_x86runtime_30729_4148" = Visual C++ 2008 x86 Runtime - v9.0.30729.4148
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client
"{80C06CCD-7D07-3DB6-86CD-B57B3F0614D8}" = Microsoft Visual Studio Team System 2008 Team Suite - ENU
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{849A32C3-E75A-4791-9B11-E568BA3525A4}" = Microsoft SQL Server VSS Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8D774B5B-A1D9-45B3-AFB4-3F85604961BC}" = ODF Add-in für Microsoft Word
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
"{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}" = Windows Mobile 5.0 SDK R2 for Smartphone
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.3
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA467959-A1D6-4F45-90CD-11DC57733F32}" = Crystal Reports Basic for Visual Studio 2008
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B1060346-9388-4C5B-AA52-176C39819E43}" = Microsoft .NET Compact Framework 2.0 SP2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B268E9A1-04A9-40D0-9866-846BE2B74BA7}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools
"{B28FC790-C93F-3A9C-A913-7E891487D1F1}" = Visual C++ 2008 IA64 Runtime - (v9.0.30729.4148)
"{B28FC790-C93F-3A9C-A913-7E891487D1F1}.vc_i64runtime_30729_4148" = Visual C++ 2008 IA64 Runtime - v9.0.30729.4148
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B32E7732-B2FB-3FD0-81AC-6025B1104C66}" = Microsoft Device Emulator version 3.0 - ENU
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5F6D97D-96DF-42B5-B2BD-0379B6AFAFE0}" = Power Toys for Visual Studio - Resource Refactoring Tool
"{B6EC7388-E277-4A5B-8C8F-71067A41BA64}" = TextPad 5
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Tools
"{CD49361E-3FE6-457E-90A1-9C59E29B5D02}" = Java DB 10.3.1.4
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EB3F5C2A-0754-38B8-8722-7B537006BF46}" = Microsoft Visual Studio 2008 Performance Collection Tools - ENU
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"7-Zip" = 7-Zip 4.57
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3-Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1186
"CCleaner" = CCleaner
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-01-24
"COMODO SafeSurf" = COMODO SafeSurf
"DevExpress 2009.1 IDETools" = DevExpress 2009.1 IDETools
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"GameSpy Arcade" = GameSpy Arcade
"GNU Aspell_is1" = GNU Aspell 0.50-3
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"ImgBurn" = ImgBurn
"IrfanView" = IrfanView (remove only)
"Java Platform, Enterprise Edition 5 SDK" = Java Platform, Enterprise Edition 5 SDK
"JDownloader" = JDownloader
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack" = Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack
"Microsoft Visual Studio Team System 2008 Team Suite - ENU" = Microsoft Visual Studio Team System 2008 Team Suite - ENU
"MiKTeX 2.7" = MiKTeX 2.7
"mIRC" = mIRC
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mumble" = Mumble and Murmur
"nbi-nb-base-6.1.0.1.200805300101" = NetBeans IDE 6.1
"nbi-tomcat-6.0.16.0.0" = Apache Tomcat 6.0.16
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"OpenVPN" = OpenVPN 2.1_rc19
"PunkBusterSvc" = PunkBuster Services
"RAR Password Recovery Magic_is1" = RAR Password Recovery Magic v6.1.1.355
"RivaTuner" = RivaTuner v2.09
"SpeedFan" = SpeedFan (remove only)
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 15620" = Warhammer 40,000: Dawn of War II
"Steam App 240" = Counter-Strike: Source
"Steam App 24710" = Command & Conquer Red Alert 3 Demo
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 440" = Team Fortress 2
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeXnicCenter_is1" = TeXnicCenter Version 1.0 Stable RC1
"TreeSize Free_is1" = TreeSize Free V2.3.3
"Trillian" = Trillian
"uTorrent" = µTorrent
"Veoh Web Player Beta" = Veoh Web Player
"Videora Android Converter" = Videora Android Converter 5.04
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"VLC media player" = VideoLAN VLC media player 0.8.6f
"VP Suite 3.4" = VP Suite 3.4
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.6
"World of Warcraft" = World of Warcraft
"XviD Video Codec" = XviD Video Codec (remove only)
"YouTube Downloader App" = YouTube Downloader App 2.03
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"727d1ea1876aa06e" = WowAceUpdater
"NoNameScript" = NNScript
"RapidMiner 5" = RapidMiner 5
"RapidMiner Series Extension" = RapidMiner Series Extension
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
--- --- ---
[/CODE]
Malwarebytes: Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 5020
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18975
02.11.2010 10:18:51
mbam-log-2010-11-02 (10-18-51).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 66398
Laufzeit: 17 Minute(n), 1 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
