TR/Crypt.EPACK.Gen2 auf meinem Rechner OTL Logfile: Code:
OTL Extras logfile created on: 09.04.2011 13:35:35 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sellmann\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.022,00 Mb Total Physical Memory | 104,00 Mb Available Physical Memory | 10,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 46,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,88 Gb Total Space | 76,35 Gb Free Space | 33,95% Space Free | Partition Type: NTFS
Computer Name: SELLMANN-PC | User Name: Sellmann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"AntiVirusDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 1
"FirewallOverride" = 0
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3811333571-3079259545-4140786328-1002]
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016795ED-7B30-45FB-B2B7-B99BF2609040}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{0464D1C5-19A5-43A9-B9CA-6D59F728F99D}" = lport=rpc | protocol=6 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{0A3E5D05-7095-464B-BD46-1ADA744F9933}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=c:\windows\system32\dfsr.exe |
"{0A435305-3FB7-4BE6-BA98-2C78F7A39EF0}" = rport=5358 | protocol=6 | dir=out | app=system |
"{0A534FE4-AF2F-4BE0-8C3A-454BF9B8A2B1}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{10F68A5C-47EB-430C-919E-A009C8A134D1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{12B681FF-9BFD-4B85-8823-6BE3CA96B747}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{16AE8708-A560-431E-8799-024907924AB6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{1A77CBD5-6230-40B1-81E9-A10A072DB112}" = lport=139 | protocol=6 | dir=in | app=system |
"{1B57C440-7DC3-4C67-9E91-6C6D275EAF23}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{1B951F6C-6CF0-449B-8A43-035823FC27D7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{2505B1B4-97C1-4049-A28F-2B95B28A7DE5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{25CCEC2A-08AF-42D4-9121-EB624C4387C2}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=c:\windows\system32\svchost.exe |
"{27966C4C-81D9-4BAA-919B-6C2475E379A7}" = lport=138 | protocol=17 | dir=in | app=system |
"{325A51FD-8734-4020-82A0-4ACDF87D15B2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{36C60A6D-601B-4FB4-AF8B-F40FB7F83095}" = lport=445 | protocol=6 | dir=in | app=system |
"{3A9E62B8-7B73-48FB-83D8-3B8656F013B0}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{3F2893E8-0F38-45E6-A409-FEFD851A2FE3}" = rport=137 | protocol=17 | dir=out | app=system |
"{4262FABF-E0B2-4CDA-B976-A1BA162E984C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{4329129F-3931-4C89-933A-47133908B5E5}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{46247A2A-2442-4293-A0D2-50813576F285}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\netproj.exe |
"{47FDC83D-C6EC-449E-A6FF-A0E806CE4896}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=c:\windows\system32\dfsr.exe |
"{484B25A5-366E-41E2-BC9E-A5D158247D90}" = lport=5357 | protocol=6 | dir=in | app=system |
"{4AC4AEB4-C7B3-486C-9A6D-16160C69E8DE}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=c:\windows\system32\svchost.exe |
"{4C81D876-AF97-4579-AE74-F95EFFE5733B}" = rport=1723 | protocol=6 | dir=out | app=system |
"{50347EA9-F34D-4FFE-9D91-714294EE9808}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{52F36BEE-CFFF-460B-9059-438037F343CA}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{54ADAF39-2BD1-4050-9314-DB245B8203C5}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{54BB35EA-A8A2-4238-A900-DF0864A915C5}" = lport=1723 | protocol=6 | dir=in | app=system |
"{557FDE3C-8FDB-4D08-83BD-6A039846969A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{55D662A2-D4E6-4D40-8FC4-CEBEF577FB0B}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe |
"{58000CCE-D3D9-4186-A443-D716AC2224C2}" = lport=80 | protocol=6 | dir=in | name=@wsmres.dll,-50 |
"{596850DE-984F-45A4-97BE-0A9598E8C49F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{5ABFD4B2-FADA-4DB2-B96F-91F1FA1DEA6F}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=c:\windows\system32\svchost.exe |
"{6260B6A7-BE0A-4839-BA98-49814FB26B1E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{63FBCCD4-022B-44B2-81EC-78EFD4791AE7}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
"{65485E31-1C1B-4A27-8D15-6A9A30C0830E}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
"{671F43FC-39EE-43F2-A98E-FC7EF401BB16}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{6B386F23-8AF4-457A-BEC9-810179748D20}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{6B3E7D81-B567-4DD9-9D50-ECD3DB9AB994}" = rport=138 | protocol=17 | dir=out | app=system |
"{6BE051B5-BF4A-4124-BFD7-535CAC09A3C6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6EC516D2-DC7A-43F2-9BC5-72D973B96204}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{75444F92-0724-466C-8F0C-E1406E13E575}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{75E30091-3630-44B1-BEA6-4D8DD50C2D81}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{79A61B94-A5D4-4241-99B0-F5DA5D4BDC44}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{80CD8EA2-BDB7-4400-8A51-1BAE8B8189D6}" = lport=3390 | protocol=6 | dir=in | app=system |
"{81C5CE35-2984-42DB-BC92-371A8E8C0ED7}" = lport=4662 | protocol=6 | dir=in | name=127.0.0.1 |
"{8252D6EB-9A86-4638-8C67-D8BE57D1869B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{8258DAE4-F2C4-4F57-9BB3-B73120B15EB7}" = rport=445 | protocol=6 | dir=out | app=system |
"{832BE37B-E553-42E2-9B44-6395438DEC44}" = lport=3702 | protocol=17 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{846DB756-C180-4462-AE9E-86E07DE04B9A}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe |
"{84920034-88FE-4324-90D9-4DC2F68D5969}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{8B34883E-8397-4855-A449-7C380A4A65C7}" = lport=2178 | protocol=6 | dir=in | app=system |
"{8B5EED41-9FFF-4E2A-A890-0E8445040AEA}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{8CA8A5A8-1743-4A84-A4B8-9F2870DCC4B5}" = rport=5357 | protocol=6 | dir=out | app=system |
"{8DAC4A45-2FD1-4767-AE63-A2D2A8AE406D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{8F0B22E7-8647-45B1-B75D-4D3A7E2054AC}" = rport=10244 | protocol=6 | dir=out | app=system |
"{8F24F4AB-A1F8-4912-B10D-BF7E532800C5}" = rport=2178 | protocol=6 | dir=out | app=system |
"{91D6DBB1-8B48-4651-8A80-651DDA2AA069}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{9225D6B9-5D39-4DBE-AF2B-06B9A884E749}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{9412CB35-4D42-40B7-BA49-9B21F82F2268}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9649E6CD-624C-4184-8833-C9FE201A533C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{983D934D-CC52-4C29-9ED3-9FC88B94A51E}" = lport=5985 | protocol=6 | dir=in | app=system |
"{98C33C1E-AAD7-4520-BFF7-634FB258E76A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9BD7ACEC-2823-41A1-B79E-6A615FA3074D}" = rport=139 | protocol=6 | dir=out | app=system |
"{9C3CB063-5570-4F12-8B77-F74F85E1BB95}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9EC35D60-8DF4-4713-A194-888E96959419}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{A44A14C4-3615-4080-89B5-8D974FF6DACD}" = lport=445 | protocol=6 | dir=in | app=system |
"{A66D9397-807E-4D37-952C-5526D7A27AFE}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{A6F1641D-9BAE-45D3-83BB-E1FF62C538C2}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{A74EF3E3-16D3-47AD-B043-958558ED1ECC}" = rport=3702 | protocol=17 | dir=out | svc=bits | app=c:\windows\system32\svchost.exe |
"{AE1C34D9-4101-42BE-A536-4341190244BA}" = lport=445 | protocol=6 | dir=in | app=system |
"{AF70541A-D6E6-4018-B61F-DD1ACD6A3A62}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=c:\windows\system32\svchost.exe |
"{B1601CE7-40DC-4D8C-8AD9-4176D2C9F11A}" = lport=1701 | protocol=17 | dir=in | app=system |
"{B23A2299-5154-4C1E-AF6D-81204DF06AA4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{B3E4AE09-F332-4B6D-8ABB-915220F49BD3}" = lport=10244 | protocol=6 | dir=in | app=system |
"{B4B86A43-3685-471A-A398-6A25062F0A47}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B57B6A2D-9375-4B03-932F-CD84102828CF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{B7538422-9B55-43A8-A2A8-AE78A07CD324}" = lport=137 | protocol=17 | dir=in | app=system |
"{B9072A20-F1C9-4309-8E8C-690AA8443B5C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{BB3F90BF-846D-40C2-8591-181F95A6713E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{BD922457-FAFE-4508-8269-5A506807FDD1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C52BFB95-5BA2-428A-AD53-8B6AA386BD12}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\netproj.exe |
"{C765C6C2-08AD-447B-9C7E-73E7450C9ADB}" = lport=445 | protocol=6 | dir=in | app=system |
"{CB8BF7EB-F5CC-44E9-9F75-851E5331B338}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{CC9B6414-68F0-4DAD-AA81-28506FBD3F9C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D1B83FB1-77E2-4ABD-8B8A-03982D10B081}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\services.exe |
"{D4497ACE-A3AA-4084-B8F6-A2E171EAA8E6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D7219496-5370-4927-9E5D-BB9BE0C30383}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{E1C2586D-F8B9-4F23-8DF5-9F6908D54084}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=c:\windows\system32\svchost.exe |
"{EA86B6D4-C3DC-455A-B1A4-A76937FC5730}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{F1A6D9D5-A25B-4F56-8346-DA7DA1BAEFD7}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=c:\windows\system32\vds.exe |
"{F303D2CE-69E3-4616-B8B6-BCEF325178DE}" = lport=5358 | protocol=6 | dir=in | app=system |
"{F7CC8961-99BF-4823-8614-B117FEBF3264}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{F8148DAD-4E44-468D-8F96-212679E14D1E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{F875E986-A067-442D-AF7A-9345D6CE590A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{FB825729-D8D8-4436-9F9D-1F4AEA77A2BE}" = rport=1701 | protocol=17 | dir=out | app=system |
"{FB848198-A9BF-4663-A3F5-AF143069FBF3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{FF38E3D8-5C9F-49A8-851E-C85A1A9C3D67}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\vdsldr.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0466EB72-6993-4A05-93E0-412EC272689B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0CD6AE55-DC65-41C0-BAE5-5333F841234C}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{106BE549-DA09-4347-B93F-80A417C0CE44}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{164CD31B-F384-4B62-BBEF-31A038B91DCA}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{175F7B1B-914C-4F0A-A40B-CF7F4EDEABC1}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{177C2D9F-1BFD-4690-A706-97C9AEF29052}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{189889F7-4975-4DD6-95F7-F03A09F9A91B}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{1AEBB177-084F-41AA-BE9E-CD15FFC42880}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{1C00923C-7F1A-4B27-98FC-0CE9AB61EC10}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{1C849A33-6D6E-4253-9835-F11BB0E540C7}" = protocol=6 | dir=out | svc=winmgmt | app=c:\windows\system32\svchost.exe |
"{1D05EBC2-5B99-4DD9-AD4C-5B776829E855}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{1E4D7368-7A87-4AB1-A857-D1437A7B4495}" = protocol=6 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |
"{1E508D40-A8A1-4A51-92AD-02CC0C1A962F}" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\foldershare\foldershare.exe |
"{2068340D-ABDD-4722-AEA1-38820F1934B4}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{22C7A555-4BD4-4813-AB30-3A290FA88F92}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{2F11E128-5982-4004-8C1D-42776535270A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2F3D8AD8-461C-47B1-8051-503694FD8CB3}" = protocol=6 | dir=in | app=c:\windows\system32\netproj.exe |
"{34024190-6F5D-4A81-A461-36E9B08786A6}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{341BD55D-D7D1-4FAD-BBF9-6B26CA0FC5F5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3539E214-035F-4204-83EB-625B545E6C81}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{399E28B8-EDC3-41F7-A550-E67EFD1F0DFC}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3BB013F5-AE41-46EB-9E3F-FAC2B6FEA48E}" = protocol=6 | dir=out | app=c:\windows\system32\msdtc.exe |
"{3D47DE79-F864-42E2-909D-8F4E8F3C2649}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3D6DDB58-670B-48A1-A2F8-99BC30A0AB83}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{454795DC-6199-4086-AD8E-5B3EB168BB1A}" = protocol=6 | dir=in | app=c:\windows\system32\msdtc.exe |
"{4DC6B01C-3744-4BD2-BD65-9AFBE694F44B}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{4F002D31-023D-4B29-A40A-2266C1C773A9}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{59B5789E-1787-4C5A-A753-4E4F266EDE7E}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{5FB35A56-9526-4FA0-BA21-852F851C0D29}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{682151E1-03FC-4A49-882B-FFBCD7E42F63}" = protocol=17 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |
"{6B9D4F95-A517-45C5-B3C5-E732F4A09436}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{6C2B2056-436E-43CF-92FB-AFB837597F6C}" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\foldershare\foldershare.exe |
"{6C3774DD-8B8F-451F-B1CD-F4F8E79CEDB2}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{70617C99-8502-42A7-B392-A41C59509548}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{74285831-FCA7-4CF9-B579-B8D5862BEAD7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{76058906-E1CB-4538-901D-8A2C0011FDAB}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{7A2F5B41-3B6F-4326-9351-84060B376654}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{81C94825-2D50-4F2B-83BB-0B18C3B0A222}" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\foldershare\foldershare.exe |
"{8421C50A-1C72-404F-A3E5-5DF30A917CC3}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{862452DE-84FE-487F-8B2F-DB5FA7451C14}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{8632759F-52FF-4EA4-9915-01C159A5C725}" = dir=in | app=c:\windows\system32\csrspl.exe |
"{89C05A69-A5BE-4686-8F59-941475E09DD5}" = protocol=6 | dir=in | app=c:\program files\emule\linkcreator.exe |
"{8DB983A2-0BFB-46A4-B510-8D4B889F4039}" = protocol=6 | dir=in | app=c:\windows\system32\plasrv.exe |
"{92D102F9-E372-4916-85DF-6ACCDDF31133}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{954653E1-41F5-4D84-A031-CE17667E0CB6}" = protocol=6 | dir=out | app=system |
"{97A76780-164D-4DA0-8319-BF5FEE00ABE1}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{993A950E-E4FD-4FA7-A81F-8EC3B784DEDA}" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\foldershare\foldershare.exe |
"{9B4021CA-E326-4618-AE9E-6BFD9936F22A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{9EDDF297-8349-4A8B-A2F7-42BDD9758ABC}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{A3112A53-BCA6-4C0A-B5C6-27AB528011C9}" = protocol=6 | dir=in | app=c:\program files\mail.ru\agent\magent.exe |
"{A440F075-4D05-4A0E-9729-EFC5D0313417}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{A5C2737E-00C5-45BF-87EA-210E2D1437A1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A7F0A5F9-E9AB-47DF-A7A4-E8DFC4E1CA6C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{AD4097BC-8861-476B-92D9-F4B9ABD97BBA}" = protocol=6 | dir=out | app=c:\windows\system32\netproj.exe |
"{AE8A677C-A11E-4E27-9608-BB58BC9B95DF}" = protocol=6 | dir=in | app=c:\windows\system32\wbem\unsecapp.exe |
"{B26A125A-5DAE-423A-988D-84022D3C1D01}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{B42B39FC-F133-410D-9D56-937F7CC27B7A}" = protocol=6 | dir=out | app=system |
"{B6D4559D-4048-42B3-B893-22224301EDF7}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{BF1F6D2E-9899-4194-91D2-CA53255CDAD2}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{C36DB973-7709-474C-83F5-03BC0242B222}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{C8EBFFEB-9D9A-49B9-B567-406A069FB8C2}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{CED0A61B-7DBF-4D8A-9392-4862204CBD1D}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{CFEFE67E-FBDC-4687-AE64-E74FBE48C1A5}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{D0B410FA-4121-404A-9646-F3AAC08A4C81}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{D0B88312-69D3-4B11-B8DF-9BDD3C55775A}" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"{D98283E6-3C86-46A8-B0B5-1583E3630F59}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D9FA026A-8540-4E39-818D-45C9EAE70A46}" = protocol=6 | dir=in | svc=winmgmt | app=c:\windows\system32\svchost.exe |
"{E1466B0B-386D-4DD6-8AA2-4B0869536EAD}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{E36F32D8-61EE-4448-97B7-17EBE128A817}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{E3A17B60-2DFF-44F3-83D0-EB72A937D618}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E463C073-AEA5-4BB4-9287-EBD98A9B83B4}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{EBF8BB14-1F5D-44C5-9467-407A23E64307}" = protocol=17 | dir=in | app=c:\program files\emule\linkcreator.exe |
"{ED0EB026-D2E2-42B7-AFEA-9CD7CEEB2546}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"{F212F669-D114-4B56-87F0-267B2514CAC8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{F5A52116-5915-4BF6-BA7A-D4AEAF76DA75}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F67E6010-364F-4DB1-8EB3-F595DE62CBD5}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{F8B15043-2808-447C-AE24-13264ACED3AE}" = protocol=17 | dir=in | app=c:\program files\mail.ru\agent\magent.exe |
"{FEED68CD-AF78-44E9-B802-D9673C6A9709}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"TCP Query User{03FBDFB4-94E7-455A-9948-90AB4D683D55}C:\program files\metin2_germany\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2_germany\metin2.bin |
"TCP Query User{088FC1BA-47C0-40B0-95E2-E065F00024A1}C:\users\sellmann\appdata\local\temp\rar$ex01.719\client\extremmt2.exe" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex01.719\client\extremmt2.exe |
"TCP Query User{0A831046-D829-4E14-A404-FCC2B0BC72BC}C:\users\sellmann\appdata\local\temp\rar$ex03.016\client\extremmt2.exe" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex03.016\client\extremmt2.exe |
"TCP Query User{0E700347-49AA-48A7-ABC6-A04D29138E0B}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{270FF09E-C2AF-4D49-83AC-016182DB0B3E}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"TCP Query User{2C887386-E662-418B-9489-CC5D973C3D54}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{3AC04221-E00C-4ECD-992F-8407AB1DFFE4}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{3D52224C-91F4-42B0-A829-569C165D594A}C:\program files\freetvradio\freetvradio.exe" = protocol=6 | dir=in | app=c:\program files\freetvradio\freetvradio.exe |
"TCP Query User{3E6F8E27-E37C-4D70-8ABC-DFB98E3D3BF6}C:\users\sellmann\appdata\local\temp\rar$ex01.672\client\extremmt2.exe" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex01.672\client\extremmt2.exe |
"TCP Query User{4FE1C0A9-3E6A-4308-8529-E7E2F2503CF5}C:\program files\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin |
"TCP Query User{587AB168-6A99-49D1-AA31-B8E63BFD1DA5}C:\program files\amule\amule.exe" = protocol=6 | dir=in | app=c:\program files\amule\amule.exe |
"TCP Query User{656E03A8-B0EC-4C2C-9402-45227EB6D1D0}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{6582587D-C690-4FED-B7DC-62A9C485198C}C:\users\sellmann\appdata\local\temp\rar$ex00.781\client\extremmt2.exe" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex00.781\client\extremmt2.exe |
"TCP Query User{6F0475CC-8885-4653-9C6D-6115770EEC30}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{6F0B4EC8-E571-46F0-ADCF-9EA74D699FEA}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{6F44B5F2-EEFE-4CE0-B7C0-E400FE7E64FB}C:\program files\red clash '93\rc93.exe" = protocol=6 | dir=in | app=c:\program files\red clash '93\rc93.exe |
"TCP Query User{81C0AD2E-FE3B-4519-A982-CEFAC161D2A2}C:\users\sellmann\appdata\local\temp\rar$ex01.188\client\extremmt2.exe" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex01.188\client\extremmt2.exe |
"TCP Query User{888EB17E-8F3D-4DDD-A715-EB9839BC0DB2}C:\users\sellmann\appdata\local\temp\rar$ex06.281\client\extremmt2.exe" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex06.281\client\extremmt2.exe |
"TCP Query User{8988A392-6EA0-4486-A489-E3A68A212487}C:\program files\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2client.bin |
"TCP Query User{A32C2982-00F1-47AD-83E9-FC8135E74402}C:\users\sellmann\appdata\local\temp\rar$ex13.844\client\extremmt2.exe" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex13.844\client\extremmt2.exe |
"TCP Query User{AA07CBCD-6F0E-49BA-A747-2DD23C2DBBFA}C:\program files\microsoft games\midtown madness 2\midtown2.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\midtown madness 2\midtown2.icd |
"TCP Query User{AA3E8353-4275-45E4-A79B-25A6822DA241}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{AFED0442-932F-45D2-8175-7E6E85EA4C45}C:\users\sellmann\appdata\local\temp\rar$ex00.953\client\extremmt2.exe" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex00.953\client\extremmt2.exe |
"TCP Query User{CACEF0FA-05DE-4D30-829C-9750EB07434E}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{D3F8E7D2-5AA3-4A37-98DE-9316B518416F}C:\users\sellmann\appdata\local\temp\rar$ex08.266\client\extremmt2.exe" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex08.266\client\extremmt2.exe |
"TCP Query User{D7C00D31-2B5B-4588-B662-B100C3D909C4}C:\users\sellmann\appdata\local\temp\usmt\migwiz.exe" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\temp\usmt\migwiz.exe |
"TCP Query User{D8790014-367F-4533-A96E-44A60CA0A0FF}C:\program files\metin2_germany\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2_germany\metin2.bin |
"TCP Query User{D8AB5021-F30E-419D-90AF-27F58CA36782}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{DD99B602-42E4-4F33-9005-C5554D60EED0}C:\users\public\phone\skype.exe" = protocol=6 | dir=in | app=c:\users\public\phone\skype.exe |
"TCP Query User{DEFBB0B5-0C3B-4F01-960F-C266C78EA40F}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{E7920A6B-D290-42FB-AFAF-15B9C12FFCBD}C:\users\sellmann\desktop\spiele\neuer ordner\extremmt2-alterclient\client\extremmt2.exe" = protocol=6 | dir=in | app=c:\users\sellmann\desktop\spiele\neuer ordner\extremmt2-alterclient\client\extremmt2.exe |
"TCP Query User{EA9CAFA4-095D-4D9B-8048-CB40AC894E16}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{EC004B82-1A0A-4722-8772-8625DFF054B3}C:\users\sellmann\appdata\local\temp\rar$ex00.797\client\extremmt2.exe" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex00.797\client\extremmt2.exe |
"TCP Query User{ED8B2323-94AC-4AAA-9113-F5780229E1F6}C:\users\sellmann\appdata\local\temp\rar$ex01.812\client\extremmt2.exe" = protocol=6 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex01.812\client\extremmt2.exe |
"UDP Query User{0B04E52E-21A3-4D2A-BA57-DB09617F4F70}C:\users\sellmann\appdata\local\temp\rar$ex01.719\client\extremmt2.exe" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex01.719\client\extremmt2.exe |
"UDP Query User{1C94C9C7-8CE1-4141-B24F-6C9DCA36AD25}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{1CB3B912-4CE1-4CDF-9C36-58E4C25FE282}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{2A3C69AE-5524-468C-8447-6FABA67D8BF8}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{2C88ABC5-2D01-47F7-8CCF-4C72AA325D2B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{388FA26B-EE11-4958-A48C-59186629D1CD}C:\users\sellmann\appdata\local\temp\usmt\migwiz.exe" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\temp\usmt\migwiz.exe |
"UDP Query User{3E4B11EC-4123-4384-923A-4D9EEC0C3E71}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{477D8F2D-6F06-43E7-8BD4-9A12F1A58018}C:\users\public\phone\skype.exe" = protocol=17 | dir=in | app=c:\users\public\phone\skype.exe |
"UDP Query User{4807DC37-921B-4130-A888-25C5CD7949E2}C:\program files\metin2_germany\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2_germany\metin2.bin |
"UDP Query User{496B5D5F-2A71-4821-9330-D5D453B99054}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4A856E9A-F713-4432-A0CB-527912F387B6}C:\users\sellmann\appdata\local\temp\rar$ex00.781\client\extremmt2.exe" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex00.781\client\extremmt2.exe |
"UDP Query User{4EA82BFF-47E0-4546-B9DF-B767C081355B}C:\program files\metin2_germany\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2_germany\metin2.bin |
"UDP Query User{53A0BFD9-741D-4E9C-9996-07C8E6B32A8D}C:\users\sellmann\appdata\local\temp\rar$ex06.281\client\extremmt2.exe" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex06.281\client\extremmt2.exe |
"UDP Query User{57ABBA2D-20FB-4861-84D0-9B5028E074D0}C:\users\sellmann\appdata\local\temp\rar$ex08.266\client\extremmt2.exe" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex08.266\client\extremmt2.exe |
"UDP Query User{5B844E58-A150-4B96-91F2-2CFE3EC9543E}C:\users\sellmann\appdata\local\temp\rar$ex01.188\client\extremmt2.exe" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex01.188\client\extremmt2.exe |
"UDP Query User{5BB40506-0C01-41C0-A29F-B0CB6FC58385}C:\users\sellmann\appdata\local\temp\rar$ex13.844\client\extremmt2.exe" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex13.844\client\extremmt2.exe |
"UDP Query User{642F6801-B11B-4FDE-B9ED-F0B1C81FC6AC}C:\users\sellmann\appdata\local\temp\rar$ex01.672\client\extremmt2.exe" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex01.672\client\extremmt2.exe |
"UDP Query User{71D09E0E-47CB-4DD1-8B4B-628B2986DC9B}C:\users\sellmann\appdata\local\temp\rar$ex00.953\client\extremmt2.exe" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex00.953\client\extremmt2.exe |
"UDP Query User{76592BD5-399D-440D-9BAF-93FD66B850EB}C:\program files\freetvradio\freetvradio.exe" = protocol=17 | dir=in | app=c:\program files\freetvradio\freetvradio.exe |
"UDP Query User{8019645D-07D4-4010-A689-6648164A7FD8}C:\users\sellmann\appdata\local\temp\rar$ex03.016\client\extremmt2.exe" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex03.016\client\extremmt2.exe |
"UDP Query User{89CDE052-8CF2-442E-AB1A-7DC5AD81EE39}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{8BB59825-1E97-4C9F-B0FF-BFFB3F635AAB}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{909532DB-A33F-4830-93E4-1C7674A9357F}C:\program files\amule\amule.exe" = protocol=17 | dir=in | app=c:\program files\amule\amule.exe |
"UDP Query User{96F71D99-27C7-4736-BC3F-93C3F87411A3}C:\users\sellmann\appdata\local\temp\rar$ex01.812\client\extremmt2.exe" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex01.812\client\extremmt2.exe |
"UDP Query User{98C923B5-BA7F-49C8-A6EE-81F4B9C27707}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{A042CEF3-27D9-4CE0-92BF-E9D50A975936}C:\users\sellmann\desktop\spiele\neuer ordner\extremmt2-alterclient\client\extremmt2.exe" = protocol=17 | dir=in | app=c:\users\sellmann\desktop\spiele\neuer ordner\extremmt2-alterclient\client\extremmt2.exe |
"UDP Query User{A88B4C62-8DAA-4162-BB36-5FC23B0370C7}C:\program files\microsoft games\midtown madness 2\midtown2.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\midtown madness 2\midtown2.icd |
"UDP Query User{ACE719C0-4965-4D8B-BA65-E382C212D5D8}C:\users\sellmann\appdata\local\temp\rar$ex00.797\client\extremmt2.exe" = protocol=17 | dir=in | app=c:\users\sellmann\appdata\local\temp\rar$ex00.797\client\extremmt2.exe |
"UDP Query User{B69D9A19-9693-4FCF-B0F3-2A15B830A3DF}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{CAFAE562-206A-4381-96DE-476C0B2D9A44}C:\program files\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2client.bin |
"UDP Query User{D2345451-D89B-4F89-AD51-84E652D9C6C9}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"UDP Query User{E9998B9E-65C9-4FEC-A6C2-451363E4F8F9}C:\program files\red clash '93\rc93.exe" = protocol=17 | dir=in | app=c:\program files\red clash '93\rc93.exe |
"UDP Query User{FA3D7293-B747-4240-B044-77E46AB061FB}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{FB918105-3B4E-4D16-A227-84AE35D51EDB}C:\program files\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05440044-64A6-4248-A026-9745C1E9E159}" = Microsoft Encarta Enzyklopädie 2005
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0F32914F-A633-4516-B531-7084C8F19F93}" = Haufe iDesk-Browser
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{27F10580-E040-11DF-8C28-005056B12123}" = Haufe iDesk-Service
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3BEFC315-7F74-4F71-B704-2CAF4DC046BB}" = Steuer-Hilfesammlung 2010
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It!-Bibliothek 10
"{406A89D6-09E6-4550-B370-8D376DDB56BE}" = Adobe Flash Player 10 ActiveX
"{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Foto Premium 10
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{4B526075-AF27-47A2-860D-3DA92928A051}" = Steuer 2010
"{4B55E0A8-07F5-4966-9B7B-D32C8ADC0FF4}" = Digimax Converter
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{67E4EE98-59F4-4220-89A6-A20AF5BEC689}" = Microsoft AutoRoute 2005
"{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90260407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Creator 9 LE
"{B9A17C96-1348-45CB-BB0A-1BCB3A0F854E}" = Bluesoleil2.7.0.35 VoIP Release 080317
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1D5EC14-C943-4F78-A914-BA89D6BC8B2A}" = Windows Live FolderShare Beta
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C438DF2B-C5DF-4783-9CA5-9B89E501FA62}" = Works Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C6A12D9B-D86A-4ee6-B980-95E4B26A2E13}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D359B12F-9B1A-46FD-B70C-F507B5B11590}" = HDRegDE
"{D593C72C-435B-4171-8106-9CA8AA34D716}" = Belkin Wireless Driver
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AUDIO_REALTEK" = Realtek HD Audio V6.0.1.5322
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CREATOR9" = Creator 9
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Flashplayer" = Flash Player plugins 9
"GamersFirst LIVE!" = GamersFirst LIVE!
"GamersFirst War Rock" = War Rock
"Google Updater" = Google Updater
"Infocentre" = Infocentre Rev. 2.0
"Lexmark 1200 Series" = Lexmark 1200 Series
"Metin2_is1" = Metin2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NIS2007_DE" = NIS2007
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"oqibc" = Favorit
"PictureItPrem_v10" = Microsoft Picture It! Foto Premium 10
"Rekkaturvat" = Truck Dismount (remove only)
"SETUPMYPC_DE" = SetUp My PC
"Shockwave" = Shockwave
"SKYPE" = Skype 2.5.2.151
"SysDoc1_is1" = ArchiCrypt System Doctor Version 1.2.3.2231
"Updator" = Packard Bell Updator
"VIDEO_NVIDIA" = Video NVIDIA v97.46
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.1
"VN_VUIns_Rhine_VIA" = VIA Rhine Family Fast Ethernet Adapter
"WChat" = Westwood Online
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Works2005Setup" = Setup-Start von Microsoft Works 2005
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report > --- --- ---
OTL Logfile: Code:
OTL logfile created on: 09.04.2011 13:35:35 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sellmann\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.022,00 Mb Total Physical Memory | 104,00 Mb Available Physical Memory | 10,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 46,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,88 Gb Total Space | 76,35 Gb Free Space | 33,95% Space Free | Partition Type: NTFS
Computer Name: SELLMANN-PC | User Name: Sellmann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Sellmann\Desktop\OTL(2).exe (OldTimer Tools)
PRC - C:\Windows\Temp\Fvt.exe ()
PRC - C:\Windows\Temp\Fvs.exe ()
PRC - C:\Windows\Temp\Fvr.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ()
PRC - C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Windows\System32\Crypserv.exe (CrypKey (Canada) Ltd.)
========== Modules (SafeList) ==========
MOD - C:\Users\Sellmann\Desktop\OTL(2).exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (csrspl.exe) -- File not found
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (BlueSoleil Hid Service) -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ()
SRV - (Start BT in service) -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (Crypkey License) -- C:\Windows\System32\Crypserv.exe (CrypKey (Canada) Ltd.)
========== Driver Services (SafeList) ==========
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (FETND6V) -- C:\Windows\System32\drivers\fetnd6v.sys (VIA Technologies, Inc. )
DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc)
DRV - (Btcsrusb) -- C:\Windows\System32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\Windows\System32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BlueletAudio) -- C:\Windows\System32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (BELKIN) -- C:\Windows\System32\drivers\BLKWGU.sys (Belkin Corporation. )
DRV - (BT) -- C:\Windows\System32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\Windows\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\Windows\System32\Drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\Windows\System32\drivers\VCommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\Windows\System32\drivers\VComm.sys (IVT Corporation.)
DRV - (VX3000) -- C:\Windows\System32\drivers\VX3000.sys (Microsoft Corporation)
DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (NetworkX) -- C:\Windows\system32\ckldrv.sys ()
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (Tosrfbd) -- C:\Windows\System32\drivers\TosRfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\TosRfhid.sys (TOSHIBA Corporation.)
DRV - (TosRfSnd) Bluetooth Audio Device (WDM) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosporte) -- C:\Windows\System32\drivers\Tosporte.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (Tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (toshidpt) -- C:\Windows\System32\drivers\Toshidpt.sys (TOSHIBA Corporation.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\..\URLSearchHook: {83821C2B-32A8-4DD7-B6D4-44309A78E668} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.02.17 22:08:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.03 18:31:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.03 12:11:57 | 000,000,000 | ---D | M]
[2011.04.03 12:56:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sellmann\AppData\Roaming\mozilla\Extensions
[2011.04.03 12:56:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sellmann\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2011.04.08 18:39:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sellmann\AppData\Roaming\mozilla\Firefox\Profiles\x45uizjg.default\extensions
[2010.11.30 09:40:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sellmann\AppData\Roaming\mozilla\Firefox\Profiles\x45uizjg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.03 12:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2008.08.02 21:54:19 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.06.16 14:10:31 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.03 12:12:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.04.03 12:11:42 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.02.28 16:27:16 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Programme\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010.11.29 01:00:52 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.11.29 01:00:52 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.11.29 01:00:52 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.11.29 01:00:52 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.11.29 01:00:52 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.07.28 12:36:07 | 000,317,952 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 10907 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\..\Toolbar\WebBrowser: (no name) - {09900DE8-1DCA-443F-9243-26FF581438AF} - No CLSID value found.
O3 - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKU\.DEFAULT..\Run: [W5E7SH31DG] C:\Windows\Temp\Fvs.exe ()
O4 - HKU\S-1-5-18..\Run: [W5E7SH31DG] C:\Windows\Temp\Fvs.exe ()
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002..\Run: [3EFB0E1E7E2F52CE] C:\YouMeetWeWo\YouMeetWeWo.exe (Kclpilsala Gmxkqw)
O4 - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002..\Run: [Mtopuf] C:\Users\Sellmann\AppData\Local\ogohetiqaquhe.dll (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002..\Run: [Xbuguqoqiwog] C:\Users\Sellmann\AppData\Local\KBtogape.dll (FileZilla Project)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe (Adobe Systems, Inc.)
O4 - HKLM..\RunServices: [SSDPSRV] C:\Windows\System32\ssdpsrv.exe (Microsoft Corporation)
O7 - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-3811333571-3079259545-4140786328-1002\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.212.62.62 192.168.0.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\System32\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Sellmann\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Sellmann\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: avgnt - hkey= - key= - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
MsConfig - StartUpReg: CollaborationHost - hkey= - key= - File not found
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: ICQ - hkey= - key= - File not found
MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - c:\Programme\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: kycig - hkey= - key= - File not found
MsConfig - StartUpReg: Nemobar - hkey= - key= - C:\Programme\NemoBar\Nemobar.exe (EFD Software)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg: NvSvc - hkey= - key= - File not found
MsConfig - StartUpReg: Pando Media Booster - hkey= - key= - C:\Programme\Pando Networks\Media Booster\PMB.exe ()
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RoxWatchTray - hkey= - key= - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: Sidebar - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - File not found
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: VX3000 - hkey= - key= - File not found
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: Windows Live FolderShare - hkey= - key= - C:\Users\Sellmann\AppData\Local\FolderShare\FolderShare.exe (Microsoft Corporation)
MsConfig - StartUpReg: Windows Mobile-based device management - hkey= - key= - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.5.1
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.5.1
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2011.04.09 12:43:03 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Sellmann\Desktop\OTL(2).exe
[2011.04.09 11:50:51 | 007,109,120 | ---- | C] (Uniblue Systems Ltd ) -- C:\Users\Sellmann\Desktop\registrybooster.exe
[2011.04.09 11:36:09 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Sellmann\Desktop\OTL.exe
[2011.04.09 10:55:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.04.07 20:43:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\1441A05E61B5CCABF2D20B2B73E67851
[2011.04.06 17:20:20 | 000,000,000 | ---D | C] -- C:\Users\Sellmann\AppData\Local\{515086EB-3989-47D6-8DD7-46B28379B61E}
[2011.04.06 17:05:59 | 000,000,000 | ---D | C] -- C:\Users\Sellmann\AppData\Roaming\kock
[2011.04.04 15:46:33 | 000,000,000 | ---D | C] -- C:\Users\Sellmann\AppData\Roaming\Lexware
[2011.04.03 12:56:18 | 000,000,000 | ---D | C] -- C:\Users\Sellmann\AppData\Roaming\Haufe Mediengruppe
[2011.04.03 12:56:18 | 000,000,000 | ---D | C] -- C:\Users\Sellmann\AppData\Local\Haufe Mediengruppe
[2011.04.03 12:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer
[2011.04.03 12:16:29 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Haufe
[2011.04.03 12:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2010
[2011.04.03 12:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2011.04.03 12:14:04 | 000,000,000 | ---D | C] -- C:\Programme\Lexware
[2011.04.03 12:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2011.04.03 12:12:38 | 000,000,000 | ---D | C] -- C:\Programme\Haufe
[2011.04.03 12:12:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Haufe
[2011.04.03 12:11:57 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.03 12:11:57 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.04.03 12:11:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.04.03 12:11:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.04.03 12:06:54 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Lexware
[2011.04.03 12:06:53 | 000,000,000 | ---D | C] -- C:\Users\Sellmann\AppData\Local\Lexware
[2011.03.23 19:40:35 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.03.23 19:40:34 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.03.13 16:33:50 | 000,000,000 | ---D | C] -- C:\Users\Sellmann\AppData\Roaming\Apple Computer
[2011.03.13 16:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.03.13 16:31:59 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.03.13 16:31:57 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.03.13 16:29:02 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2011.03.13 16:25:48 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2011.03.13 16:23:04 | 080,298,280 | ---- | C] (Apple Inc.) -- C:\Users\Sellmann\Desktop\iTunesSetup.exe
[2009.09.24 13:40:51 | 000,370,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Sellmann\AppData\Local\ogohetiqaquhe.dll
[2009.09.24 13:40:51 | 000,087,552 | ---- | C] (FileZilla Project) -- C:\Users\Sellmann\AppData\Local\KBtogape.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Users\Sellmann\Documents\*.tmp files -> C:\Users\Sellmann\Documents\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.04.09 14:00:10 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator.job
[2011.04.09 14:00:09 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\Erweiterte Garantie.job
[2011.04.09 13:58:22 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.04.09 13:53:21 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.04.09 13:50:53 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.04.09 13:44:06 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.09 12:43:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sellmann\Desktop\OTL(2).exe
[2011.04.09 12:36:01 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.04.09 12:33:05 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.09 12:33:03 | 000,071,157 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.04.09 12:33:01 | 000,071,157 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.04.09 12:32:54 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.09 12:32:52 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.09 12:32:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.09 11:51:33 | 007,109,120 | ---- | M] (Uniblue Systems Ltd ) -- C:\Users\Sellmann\Desktop\registrybooster.exe
[2011.04.09 11:36:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sellmann\Desktop\OTL.exe
[2011.04.09 09:57:23 | 225,249,886 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.04.09 09:54:02 | 000,194,560 | ---- | M] () -- C:\Windows\System32\test.exe
[2011.04.09 09:49:41 | 000,000,120 | ---- | M] () -- C:\Users\Sellmann\AppData\Local\Osureruqap.dat
[2011.04.09 09:49:03 | 000,000,000 | ---- | M] () -- C:\Users\Sellmann\AppData\Local\Qmabogajimonob.bin
[2011.04.08 21:00:22 | 000,000,530 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Vollständige Systemprüfung ausführen - Sellmann.job
[2011.04.07 20:54:46 | 000,011,421 | ---- | M] () -- C:\Windows\System32\GnuHashes.ini
[2011.04.07 20:43:54 | 000,000,000 | ---- | M] () -- C:\Windows\System32\aclnet.dll
[2011.04.07 13:11:11 | 001,530,725 | ---- | M] () -- C:\Users\Sellmann\Desktop\wrar400d.exe
[2011.04.06 21:16:39 | 000,659,854 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.06 21:16:39 | 000,622,776 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.06 21:16:39 | 000,143,280 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.06 21:16:39 | 000,117,620 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.03 20:58:20 | 000,015,346 | ---- | M] () -- C:\Users\Sellmann\Desktop\ostrov-proklyatyih+[torrentino.com+212492].torrent
[2011.04.03 12:16:56 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Hilfesammlung 2010.lnk
[2011.04.03 12:15:07 | 000,001,884 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2011.04.03 12:11:42 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.03 12:11:42 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.04.03 12:11:42 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.04.03 12:11:42 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.03.31 22:41:40 | 000,159,232 | ---- | M] () -- C:\Users\Sellmann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.20 21:38:50 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.03.13 16:33:02 | 000,001,667 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.03.13 16:23:27 | 080,298,280 | ---- | M] (Apple Inc.) -- C:\Users\Sellmann\Desktop\iTunesSetup.exe
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Users\Sellmann\Documents\*.tmp files -> C:\Users\Sellmann\Documents\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.04.09 13:52:06 | 000,000,252 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.04.09 13:35:45 | 000,000,252 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.04.09 13:20:23 | 000,000,252 | -H-- | C] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.04.09 09:54:02 | 000,194,560 | ---- | C] () -- C:\Windows\System32\test.exe
[2011.04.07 20:54:46 | 000,011,421 | ---- | C] () -- C:\Windows\System32\GnuHashes.ini
[2011.04.07 20:43:54 | 000,000,000 | ---- | C] () -- C:\Windows\System32\aclnet.dll
[2011.04.07 18:21:53 | 225,249,886 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.04.07 13:11:09 | 001,530,725 | ---- | C] () -- C:\Users\Sellmann\Desktop\wrar400d.exe
[2011.04.06 17:20:22 | 000,000,120 | ---- | C] () -- C:\Users\Sellmann\AppData\Local\Osureruqap.dat
[2011.04.06 17:20:22 | 000,000,000 | ---- | C] () -- C:\Users\Sellmann\AppData\Local\Qmabogajimonob.bin
[2011.04.03 20:57:56 | 000,015,346 | ---- | C] () -- C:\Users\Sellmann\Desktop\ostrov-proklyatyih+[torrentino.com+212492].torrent
[2011.04.03 12:16:56 | 000,002,189 | ---- | C] () -- C:\Users\Public\Desktop\Steuer-Hilfesammlung 2010.lnk
[2011.04.03 12:15:07 | 000,001,884 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2011.03.13 16:33:02 | 000,001,667 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.03.13 16:29:04 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.02.10 12:06:11 | 000,000,100 | ---- | C] () -- C:\Windows\lexstat.ini
[2011.02.10 12:05:40 | 000,155,648 | ---- | C] () -- C:\Windows\System32\LEXPING.EXE
[2011.02.10 12:05:39 | 000,040,960 | ---- | C] () -- C:\Windows\System32\INSTMON.EXE
[2011.02.10 12:05:38 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll
[2010.05.16 00:41:51 | 000,000,552 | ---- | C] () -- C:\Users\Sellmann\AppData\Local\d3d8caps.dat
[2010.04.02 09:43:46 | 000,071,157 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.04.02 09:43:46 | 000,071,157 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.09.24 13:40:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 13:40:53 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.03.26 09:20:50 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.10.03 13:52:08 | 000,000,093 | ---- | C] () -- C:\Users\Sellmann\AppData\Local\oqibc.bat
[2008.09.09 09:39:05 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2008.08.02 20:51:18 | 000,001,160 | ---- | C] () -- C:\Windows\mozver.dat
[2008.06.20 21:19:55 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008.04.19 18:05:41 | 000,001,076 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.03.21 22:30:08 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007.12.01 22:55:57 | 000,000,096 | ---- | C] () -- C:\Users\Sellmann\AppData\Local\fusioncache.dat
[2007.11.05 16:36:54 | 000,000,680 | ---- | C] () -- C:\Users\Sellmann\AppData\Local\d3d9caps.dat
[2007.09.28 22:33:10 | 000,000,071 | ---- | C] () -- C:\Windows\Crypkey.ini
[2007.09.28 22:33:05 | 000,031,846 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys
[2007.09.28 22:33:04 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe
[2007.09.27 17:46:35 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2007.09.27 17:46:34 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2007.08.31 18:30:23 | 000,159,744 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007.08.31 18:30:22 | 000,008,704 | ---- | C] () -- C:\Windows\System32\vidccleaner.exe
[2007.08.31 18:30:20 | 000,544,768 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007.06.28 15:45:34 | 000,063,488 | ---- | C] () -- C:\Windows\System32\Eztw32.dll
[2007.06.28 15:29:12 | 000,000,142 | ---- | C] () -- C:\Windows\ktel.ini
[2007.05.23 18:15:38 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.05.11 17:10:12 | 000,000,127 | ---- | C] () -- C:\Windows\compedia.ini
[2007.03.04 18:08:41 | 000,025,600 | ---- | C] () -- C:\Windows\System32\jesterss.dll
[2007.02.26 19:35:26 | 000,028,672 | ---- | C] () -- C:\Windows\System32\qttask.exe
[2007.02.25 18:39:58 | 000,001,345 | ---- | C] () -- C:\Windows\disney.ini
[2007.02.20 21:40:19 | 000,159,232 | ---- | C] () -- C:\Users\Sellmann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.25 02:54:16 | 000,659,854 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2007.01.25 02:54:16 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2007.01.25 02:54:16 | 000,143,280 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2007.01.25 02:54:16 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.01.24 18:17:22 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2007.01.24 18:15:26 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2006.12.21 12:06:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,512,968 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,622,776 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,117,620 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:25 | 001,197,056 | ---- | C] () -- C:\Windows\System32\hpotiop1.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.10.27 08:26:56 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll
[2006.04.21 10:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll
[2006.01.30 14:42:22 | 000,000,270 | ---- | C] () -- C:\Windows\System32\lxczcoin.ini
[2004.12.02 15:20:18 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2004.07.20 17:04:02 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll
[2004.01.15 14:43:28 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TBTMonUI.dll
[2000.12.11 15:46:41 | 000,011,616 | R--- | C] () -- C:\Windows\System32\drivers\SECDRV.SYS
========== LOP Check ==========
[2008.09.01 10:47:03 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Ace
[2010.06.12 23:07:46 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\ArchiCrypt System Doctor
[2011.04.03 21:37:29 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Azureus
[2009.02.19 18:03:17 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\digital publishing
[2011.04.07 20:59:03 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\F-Secure
[2010.03.08 01:50:04 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Fighters
[2010.06.05 15:22:06 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\FissaSearch
[2010.06.05 17:30:37 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\freeTVRadio
[2011.04.03 12:56:18 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Haufe Mediengruppe
[2008.04.10 19:39:23 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\ICQ
[2007.06.28 15:30:07 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\klickTel
[2011.04.06 17:05:59 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\kock
[2007.10.16 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Leadertech
[2011.04.04 15:46:42 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Lexware
[2008.06.09 11:10:33 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Mra
[2011.02.28 17:05:14 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\OpenCandy
[2007.12.01 22:55:16 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Packard Bell
[2007.11.19 11:40:23 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\PeerNetworking
[2008.11.22 18:04:06 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Power Mixer
[2007.08.31 18:30:19 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Samsung
[2008.05.07 09:43:48 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Toshiba
[2011.02.28 17:05:56 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Uniblue
[2011.04.09 14:00:09 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\Erweiterte Garantie.job
[2011.04.09 14:00:10 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator.job
[2011.04.09 11:11:00 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.12.15 18:27:00 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{96ABF0D9-8631-4115-9782-45E3096DD773}.job
[2011.04.09 13:53:21 | 000,000,252 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.04.09 13:58:22 | 000,000,252 | -H-- | M] () -- C:\Windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.04.09 13:50:53 | 000,000,252 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2008.09.01 10:47:03 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Ace
[2011.04.06 17:18:13 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Adobe
[2007.09.21 14:23:45 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\AdobeUM
[2007.03.06 16:53:31 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Ahead
[2009.01.02 17:32:46 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\AOL
[2011.03.13 16:35:05 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Apple Computer
[2010.06.12 23:07:46 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\ArchiCrypt System Doctor
[2010.09.19 10:48:48 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Avira
[2009.07.31 18:04:04 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\AVS4YOU
[2011.04.03 21:37:29 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Azureus
[2009.02.19 18:03:17 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\digital publishing
[2010.06.10 22:29:35 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\DivX
[2010.12.05 19:44:08 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\dvdcss
[2011.04.07 20:59:03 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\F-Secure
[2010.03.08 01:50:04 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Fighters
[2010.06.05 15:22:06 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\FissaSearch
[2010.06.05 17:30:37 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\freeTVRadio
[2008.02.16 12:17:09 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Google
[2009.02.16 21:48:21 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Hamachi
[2011.04.03 12:56:18 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Haufe Mediengruppe
[2008.04.10 19:39:23 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\ICQ
[2007.02.20 19:19:52 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Identities
[2009.01.02 17:31:03 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\InstallShield
[2007.06.28 15:30:07 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\klickTel
[2011.04.06 17:05:59 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\kock
[2007.10.16 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Leadertech
[2011.04.04 15:46:42 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Lexware
[2007.02.26 19:28:27 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Media Center Programs
[2010.12.30 23:40:56 | 000,000,000 | --SD | M] -- C:\Users\Sellmann\AppData\Roaming\Microsoft
[2008.08.28 22:29:45 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Mozilla
[2008.06.09 11:10:33 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Mra
[2009.07.31 16:46:16 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\NCH Software
[2011.02.28 17:05:14 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\OpenCandy
[2007.12.01 22:55:16 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Packard Bell
[2007.11.19 11:40:23 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\PeerNetworking
[2008.11.22 18:04:06 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Power Mixer
[2007.03.17 00:50:29 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Roxio
[2007.08.31 18:30:19 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Samsung
[2011.03.09 22:57:05 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Skype
[2009.05.21 20:05:42 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\skypePM
[2009.03.21 15:39:11 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Talkback
[2008.05.07 09:43:48 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Toshiba
[2011.02.28 17:05:56 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\Uniblue
[2011.04.07 14:09:00 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\vlc
[2009.07.31 12:38:58 | 000,000,000 | ---D | M] -- C:\Users\Sellmann\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2010.12.05 16:29:44 | 000,469,304 | ---- | M] () -- C:\Users\Sellmann\AppData\Roaming\Azureus\plugins\azburn_v\bin\cdrecord.exe
[2010.12.05 16:29:48 | 000,123,856 | ---- | M] () -- C:\Users\Sellmann\AppData\Roaming\Azureus\plugins\azburn_v\bin\dvdauthor.exe
[2010.12.05 16:29:49 | 000,449,720 | ---- | M] () -- C:\Users\Sellmann\AppData\Roaming\Azureus\plugins\azburn_v\bin\mkisofs.exe
[2010.12.05 16:29:50 | 000,349,632 | ---- | M] () -- C:\Users\Sellmann\AppData\Roaming\Azureus\plugins\azburn_v\bin\mpeg2enc.exe
[2010.12.05 16:29:50 | 000,194,496 | ---- | M] () -- C:\Users\Sellmann\AppData\Roaming\Azureus\plugins\azburn_v\bin\mplex.exe
[2010.12.05 16:29:50 | 000,173,504 | ---- | M] () -- C:\Users\Sellmann\AppData\Roaming\Azureus\plugins\azburn_v\bin\p2y.exe
[2010.12.05 16:29:50 | 000,095,696 | ---- | M] () -- C:\Users\Sellmann\AppData\Roaming\Azureus\plugins\azburn_v\bin\spumux.exe
[2010.12.05 16:29:51 | 000,051,648 | ---- | M] () -- C:\Users\Sellmann\AppData\Roaming\Azureus\plugins\azburn_v\bin\vzspath.exe
[2010.01.31 15:00:30 | 010,686,001 | ---- | M] () -- C:\Users\Sellmann\AppData\Roaming\Azureus\plugins\azump\mplayer.exe
[2010.11.22 19:01:50 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\Sellmann\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe
[2010.12.05 16:29:19 | 007,288,256 | ---- | M] () -- C:\Users\Sellmann\AppData\Roaming\Azureus\plugins\vuzexcode\ffmpeg.exe
[2010.12.05 16:29:20 | 004,146,688 | ---- | M] () -- C:\Users\Sellmann\AppData\Roaming\Azureus\plugins\vuzexcode\mediainfo.exe
[2010.06.03 15:01:46 | 000,006,656 | ---- | M] (Aedgency) -- C:\Users\Sellmann\AppData\Roaming\FissaSearch\FissaUninstaller.exe
[2009.02.06 15:15:46 | 001,850,800 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Sellmann\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2011.02.28 17:05:15 | 000,415,816 | ---- | M] () -- C:\Users\Sellmann\AppData\Roaming\OpenCandy\OpenCandy_2BF4751B072C487C82FC28A35A07645B\LatestDLMgr.exe
[2010.03.05 23:42:26 | 004,004,928 | ---- | M] (Uniblue Systems Ltd ) -- C:\Users\Sellmann\AppData\Roaming\OpenCandy\OpenCandy_2BF4751B072C487C82FC28A35A07645B\registrybooster(9).exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.10 21:23:49 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=224505155EC3E36D7A1F36E446F04C2A -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_ecc53ff9\atapi.sys
[2008.01.10 21:23:49 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=224505155EC3E36D7A1F36E446F04C2A -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16584_none_daff695624a08568\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.01.10 21:23:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=BFD3DF48C9ED81934FE21E8E3CFC2496 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20707_none_dbe288453d7a8ed6\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007.11.14 08:42:21 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007.11.14 08:42:20 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTORV.SYS >
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2007.09.18 18:01:50 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2007.09.18 18:01:52 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008.01.19 09:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2010.12.18 08:22:10 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll
[2008.01.19 09:37:11 | 000,009,216 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\wship6.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
========== Files - Unicode (All) ==========
[2011.04.03 21:14:20 | 000,015,358 | ---- | M] ()(C:\Users\Sellmann\Desktop\[FireBit.org]_?????????-2011-dvdrip-??-firebit-films.torrent) -- C:\Users\Sellmann\Desktop\[FireBit.org]_выкрутасы-2011-dvdrip-от-firebit-films.torrent
[2011.04.03 21:13:28 | 000,015,358 | ---- | C] ()(C:\Users\Sellmann\Desktop\[FireBit.org]_?????????-2011-dvdrip-??-firebit-films.torrent) -- C:\Users\Sellmann\Desktop\[FireBit.org]_выкрутасы-2011-dvdrip-от-firebit-films.torrent
[2011.03.29 23:44:58 | 000,014,967 | ---- | M] ()(C:\Users\Sellmann\Desktop\[FireBit.org]_?????-??????-??????????-?????-1-4-??-4-2001-dvdrip.torrent) -- C:\Users\Sellmann\Desktop\[FireBit.org]_тайны-ордена-тамплиеров-серии-1-4-из-4-2001-dvdrip.torrent
[2011.03.29 23:44:49 | 000,014,967 | ---- | C] ()(C:\Users\Sellmann\Desktop\[FireBit.org]_?????-??????-??????????-?????-1-4-??-4-2001-dvdrip.torrent) -- C:\Users\Sellmann\Desktop\[FireBit.org]_тайны-ордена-тамплиеров-серии-1-4-из-4-2001-dvdrip.torrent
[2010.02.18 16:07:39 | 000,000,000 | ---D | M](C:\Users\Sellmann\Documents\???????) -- C:\Users\Sellmann\Documents\Рецепты
[2009.12.18 00:00:32 | 000,026,112 | ---- | M] ()(C:\Users\Sellmann\Documents\???????? ?????? ??? ??????? ? ????? ?? ????? ?????? ??????? ? ???????? ???.doc) -- C:\Users\Sellmann\Documents\Укрепить волосы вам поможет и маска из смеси тертой моркови и крепкого чая.doc
[2009.12.18 00:00:30 | 000,026,112 | ---- | C] ()(C:\Users\Sellmann\Documents\???????? ?????? ??? ??????? ? ????? ?? ????? ?????? ??????? ? ???????? ???.doc) -- C:\Users\Sellmann\Documents\Укрепить волосы вам поможет и маска из смеси тертой моркови и крепкого чая.doc
[2009.07.27 00:38:10 | 000,000,162 | -H-- | M] ()(C:\Users\Sellmann\Documents\~$ ?????? ?.doc) -- C:\Users\Sellmann\Documents\~$ мнению Б.doc
[2009.07.27 00:38:10 | 000,000,162 | -H-- | C] ()(C:\Users\Sellmann\Documents\~$ ?????? ?.doc) -- C:\Users\Sellmann\Documents\~$ мнению Б.doc
[2009.06.23 22:14:05 | 000,032,768 | ---- | M] ()(C:\Users\Sellmann\Documents\???????????? ? ???? ???????? ???????.doc) -- C:\Users\Sellmann\Documents\Поздравления с днем рождения подруге.doc
[2009.06.09 11:34:17 | 000,032,768 | ---- | C] ()(C:\Users\Sellmann\Documents\???????????? ? ???? ???????? ???????.doc) -- C:\Users\Sellmann\Documents\Поздравления с днем рождения подруге.doc
[2009.02.23 17:26:38 | 000,027,648 | ---- | M] ()(C:\Users\Sellmann\Documents\????????? ????????? ? ?????????.doc) -- C:\Users\Sellmann\Documents\Цыганские пословицы и поговорки.doc
[2009.02.23 17:26:36 | 000,027,648 | ---- | C] ()(C:\Users\Sellmann\Documents\????????? ????????? ? ?????????.doc) -- C:\Users\Sellmann\Documents\Цыганские пословицы и поговорки.doc
[2009.02.07 18:12:57 | 000,022,528 | ---- | M] ()(C:\Users\Sellmann\Documents\????????.doc) -- C:\Users\Sellmann\Documents\Сценарий.doc
[2009.01.31 18:03:23 | 000,000,000 | ---D | M](C:\Users\Sellmann\Desktop\DISKO-POPA-?? ????) -- C:\Users\Sellmann\Desktop\DISKO-POPA-За тебя
[2009.01.31 18:02:44 | 000,000,000 | ---D | C](C:\Users\Sellmann\Desktop\DISKO-POPA-?? ????) -- C:\Users\Sellmann\Desktop\DISKO-POPA-За тебя
[2009.01.23 15:40:57 | 000,027,648 | ---- | M] ()(C:\Users\Sellmann\Documents\????????? ????.doc) -- C:\Users\Sellmann\Documents\Бабушкины руки.doc
[2009.01.23 15:40:49 | 000,022,528 | ---- | C] ()(C:\Users\Sellmann\Documents\????????.doc) -- C:\Users\Sellmann\Documents\Сценарий.doc
[2009.01.22 22:20:15 | 000,027,648 | ---- | C] ()(C:\Users\Sellmann\Documents\????????? ????.doc) -- C:\Users\Sellmann\Documents\Бабушкины руки.doc
[2008.03.19 21:55:56 | 000,027,136 | ---- | M] ()(C:\Users\Sellmann\Documents\?? ?????? ?.doc) -- C:\Users\Sellmann\Documents\По мнению Б.doc
[2008.03.19 21:55:52 | 000,027,136 | ---- | C] ()(C:\Users\Sellmann\Documents\?? ?????? ?.doc) -- C:\Users\Sellmann\Documents\По мнению Б.doc
[2007.11.27 18:01:31 | 000,020,992 | ---- | M] ()(C:\Users\Sellmann\Documents\???????????? ? 30 ?????? ???????.doc) -- C:\Users\Sellmann\Documents\Поздравление с 30 летним юбилеем.doc
[2007.11.27 18:01:22 | 000,020,992 | ---- | C] ()(C:\Users\Sellmann\Documents\???????????? ? 30 ?????? ???????.doc) -- C:\Users\Sellmann\Documents\Поздравление с 30 летним юбилеем.doc
[2007.11.01 13:49:35 | 000,000,000 | ---D | C](C:\Users\Sellmann\Documents\???????) -- C:\Users\Sellmann\Documents\Рецепты
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Users\Sellmann\Documents\Updater5:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sellmann\Documents\My Stationery:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sellmann\Documents\Meine empfangenen Dateien:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sellmann\Documents\ICQ:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sellmann\Documents\Bluetooth:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sellmann\Documents\Allianz:Roxio EMC Stream
< End of report > --- --- --- |