| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Crypt.XPACK.Gen3Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
12.10.2010, 17:33
| #1 |
| |  TR/Crypt.XPACK.Gen3 Hallo, ich habe mir auch diesen Mist eingefangen!!! Hilfe! Logs: OTL.txt OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 12.10.2010 18:14:00 - Run 1 OTL by OldTimer - Version 3.2.15.1 Folder = C:\Users\Sascha\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free 7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 117,19 Gb Total Space | 38,26 Gb Free Space | 32,65% Space Free | Partition Type: NTFS Drive D: | 292,97 Gb Total Space | 230,76 Gb Free Space | 78,77% Space Free | Partition Type: NTFS Drive E: | 465,65 Gb Total Space | 139,04 Gb Free Space | 29,86% Space Free | Partition Type: FAT32 Drive Z: | 7,80 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: SASCHA-PC | User Name: Sascha | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Sascha\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\Sascha\AppData\Local\Temp\dfrgsnapnt.exe () PRC - C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) PRC - C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation) PRC - C:\Program Files\D-Link\DWA-547 revA\wirelesscm.exe (D-Link Corp.) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) ========== Modules (SafeList) ========== MOD - C:\Users\Sascha\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG) SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (jswpsapi) -- C:\Program Files\D-Link\DWA-547 revA\jswpsapi.exe (Atheros Communications, Inc.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (PCANDIS5) -- C:\Windows\System32\PCANDIS5.SYS File not found DRV - (odysseyIM3) -- C:\Windows\System32\DRIVERS\odysseyIM3.sys File not found DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek ) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (jswpslwf) -- C:\Windows\System32\drivers\jswpslwf.sys (Atheros Communications, Inc.) DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.) DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.) DRV - (rt61x86) -- C:\Windows\System32\drivers\WMP54Gv41x86.sys (Ralink Technology Inc.) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH) DRV - (TNET1130) -- C:\Windows\System32\drivers\GPlus.sys () DRV - (hp4200c) -- C:\Windows\System32\drivers\hp4200c.sys (Hewlett-Packard) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42 FF - prefs.js..extensions.enabledItems: {B013C95F-0ECE-4C67-A63C-7EAB8826C18D}:1.9.1 FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.01.27 20:38:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.06.24 20:27:32 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.24 11:10:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.22 15:57:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.06.24 20:27:34 | 000,000,000 | ---D | M] [2010.04.11 13:44:52 | 000,000,000 | ---D | M] -- C:\Users\Sascha\AppData\Roaming\mozilla\Extensions [2010.04.11 13:44:52 | 000,000,000 | ---D | M] -- C:\Users\Sascha\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2010.10.11 20:30:05 | 000,000,000 | ---D | M] -- C:\Users\Sascha\AppData\Roaming\mozilla\Firefox\Profiles\sx7yw0cp.default\extensions [2010.04.27 18:12:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sascha\AppData\Roaming\mozilla\Firefox\Profiles\sx7yw0cp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.03.26 17:07:24 | 000,000,950 | ---- | M] () -- C:\Users\Sascha\AppData\Roaming\Mozilla\FireFox\Profiles\sx7yw0cp.default\searchplugins\icqplugin-1.xml [2010.02.22 19:54:21 | 000,000,168 | ---- | M] () -- C:\Users\Sascha\AppData\Roaming\Mozilla\FireFox\Profiles\sx7yw0cp.default\searchplugins\icqplugin.gif [2010.02.22 19:54:21 | 000,000,618 | ---- | M] () -- C:\Users\Sascha\AppData\Roaming\Mozilla\FireFox\Profiles\sx7yw0cp.default\searchplugins\icqplugin.src [2008.07.10 14:07:28 | 000,000,944 | ---- | M] () -- C:\Users\Sascha\AppData\Roaming\Mozilla\FireFox\Profiles\sx7yw0cp.default\searchplugins\icqplugin.xml [2010.10.05 20:58:26 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010.03.13 16:48:35 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.03.13 16:48:36 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.13 16:48:36 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.03.13 16:48:36 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.03.13 16:48:36 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.12.31 02:43:59 | 000,001,455 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O1 - Hosts: 127.0.0.1 2O7.net O1 - Hosts: 127.0.0.1 192.168.112.2O7.net O1 - Hosts: 127.0.0.1 im.adtech.de O1 - Hosts: 127.0.0.1 adserver.adtech.de O1 - Hosts: 127.0.0.1 adtech.de O1 - Hosts: 127.0.0.1 atwola.com O1 - Hosts: 127.0.0.1 adserver.71i.de O1 - Hosts: 127.0.0.1 adicqserver.71i.de O1 - Hosts: 2 more lines... O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [hplampc] C:\Windows\System32\hplampc.exe (Hewlett-Packard) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [dfrgsnapnt.exe] C:\Users\Sascha\AppData\Local\Temp\dfrgsnapnt.exe () O4 - HKCU..\Run: [Lhilivano] C:\Users\Sascha\AppData\Local\udoyubaderoteg.DLL (CyberLink Corp.) O4 - HKCU..\Run: [Nniluvupoqoxevu] C:\Users\Sascha\AppData\Local\dbacod1.DLL (trbarry@trbarry.com) O4 - HKCU..\Run: [poihshhshs.exe] C:\poihshhshs.exe\poihshhshs.exe (G Data Software AG) O4 - Startup: C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: Free YouTube Download - C:\Users\Sascha\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Sascha\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img22.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img22.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009.10.07 20:36:50 | 000,000,043 | R--- | M] () - Z:\autorun.inf -- [ UDF ] O33 - MountPoints2\{28ab29da-a93a-11de-ab15-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{28ab29da-a93a-11de-ab15-806e6f6e6963}\Shell\AutoRun\command - "" = Z:\Setup.exe -- [2009.10.09 02:00:30 | 000,345,360 | R--- | M] (Valve Corporation) O33 - MountPoints2\{363c1ded-c193-11de-af40-001a4f9fa71f}\Shell\AutoRun\command - "" = kikvko.exe O33 - MountPoints2\{363c1ded-c193-11de-af40-001a4f9fa71f}\Shell\explore\Command - "" = kikvko.exe O33 - MountPoints2\{363c1ded-c193-11de-af40-001a4f9fa71f}\Shell\open\Command - "" = kikvko.exe O33 - MountPoints2\{9081fa02-4d44-11df-809b-00261891040b}\Shell\AutoRun\command - "" = F:\kikvko.exe -- File not found O33 - MountPoints2\{9081fa02-4d44-11df-809b-00261891040b}\Shell\explore\Command - "" = F:\kikvko.exe -- File not found O33 - MountPoints2\{9081fa02-4d44-11df-809b-00261891040b}\Shell\open\Command - "" = F:\kikvko.exe -- File not found O33 - MountPoints2\{9f072f0b-4556-11df-9ac7-00261891040b}\Shell\AutoRun\command - "" = E:\InstallTomTomHOME.exe -- File not found O33 - MountPoints2\{a4cacd80-add9-11de-a594-001a4f9fa71f}\Shell\AutoRun\command - "" = E:\Menu.exe -- File not found O33 - MountPoints2\{c05c803f-a93d-11de-91b0-00261891040b}\Shell - "" = AutoRun O33 - MountPoints2\{c05c803f-a93d-11de-91b0-00261891040b}\Shell\AutoRun\command - "" = E:\pushinst.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.10.11 20:28:31 | 000,000,000 | ---D | C] -- C:\Users\Sascha\AppData\Local\{B013C95F-0ECE-4C67-A63C-7EAB8826C18D} [2010.10.11 20:25:36 | 000,000,000 | ---D | C] -- C:\Users\Sascha\AppData\Local\DBControl [2010.10.05 20:52:24 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader [2010.10.05 20:52:16 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.10.05 20:52:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.10.05 20:52:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.09.29 18:00:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.09.26 15:55:30 | 000,000,000 | ---D | C] -- C:\Users\Sascha\Desktop\4Tunes HP [2010.09.26 15:12:21 | 000,000,000 | ---D | C] -- C:\Program Files\Guitar Explorer [2010.09.23 19:05:20 | 000,000,000 | ---D | C] -- C:\Users\Sascha\AppData\Local\Xara [2010.09.23 19:05:20 | 000,000,000 | ---D | C] -- C:\Users\Sascha\AppData\Roaming\MAGIX [2010.09.23 19:05:06 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX [2010.09.23 19:03:00 | 000,000,000 | ---D | C] -- C:\Users\Sascha\Desktop\Magix Web Designer 6 + CONTENT & Crack [2010.09.23 19:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2010.09.23 18:39:15 | 000,000,000 | -H-D | C] -- C:\Program Files\Zero G Registry [2010.09.23 18:38:01 | 000,000,000 | -H-D | C] -- C:\Users\Sascha\InstallAnywhere [2010.09.19 13:21:15 | 000,669,184 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\ipeistor11.dll [2010.09.19 13:21:15 | 000,350,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltkrn70n.dll [2010.09.19 13:21:15 | 000,324,096 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\ipebase11.dll [2010.09.19 13:21:15 | 000,224,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFCMP70n.DLL [2010.09.19 13:21:15 | 000,111,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfpng70n.dll [2010.09.19 13:21:15 | 000,093,184 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lftif70n.dll [2010.09.19 13:21:15 | 000,066,560 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\ipeapi11.dll [2010.09.19 13:21:15 | 000,055,808 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lffax70n.dll [2010.09.19 13:21:15 | 000,055,296 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltfil70n.DLL [2010.09.19 13:21:15 | 000,040,448 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hplampc.exe [2010.09.19 13:21:15 | 000,035,328 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lffpx70n.dll [2010.09.19 13:21:15 | 000,032,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfgif70n.dll [2010.09.19 13:21:15 | 000,032,768 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpsjrreg.exe [2010.09.19 13:21:15 | 000,025,524 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpsctrlc.cpl [2010.09.19 13:21:15 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfpcx70n.dll [2010.09.19 13:21:15 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfbmp70n.dll [2010.09.19 13:21:15 | 000,014,336 | ---- | C] (Hewlett-Packard, GHC) -- C:\Windows\System32\reg32.dll [2010.09.19 13:21:15 | 000,009,312 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\drivers\hp4200c.sys [2010.09.19 13:21:14 | 000,000,000 | ---D | C] -- C:\SCANJET [2010.09.15 15:58:11 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL [2009.09.28 12:39:52 | 000,199,168 | ---- | C] (CyberLink Corp.) -- C:\Users\Sascha\AppData\Local\udoyubaderoteg.dll [2009.09.28 12:39:52 | 000,078,848 | ---- | C] (trbarry@trbarry.com) -- C:\Users\Sascha\AppData\Local\dbacod1.dll ========== Files - Modified Within 30 Days ========== [2010.10.12 18:10:17 | 000,598,702 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.10.12 18:10:16 | 000,632,004 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.10.12 18:10:16 | 000,127,072 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.10.12 18:10:16 | 000,104,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.10.12 18:04:22 | 000,034,997 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.10.12 18:04:22 | 000,034,997 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.10.12 18:04:19 | 000,000,120 | ---- | M] () -- C:\Users\Sascha\AppData\Local\Uvifomipusovo.dat [2010.10.12 18:04:18 | 000,000,000 | ---- | M] () -- C:\Users\Sascha\AppData\Local\Dzimuto.bin [2010.10.12 18:03:28 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.10.12 18:03:28 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.10.12 18:03:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.10.12 18:03:12 | 3488,731,136 | -HS- | M] () -- C:\hiberfil.sys [2010.10.05 22:23:04 | 000,002,597 | ---- | M] () -- C:\Users\Sascha\Desktop\Word 2003.lnk [2010.10.05 20:59:38 | 000,000,764 | ---- | M] () -- C:\Users\Sascha\Desktop\CCleaner.lnk [2010.10.05 20:56:47 | 000,000,104 | ---- | M] () -- C:\Users\Sascha\Desktop\Computer - Verknüpfung.lnk [2010.10.05 20:52:39 | 000,000,790 | ---- | M] () -- C:\Users\Sascha\Desktop\JDownloader.lnk [2010.10.05 20:52:04 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.10.05 20:52:04 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.10.05 20:52:04 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.10.05 20:52:03 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll [2010.10.03 05:05:30 | 000,096,670 | ---- | M] () -- C:\Users\Sascha\Desktop\stuecke.jpg [2010.10.03 04:22:29 | 000,024,064 | ---- | M] () -- C:\Users\Sascha\Documents\http.doc [2010.09.29 18:01:16 | 000,000,992 | ---- | M] () -- C:\Users\Sascha\Desktop\DVDVideoSoft Free Studio.lnk [2010.09.28 22:46:42 | 000,137,976 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010.09.28 22:46:33 | 000,234,280 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2010.09.27 22:55:49 | 000,024,064 | ---- | M] () -- C:\Users\Sascha\Desktop\http.doc [2010.09.26 23:29:19 | 000,257,871 | ---- | M] () -- C:\Users\Sascha\Desktop\harlekindez2009-13.jpg [2010.09.26 15:16:47 | 000,164,545 | ---- | M] () -- C:\Users\Sascha\Desktop\02_AkkordeEinsteiger.pdf [2010.09.26 15:12:21 | 000,000,807 | ---- | M] () -- C:\Users\Sascha\Desktop\Guitar Explorer.lnk [2010.09.24 15:25:03 | 002,200,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.09.23 19:05:18 | 000,000,487 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Web Designer 6 Download-Version.lnk [2010.09.23 18:40:03 | 000,000,709 | ---- | M] () -- C:\Users\Sascha\Desktop\Xpage Internet Studio 6 Special Edition.lnk [2010.09.19 14:36:52 | 000,253,267 | ---- | M] () -- C:\Users\Sascha\Desktop\Altersverifikation.jpg [2010.09.19 14:17:30 | 000,039,508 | ---- | M] () -- C:\Users\Sascha\Desktop\Perso_rückseite.JPG [2010.09.19 14:15:52 | 000,053,147 | ---- | M] () -- C:\Users\Sascha\Desktop\Perso_vorderseite.JPG [2010.09.19 13:21:18 | 000,001,480 | ---- | M] () -- C:\Windows\AUTOLNCH.REG [2010.09.19 13:21:17 | 000,014,952 | ---- | M] () -- C:\Windows\HPSETUP.INI [2010.09.19 13:16:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010.09.19 13:16:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS ========== Files Created - No Company Name ========== [2010.10.11 20:28:32 | 000,000,120 | ---- | C] () -- C:\Users\Sascha\AppData\Local\Uvifomipusovo.dat [2010.10.11 20:28:32 | 000,000,000 | ---- | C] () -- C:\Users\Sascha\AppData\Local\Dzimuto.bin [2010.10.11 20:25:36 | 000,000,000 | ---- | C] () -- C:\Users\Sascha\AppData\Local\googleupdate.log [2010.10.05 20:56:47 | 000,000,104 | ---- | C] () -- C:\Users\Sascha\Desktop\Computer - Verknüpfung.lnk [2010.10.05 20:52:39 | 000,000,790 | ---- | C] () -- C:\Users\Sascha\Desktop\JDownloader.lnk [2010.10.03 05:05:29 | 000,096,670 | ---- | C] () -- C:\Users\Sascha\Desktop\stuecke.jpg [2010.10.03 04:22:28 | 000,024,064 | ---- | C] () -- C:\Users\Sascha\Documents\http.doc [2010.09.27 22:48:57 | 000,024,064 | ---- | C] () -- C:\Users\Sascha\Desktop\http.doc [2010.09.26 23:29:18 | 000,257,871 | ---- | C] () -- C:\Users\Sascha\Desktop\harlekindez2009-13.jpg [2010.09.26 15:16:47 | 000,164,545 | ---- | C] () -- C:\Users\Sascha\Desktop\02_AkkordeEinsteiger.pdf [2010.09.26 15:12:21 | 000,000,807 | ---- | C] () -- C:\Users\Sascha\Desktop\Guitar Explorer.lnk [2010.09.23 19:05:18 | 000,000,487 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Web Designer 6 Download-Version.lnk [2010.09.23 18:40:03 | 000,000,709 | ---- | C] () -- C:\Users\Sascha\Desktop\Xpage Internet Studio 6 Special Edition.lnk [2010.09.19 14:22:40 | 000,253,267 | ---- | C] () -- C:\Users\Sascha\Desktop\Altersverifikation.jpg [2010.09.19 14:22:40 | 000,053,147 | ---- | C] () -- C:\Users\Sascha\Desktop\Perso_vorderseite.JPG [2010.09.19 14:22:40 | 000,039,508 | ---- | C] () -- C:\Users\Sascha\Desktop\Perso_rückseite.JPG [2010.09.19 13:21:18 | 000,001,480 | ---- | C] () -- C:\Windows\AUTOLNCH.REG [2010.09.19 13:21:15 | 000,306,688 | ---- | C] () -- C:\Windows\System32\Lffpx7.dll [2010.09.19 13:21:15 | 000,095,232 | ---- | C] () -- C:\Windows\System32\Lfkodak.dll [2010.09.19 13:20:58 | 000,014,952 | ---- | C] () -- C:\Windows\HPSETUP.INI [2010.09.19 13:16:42 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010.09.19 13:16:42 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010.09.13 15:16:19 | 000,846,336 | ---- | C] () -- C:\Users\Sascha\Desktop\pbsetup.exe [2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.03.15 19:32:30 | 000,000,254 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2010.02.08 23:44:33 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2010.01.25 20:48:21 | 000,283,392 | ---- | C] () -- C:\Windows\System32\drivers\GPlus.sys [2009.12.30 23:47:33 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2009.12.05 19:38:00 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009.11.14 13:00:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.09.30 18:04:12 | 000,124,416 | ---- | C] () -- C:\Users\Sascha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.09.30 18:01:59 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI [2009.09.30 16:11:58 | 000,000,824 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2009.09.28 12:39:52 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.09.25 14:45:26 | 000,138,056 | ---- | C] () -- C:\Users\Sascha\AppData\Roaming\PnkBstrK.sys [2009.09.25 14:45:26 | 000,137,976 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.09.25 14:45:07 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini [2009.09.25 14:22:25 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.09.24 21:00:42 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009.09.24 20:59:45 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys [2009.09.24 20:59:41 | 000,001,746 | ---- | C] () -- C:\Windows\Language_trs.ini [2009.09.24 20:59:38 | 000,028,191 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009.09.24 20:59:38 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS [2009.09.24 20:55:26 | 000,034,997 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009.09.24 20:55:26 | 000,034,997 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009.09.24 20:51:08 | 000,000,680 | ---- | C] () -- C:\Users\Sascha\AppData\Local\d3d9caps.dat [2009.08.03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI ========== Files - Unicode (All) ========== [2009.12.16 23:35:44 | 000,000,000 | ---D | M](C:\Users\Sascha\AppData\Roaming\???????sAppData) -- C:\Users\Sascha\AppData\Roaming\敎潲䍄敔灭慬整sAppData [2009.12.16 23:35:44 | 000,000,000 | ---D | M](C:\Users\Sascha\AppData\Roaming\???????sAppData) -- C:\Users\Sascha\AppData\Roaming\敎潲䍄敔灭慬整sAppData (C:\Users\Sascha\AppData\Roaming\???????sAppData) -- C:\Users\Sascha\AppData\Roaming\敎潲䍄敔灭慬整sAppData < End of report > Extras.txt OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 12.10.2010 18:14:00 - Run 1
OTL by OldTimer - Version 3.2.15.1 Folder = C:\Users\Sascha\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 117,19 Gb Total Space | 38,26 Gb Free Space | 32,65% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 230,76 Gb Free Space | 78,77% Space Free | Partition Type: NTFS
Drive E: | 465,65 Gb Total Space | 139,04 Gb Free Space | 29,86% Space Free | Partition Type: FAT32
Drive Z: | 7,80 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: SASCHA-PC | User Name: Sascha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0411ABD8-FD01-4BC0-873D-8785192BC2B5}" = protocol=17 | dir=in | app=d:\games\far cry 2\bin\fc2editor.exe |
"{0552BF2A-26A2-4639-9090-B12AD4D283D4}" = protocol=6 | dir=in | app=d:\games\battlefield 2\bf2.exe |
"{0554BBD1-A325-4079-B33D-A2B0CDC2EADB}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{089CE419-B559-4AD6-8D81-FB22893C329C}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{0BC79075-32F6-4D11-A406-BB27CFBDF97D}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{1402CEB6-509C-49C8-A1CF-D9E1FC2C868B}" = protocol=6 | dir=in | app=d:\games\steam\steam.exe |
"{14CD8DA5-5992-4527-B742-3351B98285FD}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{15882BC1-B64A-4C59-93ED-678BC27ACA16}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{1FF62AC0-2146-42C7-B300-2452349D1A41}" = protocol=17 | dir=in | app=d:\games\ventrilo\ventrilo.exe |
"{239DFE66-B813-40EB-AC90-0D1FDAC6073E}" = protocol=17 | dir=in | app=d:\games\far cry 2\bin\fc2launcher.exe |
"{283897EB-05FD-46ED-9140-9E2E8CC7820A}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{2B4FDABC-193C-4447-A63F-BB7483238F71}" = protocol=6 | dir=in | app=d:\games\ventrilo\ventrilo.exe |
"{2EBF6DF4-5260-4ACE-9672-0822E3D77FCA}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{3106A56A-8B2B-4394-8EA3-B7A9798BFF66}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{325B8CC0-1F4A-4F79-AA0C-D0668E261CD6}" = protocol=17 | dir=in | app=d:\games\steam\steam.exe |
"{389323DC-82FC-4D65-83D6-3FB373B1DC5E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4608BC99-4976-4E18-BD78-CA2C13B61960}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4816AD6C-D81E-45F5-8B77-8CDF209E46F5}" = protocol=6 | dir=in | app=c:\program files\spamihilator\spamihilator.exe |
"{52B4853B-BB5C-4B65-ACCB-079A4C30CDA5}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5432636F-A4C9-4427-B07A-DD64BD61E9B5}" = protocol=17 | dir=in | app=d:\games\battlefield bad company 2\bfbc2updater.exe |
"{56A49999-EB6F-48E4-871B-874CA8C2931C}" = protocol=17 | dir=in | app=c:\program files\spamihilator\dccproc.exe |
"{57493259-4157-4CFF-82F8-4658CEC0A77E}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{57AE3675-FEC4-419A-BC8D-9813B3C34A54}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{589B9626-6B2F-4C73-9A21-B99D30AEC73B}" = protocol=6 | dir=in | app=d:\games\far cry 2\bin\fc2launcher.exe |
"{5AA4F596-5910-4B36-89C4-5CD322CFBF15}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{6088E39D-A9ED-4AAC-A841-D52B7FF72BB0}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{71EA4A8E-2421-479F-A870-5262DD3D467E}" = protocol=6 | dir=in | app=d:\games\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{72CCD8B8-7FB7-49BC-8DC8-89E3D442A26F}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{738901B0-0F43-4E3C-971F-AFE50932FB9C}" = protocol=6 | dir=in | app=c:\program files\spamihilator\dccproc.exe |
"{7A8E103F-1437-40B9-963C-3AC0DA24BF55}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{7FD90C43-694A-4253-9403-C5B87B0D2172}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{8119AD5F-EB6F-49BB-8289-6B23B867E974}" = protocol=17 | dir=in | app=d:\games\far cry 2\bin\farcry2.exe |
"{814B751E-2145-4370-88DA-9602F33638A5}" = protocol=6 | dir=in | app=d:\games\far cry 2\bin\fc2editor.exe |
"{89222A0A-1446-4D59-88BD-235EF892DFD3}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{8FE14C5B-78C2-4B55-9F1D-7231552D2897}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{93A3201F-B6FA-4AB3-B131-F7CE1AFEE1B8}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{945D4E6E-B30C-41DA-8D33-9A19E5166AD4}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{952537EA-B1A1-4070-8880-5E311EB79B04}" = protocol=17 | dir=in | app=c:\program files\spamihilator\cdcc.exe |
"{9A85AC1B-B68F-4BD0-851C-C83310AD0DA0}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{A79EA109-EE22-463A-9A6D-52913F6A4714}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{A905B871-1580-49FB-8F89-279D3587F8D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ADDABE20-66FA-4316-82E8-3DD514A180BA}" = protocol=6 | dir=in | app=d:\games\battlefield 2\bf2.exe |
"{B246D0F7-B148-4019-8540-005B399C990E}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{B858A9EC-CD8F-4C2E-844D-619043D4C140}" = protocol=6 | dir=in | app=c:\program files\spamihilator\cdcc.exe |
"{B8C4D8AD-41B9-4032-A365-9524C667F2A1}" = protocol=6 | dir=in | app=d:\games\far cry 2\bin\farcry2.exe |
"{BB214E50-B739-4D72-93E0-129C83B4AB87}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{BFDB845F-3344-4A75-B1D6-1D0DD947F653}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{CA71E7EB-CECB-4ECC-8663-3F29735B9641}" = protocol=17 | dir=in | app=d:\games\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{D5843364-DF03-4AD6-A603-2936FC3B4AC9}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{D8E5CCD2-7635-43C2-8D06-4C9DCB17A0F9}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{DC9AE804-9A42-4875-BBA0-7B77458F46A8}" = protocol=17 | dir=in | app=d:\games\battlefield 2\bf2.exe |
"{E14F9A82-0EB0-40D4-BFF0-76AB66C9C963}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{E20C64E9-16AB-4F46-9BC7-08DB4D8FCEE7}" = protocol=6 | dir=in | app=d:\games\battlefield bad company 2\bfbc2updater.exe |
"{E38DB545-3708-4DF8-9DBA-A3D971A73B6F}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{E649F177-223D-4953-A18E-E952A6A4BA8B}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{EC88690E-5F97-4446-8C99-A114ED75A7C9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{EE7E6D66-B574-4646-95F1-6E9AE1E2030F}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{F05F70DA-E073-48D3-A6B6-1BC9FC30A9A0}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{F137ECEB-C614-432F-86E5-8E64A9662831}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{F22D4951-2EA2-47A6-8F33-CC6ABBB2F90A}" = protocol=17 | dir=in | app=c:\program files\spamihilator\spamihilator.exe |
"{F2F9A031-2A51-4B08-B246-684B18C3902B}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{F37F6655-D54C-4159-87D2-A6989F2500A2}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{F8CFF3B1-85DA-4562-A582-7FA0F235C474}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{FE24BB20-1768-4974-B23E-1C5F6F15EFA2}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{FE258A41-252D-4DCB-B3B8-F88F26E0CDCD}" = protocol=17 | dir=in | app=d:\games\battlefield 2\bf2.exe |
"TCP Query User{076B81EF-B8D2-4901-8941-404EC25E1F7D}C:\program files\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"TCP Query User{2C9CFADA-32E7-4FB1-8A08-698011B09863}D:\software\jre\bin\javaw.exe" = protocol=6 | dir=in | app=d:\software\jre\bin\javaw.exe |
"TCP Query User{2D23F686-FF1B-4F24-8C35-67F7E4B8698D}D:\games\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=d:\games\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{4C8E9B25-4C99-410D-A86A-5D78DF9C6CA7}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{666077AA-E6B8-4DC3-8736-9637BE054B78}D:\games\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=d:\games\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{7DD582B2-0B9B-4333-B112-AFBDA1028470}C:\program files\activision\call of duty - world at war\codwawmp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"TCP Query User{853BD3F1-12BC-44C0-B994-AF040122A3FF}D:\games\steam\steamapps\jcvanhorn\day of defeat source\hl2.exe" = protocol=6 | dir=in | app=d:\games\steam\steamapps\jcvanhorn\day of defeat source\hl2.exe |
"TCP Query User{906A86FB-EA24-401E-97FE-55006379A764}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{BB30B367-BB21-447D-81A7-423AE0820273}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"TCP Query User{FFA5A690-81EE-4573-B717-69612FFAB69B}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{0FD36EB3-FAEF-4929-9DE4-55956F2B655D}D:\games\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=d:\games\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{1A29D0F8-ADE5-4FB3-84B0-251CA2B52379}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"UDP Query User{24398EE3-28EF-471B-8A6C-63A6AFEC609C}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{301DAC37-A6FA-4697-8933-09A159636130}C:\program files\activision\call of duty - world at war\codwawmp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"UDP Query User{35C09772-2DA9-4864-B17B-8898A60048C0}C:\program files\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"UDP Query User{58344156-687E-4EC2-88F6-CA50A71DB525}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{5B365AF6-DE2E-4728-98CA-B2A42F088ED0}D:\software\jre\bin\javaw.exe" = protocol=17 | dir=in | app=d:\software\jre\bin\javaw.exe |
"UDP Query User{8C9250EE-3E04-4151-87AA-2A01EC9F1956}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{C7CD7655-A410-4C6B-A4E6-65519BBD4A27}D:\games\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=d:\games\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{F959EB65-E537-4088-BE05-ED523EC76B6D}D:\games\steam\steamapps\jcvanhorn\day of defeat source\hl2.exe" = protocol=17 | dir=in | app=d:\games\steam\steamapps\jcvanhorn\day of defeat source\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0DEE907D-C36B-40F8-A205-DB86B6BFB5DA}" = MAGIX Web Designer 6 Download-Version
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28079FEA-7C6D-FEBC-B2F0-A74E226FDBD7}" = ATI Catalyst Install Manager
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{6609A4EB-CB71-422C-AA43-BBE75705D049}" = MAGIX Web Designer 6 Content
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7B01FD07-1790-4EE9-B5E0-149527D70C7D}" = Nokia Ovi Suite
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8ED5D0B7-A193-413F-815A-530BE36B38F7}" = Spamihilator 0.9.9.53 (32-Bit)
"{8F32C384-D237-4516-9F2B-223E8963A2FB}" = Lager
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CB4BB3FD-684F-41BD-B08D-50ED0B2A24DF}" = DWA-547
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFABC775-5386-4BA5-86B4-505BBD36E812}" = Batman: Arkham Asylum Game of the Year Edition
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.5
"GameSpy Arcade" = GameSpy Arcade
"Guitar Explorer 1.0" = Guitar Explorer 1.0
"HP PrecisionScan LT Software" = HP PrecisionScan LT Software
"HPOCR" = OCR Software by I.R.I.S. 10.0
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"JDownloader" = JDownloader
"MAGIX_MSI_Web_Designer_6" = MAGIX Web Designer 6 Download-Version
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.2pre)" = Mozilla Firefox (3.6.2pre)
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PunkBusterSvc" = PunkBuster Services
"Star Wars: The Force Unleashed_is1" = Star Wars: The Force Unleashed
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 300" = Day of Defeat: Source
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.9
"waterMark V2" = waterMark V2
"WinRAR archiver" = WinRAR
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate 6
"Xpage Internet Studio 6 Special Edition" = Xpage Internet Studio 6 Special Edition
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 05.09.2010 16:27:21 | Computer Name = Sascha-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung BF2VoiceSetup.exe, Version 0.0.0.0, Zeitstempel
0x428ca89a, fehlerhaftes Modul BF2VoiceSetup.exe, Version 0.0.0.0, Zeitstempel
0x428ca89a, Ausnahmecode 0xc0000005, Fehleroffset 0x00008661, Prozess-ID 0x63c, Anwendungsstartzeit
01cb4d38a4d657d6.
Error - 05.09.2010 16:29:08 | Computer Name = Sascha-PC | Source = VSS | ID = 8194
Description =
Error - 05.09.2010 16:33:11 | Computer Name = Sascha-PC | Source = VSS | ID = 8194
Description =
Error - 05.09.2010 16:37:23 | Computer Name = Sascha-PC | Source = VSS | ID = 8194
Description =
Error - 05.09.2010 16:45:06 | Computer Name = Sascha-PC | Source = VSS | ID = 8194
Description =
Error - 16.09.2010 06:41:13 | Computer Name = Sascha-PC | Source = VSS | ID = 8194
Description =
Error - 23.09.2010 13:04:17 | Computer Name = Sascha-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung WebDesigner.exe, Version 6.0.1.12244, Zeitstempel
0x4bcc5fe6, fehlerhaftes Modul XaraDraw.dll, Version 6.0.6002.18005, Zeitstempel
0x49e03821, Ausnahmecode 0xc0000135, Fehleroffset 0x00009eed, Prozess-ID 0xc90,
Anwendungsstartzeit 01cb5b415a84f2fb.
Error - 11.10.2010 14:25:36 | Computer Name = Sascha-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000417, Fehleroffset 0x028c457e, Prozess-ID 0xc, Anwendungsstartzeit
01cb696ee85f9141.
Error - 11.10.2010 14:25:36 | Computer Name = Sascha-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Dwm.exe, Version 6.0.6002.18005, Zeitstempel
0x49e01b94, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000417, Fehleroffset 0x1000457e, Prozess-ID 0x788, Anwendungsstartzeit
01cb696ee83218a1.
Error - 11.10.2010 14:27:03 | Computer Name = Sascha-PC | Source = VSS | ID = 8194
Description =
[ System Events ]
Error - 07.10.2010 12:47:26 | Computer Name = Sascha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 07.10.2010 16:28:01 | Computer Name = Sascha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 08.10.2010 07:28:41 | Computer Name = Sascha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 08.10.2010 17:13:41 | Computer Name = Sascha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 09.10.2010 08:05:50 | Computer Name = Sascha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.10.2010 07:07:05 | Computer Name = Sascha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.10.2010 08:04:45 | Computer Name = Sascha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.10.2010 15:04:47 | Computer Name = Sascha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11.10.2010 14:07:14 | Computer Name = Sascha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12.10.2010 12:04:53 | Computer Name = Sascha-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Danke schonmal! |
| Themen zu TR/Crypt.XPACK.Gen3 |
| 32 bit, 32-bit, ?????, angehängt, audiodg.exe, avgntflt.sys, call of duty, components, corp./icp, dwm.exe, eingefangen, firefox.exe, gefangen, gen, home premium, install.exe, local\temp, location, locker, nvlddmkm.sys, nvstor.sys, oldtimer, otl logfile, otl.exe, plug-in, programdata, saver, sched.exe, schonmal, searchplugins, shell32.dll, skype.exe, start menu, tr/crypt.xpack.ge, tr/crypt.xpack.gen, tr/crypt.xpack.gen3, video converter, visual studio, world at war |
Baum-Darstellung