| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Abstürze ~ found.005\file000chkWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.03.2011, 14:28
| #1 |
 |  Abstürze ~ found.005\file000chk Hallo, ich habe ein Problem mit meinen Laptop, habe bisher aber keine Infektion gefunden. Der Laptop stürzt unregelmäßig ab, bei verschiedenen Programmen/Spielen, das aktive Programm arbeitet nicht weiter, ich kann noch eine weile im Windows klicken aber nach einigen Sekunden hängt sich alles auf. Hijackthis & Malwarebytes finden nichts, Antivir hängt sich regelmäßig bei einer Datei mit Namen found.005\file000chk auf. Wenn der Rechner wieder hochfährt läuft Checkdisc durch. Habe vor kurzem mal auf den neusten nVidia-Treiber installiert, danach gab es massive Probleme, der Rechner fror ein beim öffnen von Windows-Fenstern, habe danach wieder auf die etwas ältere stabile Version gewechselt. Nun die Logs: Malwarebytes-Log Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6097
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
18.03.2011 13:54:17
mbam-log-2011-03-18 (13-54-17).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 175084
Laufzeit: 5 Minute(n), 8 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter OTL logfile created on: 18.03.2011 14:10:29 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\******\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 273,60 Gb Total Space | 47,37 Gb Free Space | 17,32% Space Free | Partition Type: NTFS Drive D: | 182,40 Gb Total Space | 39,13 Gb Free Space | 21,45% Space Free | Partition Type: NTFS Computer Name: ASUS | User Name: ****** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\******\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com) PRC - C:\Windows\System32\msfeedssync.exe (Microsoft Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files\TeamViewer\Version6\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files\TeamViewer\Version6\tv_w32.exe (TeamViewer GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe (Trend Micro Inc.) PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Program Files\Unlocker\UnlockerAssistant.exe () PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) PRC - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS) PRC - C:\Program Files\P4G\BatteryLife.exe (ATK) PRC - C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\Program Files\ASUS\ATK Hotkey\WDC.exe () PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe () PRC - C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe () PRC - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe () PRC - C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe () PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe () PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe () PRC - C:\Program Files\Wireless Console 2\wcourier.exe () PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG) PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) PRC - C:\Windows\System32\StkASv2K.exe (Syntek America Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\******\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) MOD - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll () MOD - C:\Program Files\Unlocker\UnlockerHook.dll () ========== Win32 Services (SafeList) ========== SRV - (StkSSrv) -- File not found SRV - (hpqddsvc) -- File not found SRV - (hpqcxs08) -- File not found SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (sp_rssrv) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (ASLDRService) -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe () SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe () SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe () SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) SRV - (StkASSrv) -- C:\Windows\System32\StkASv2K.exe (Syntek America Inc.) ========== Driver Services (SafeList) ========== DRV - (sp_rsdrv2) -- C:\Windows\System32\drivers\sp_rsdrv2.sys () DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek ) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (AVerAF15) -- C:\Windows\System32\drivers\AVerAF15.sys (AVerMedia TECHNOLOGIES, Inc.) DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (VtcDrv) -- C:\Windows\System32\drivers\vtcdrv.sys (Windows (R) Codename Longhorn DDK provider) DRV - (ManyCam) -- C:\Windows\System32\drivers\ManyCam.sys (ManyCam LLC.) DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. ) DRV - (FiltUSBET) -- C:\Windows\System32\drivers\etFilter.sys (eMPIA Technology Inc.) DRV - (ScanUSBET) -- C:\Windows\System32\drivers\etScan.sys (eMPIA Technology, Inc.) DRV - (DCamUSBET) -- C:\Windows\System32\drivers\etDevice.sys (eMPIA Technology, Inc.) DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys () DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys () DRV - (StkCMini) -- C:\Windows\System32\drivers\StkCMini.sys (Syntek) DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100) DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) DRV - (StkAMini) -- C:\Windows\System32\drivers\StkAMini.sys (Syntek America Inc.) DRV - (StkScan) -- C:\Windows\System32\drivers\StkScan.sys (Syntek America Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.groupon.de/deals/bochum|hxxp://www.onlinetvrecorder.com/|hxxp://www.facebook.com/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {8b86149f-01fb-4842-9dd8-4d7eb02fd055}:0.21.1 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4 FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0 FF - prefs.js..extensions.enabledItems: {e8f509f0-b677-11de-8a39-0800200c9a66}:1.8 FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.6.4 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2 FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..network.proxy.http: "localhost" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.socks: "localhost" FF - prefs.js..network.proxy.socks_port: 9050 FF - prefs.js..network.proxy.socks_remote_dns: true FF - prefs.js..network.proxy.ssl: "localhost" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.08.03 17:54:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.05 08:33:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.05 08:33:12 | 000,000,000 | ---D | M] [2010.03.09 19:03:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Extensions [2011.03.17 21:42:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions [2011.03.04 23:39:00 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010.04.27 14:01:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.02.09 13:00:09 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2010.04.20 20:02:33 | 000,000,000 | ---D | M] ("UltraSurf Firefox Tool") -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} [2010.04.13 16:57:34 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2011.02.13 00:42:26 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.12.24 10:20:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.03.12 21:04:27 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010.06.02 11:21:52 | 000,000,000 | ---D | M] (Web2PDF converter) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\{e8f509f0-b677-11de-8a39-0800200c9a66} [2010.10.02 13:09:39 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9} [2010.11.20 11:07:13 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\de-DE@dictionaries.addons.mozilla.org [2010.07.20 15:37:24 | 000,000,000 | ---D | M] (FIFA Online Web Launcher) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\eafo3fflauncher@ea.com [2010.04.28 19:17:09 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\firefox@tvunetworks.com [2010.09.16 18:15:14 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\vshare@toolbar [2010.07.11 11:40:35 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\prmt64dh.default\extensions\youtube2mp3@mondayx.de [2011.03.14 20:50:26 | 000,001,018 | ---- | M] () -- C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\prmt64dh.default\searchplugins\facebook.xml [2010.03.15 14:22:09 | 000,002,057 | ---- | M] () -- C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\prmt64dh.default\searchplugins\youtube-videosuche.xml [2011.03.17 21:42:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2010.10.25 12:13:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.02.13 07:47:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010.08.03 17:54:04 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010.02.21 13:35:10 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2010.01.13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2010.09.17 11:49:14 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.09.17 11:49:14 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.09.17 11:49:14 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.09.17 11:49:14 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010.09.17 11:49:14 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [ISUSPM Startup] File not found O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 [2011.02.14 10:08:09 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 [2011.02.14 15:03:46 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2011.02.14 15:03:46 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2011.02.14 15:03:46 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2011.02.14 15:03:46 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 [2011.02.14 15:03:46 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2011.02.14 15:03:46 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2011.02.14 15:03:46 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2011.02.14 15:03:46 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2011.02.14 10:08:09 | 000,000,000 | ---D | M] O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Program Files\FlashGet\jc_all.htm () O8 - Extra context menu item: &Mit FlashGet laden - C:\Program Files\FlashGet\jc_link.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\******\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\******\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{032ad35c-1e60-11df-9c74-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{032ad35c-1e60-11df-9c74-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{7c87f4ae-1ef7-11df-ac57-002243c7c22a}\Shell - "" = AutoRun O33 - MountPoints2\{7c87f4ae-1ef7-11df-ac57-002243c7c22a}\Shell\AutoRun\command - "" = F:\autorun.exe {5E7C721D-B008-4269-A1C4-2CE7E9757983} Setup.msi O33 - MountPoints2\{b3af1dae-b723-11df-be1e-002354649317}\Shell - "" = AutoRun O33 - MountPoints2\{b3af1dae-b723-11df-be1e-002354649317}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.hta O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.03.18 14:09:22 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe [2011.03.16 14:38:53 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\TeamViewer [2011.03.16 08:36:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ballerburg [2011.03.13 19:49:24 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RTL Playtainment [2011.03.13 19:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RTL Playtainment [2011.03.13 19:02:57 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\musik [2011.03.10 22:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.03.10 22:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011.03.10 22:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011.03.08 15:20:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA [2011.03.08 12:43:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2011.03.08 12:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011.03.08 12:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011.03.08 12:38:49 | 000,123,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys [2011.03.08 12:38:49 | 000,026,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll [2011.03.08 12:38:48 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll [2011.03.08 12:38:48 | 000,065,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapo32v.dll [2011.03.08 12:38:44 | 005,473,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2011.03.08 12:38:43 | 014,899,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011.03.08 12:38:43 | 010,084,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011.03.08 12:38:43 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322030.dll [2011.03.08 12:38:42 | 010,023,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2011.03.08 12:38:42 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011.03.08 12:38:42 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322050.dll [2011.03.08 12:38:41 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011.03.08 12:38:41 | 004,837,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011.03.08 12:38:41 | 002,912,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011.03.08 12:38:41 | 001,719,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2011.03.08 12:38:41 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011.03.08 12:38:41 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2011.03.08 12:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2011.02.28 21:54:03 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\800AAAAA [2011.02.24 00:02:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2011.02.24 00:00:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll [2011.02.23 23:59:54 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe [2011.02.23 23:59:54 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe [2011.02.23 23:59:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe [2011.02.23 23:59:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll [2011.02.23 23:59:53 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe [2011.02.23 23:59:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll [2011.02.23 23:59:53 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll [2011.02.23 23:59:53 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll [2011.02.23 23:59:53 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll [2011.02.23 23:59:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll [2011.02.23 23:59:48 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2011.02.23 23:59:48 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2011.02.23 23:59:48 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll [2011.02.23 23:59:48 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2011.02.23 23:59:48 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2011.02.20 18:16:51 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Local\AirMouse [2011.02.20 18:16:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Air Mouse [2011.02.20 18:16:06 | 000,000,000 | ---D | C] -- C:\Program Files\Air Mouse [2011.02.20 18:14:41 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Local\Downloaded Installations [2011.02.20 09:20:22 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\Kugirock [2011.02.19 22:38:41 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\HolidayIslandFix [2011.02.19 08:24:38 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\Holiday Island - Szenarien [2011.02.18 16:57:09 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\OTR [2011.02.18 16:36:58 | 004,184,352 | ---- | C] (Apple, Inc.) -- C:\Windows\System32\usbaaplrc.dll [2011.02.18 00:52:41 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\BoneTown [2011.02.18 00:42:46 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BoneTown [2010.02.20 22:26:28 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.03.18 14:12:47 | 000,000,400 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CA64AF00-3FA6-4A84-83EA-9D622EE2C500}.job [2011.03.18 14:09:26 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe [2011.03.18 13:46:35 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.03.18 13:32:02 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.03.18 13:32:02 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.03.18 13:31:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.03.18 13:31:52 | 3218,231,296 | -HS- | M] () -- C:\hiberfil.sys [2011.03.18 12:37:47 | 000,000,250 | ---- | M] () -- C:\Users\******\Desktop\zDoksbkument.rtf [2011.03.18 00:11:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.03.16 17:25:26 | 1487,701,446 | ---- | M] () -- C:\Users\******\Desktop\Taeter__Mensch_Das_Boese_in_uns_11.03.12_20-15_vox_235_TVOON_DE.mpg.avi.otrkey [2011.03.16 08:36:29 | 000,000,722 | ---- | M] () -- C:\Users\******\Desktop\Ascaron Internet Client starten.lnk [2011.03.16 08:36:29 | 000,000,613 | ---- | M] () -- C:\Users\******\Desktop\Ballerburg starten.lnk [2011.03.15 19:02:28 | 002,338,898 | ---- | M] () -- C:\Users\******\Desktop\IMG_0541.JPG [2011.03.14 10:27:21 | 000,249,856 | ---- | M] () -- C:\Users\******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.03.13 21:31:54 | 000,031,970 | ---- | M] () -- C:\Users\******\Desktop\efh.pdf [2011.03.13 19:49:26 | 000,000,698 | ---- | M] () -- C:\Users\******\Desktop\RTL Biathlon 2007.lnk [2011.03.13 19:15:16 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml [2011.03.13 19:15:16 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml [2011.03.13 18:47:04 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2011.03.13 09:32:25 | 000,143,844 | ---- | M] () -- C:\Users\******\Desktop\Unbenannt-6.jpg [2011.03.13 09:31:17 | 000,190,273 | ---- | M] () -- C:\Users\******\Desktop\asd.jpg [2011.03.13 08:33:46 | 001,326,145 | ---- | M] () -- C:\Users\******\Desktop\asd.png [2011.03.13 08:33:44 | 000,000,132 | ---- | M] () -- C:\Users\******\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011.03.13 08:24:25 | 000,477,676 | ---- | M] () -- C:\Users\******\Desktop\Nackt-X.jpg [2011.03.12 22:39:25 | 001,328,280 | ---- | M] () -- C:\Users\******\Desktop\unbenanntbk.png [2011.03.10 22:41:07 | 000,001,671 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.03.09 20:43:57 | 000,669,120 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.03.09 20:43:57 | 000,629,724 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.03.09 20:43:57 | 000,145,158 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.03.09 20:43:57 | 000,119,088 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.03.08 16:38:04 | 000,030,520 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011.03.08 14:36:52 | 000,022,328 | ---- | M] () -- C:\Users\******\AppData\Roaming\PnkBstrK.sys [2011.03.08 14:36:30 | 002,250,024 | ---- | M] () -- C:\Windows\System32\pbsvc.exe [2011.03.08 12:35:01 | 000,001,356 | ---- | M] () -- C:\Users\******\AppData\Local\d3d9caps.dat [2011.03.07 16:53:02 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.03.07 16:48:44 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2011.02.27 09:09:29 | 157,666,977 | ---- | M] () -- C:\Users\******\Desktop\IMG_0395.MOV [2011.02.27 09:09:29 | 006,663,108 | ---- | M] () -- C:\Users\******\Desktop\IMG_0395.flv [2011.02.20 18:48:28 | 000,002,513 | ---- | M] () -- C:\Users\******\Desktop\Air Mouse.exe.lnk [2011.02.19 23:19:20 | 006,067,870 | ---- | M] () -- C:\Users\******\Desktop\Holiday_Island.exe [2011.02.19 22:34:52 | 000,000,000 | ---- | M] () -- C:\Windows\setup.lst [2011.02.19 22:34:51 | 000,000,018 | ---- | M] () -- C:\Windows\ssetup.ini [2011.02.18 16:41:29 | 077,901,191 | ---- | M] () -- C:\Users\******\Desktop\Holiday Island - Szenarien (1997)(DE)(ISO).7z.001 [2011.02.18 16:36:58 | 004,184,352 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\usbaaplrc.dll [2011.02.18 00:42:47 | 000,000,625 | ---- | M] () -- C:\Users\******\Desktop\BoneTown.lnk [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.03.18 12:37:47 | 000,000,250 | ---- | C] () -- C:\Users\******\Desktop\zDoksbkument.rtf [2011.03.16 13:53:42 | 1487,701,446 | ---- | C] () -- C:\Users\******\Desktop\Taeter__Mensch_Das_Boese_in_uns_11.03.12_20-15_vox_235_TVOON_DE.mpg.avi.otrkey [2011.03.16 08:36:29 | 000,000,722 | ---- | C] () -- C:\Users\******\Desktop\Ascaron Internet Client starten.lnk [2011.03.16 08:36:29 | 000,000,613 | ---- | C] () -- C:\Users\******\Desktop\Ballerburg starten.lnk [2011.03.15 18:59:14 | 002,338,898 | ---- | C] () -- C:\Users\******\Desktop\IMG_0541.JPG [2011.03.13 21:31:49 | 000,031,970 | ---- | C] () -- C:\Users\******\Desktop\Evangelische Fachhochschule Rheinland-Westfalen-Lippe.pdf [2011.03.13 19:49:26 | 000,000,698 | ---- | C] () -- C:\Users\******\Desktop\RTL Biathlon 2007.lnk [2011.03.13 19:15:10 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml [2011.03.13 19:15:10 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml [2011.03.13 09:32:24 | 000,143,844 | ---- | C] () -- C:\Users\******\Desktop\Unbenannt-6.jpg [2011.03.13 09:31:14 | 000,190,273 | ---- | C] () -- C:\Users\******\Desktop\asd.jpg [2011.03.13 08:33:42 | 001,326,145 | ---- | C] () -- C:\Users\******\Desktop\asd.png [2011.03.13 08:24:25 | 000,477,676 | ---- | C] () -- C:\Users\******\Desktop\Nackt-X.jpg [2011.03.12 22:39:25 | 001,328,280 | ---- | C] () -- C:\Users\******\Desktop\unbenanntbk.png [2011.03.10 22:41:07 | 000,001,671 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.03.08 12:38:43 | 000,004,962 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2011.03.08 12:05:38 | 3218,231,296 | -HS- | C] () -- C:\hiberfil.sys [2011.03.08 09:27:23 | 000,000,400 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{CA64AF00-3FA6-4A84-83EA-9D622EE2C500}.job [2011.03.07 16:53:02 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.02.28 21:51:00 | 157,666,977 | ---- | C] () -- C:\Users\******\Desktop\IMG_0395.MOV [2011.02.28 21:51:00 | 006,663,108 | ---- | C] () -- C:\Users\******\Desktop\IMG_0395.flv [2011.02.23 23:59:49 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2011.02.23 23:59:49 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml [2011.02.23 23:59:49 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl [2011.02.20 18:48:17 | 000,002,513 | ---- | C] () -- C:\Users\******\Desktop\Air Mouse.exe.lnk [2011.02.19 22:34:52 | 000,000,000 | ---- | C] () -- C:\Windows\setup.lst [2011.02.19 22:34:51 | 000,000,018 | ---- | C] () -- C:\Windows\ssetup.ini [2011.02.19 17:17:48 | 005,195,141 | ---- | C] () -- C:\Users\******\Desktop\SAM_0733.JPG [2011.02.19 17:17:48 | 005,194,969 | ---- | C] () -- C:\Users\******\Desktop\SAM_0782.JPG [2011.02.19 08:22:47 | 006,067,870 | ---- | C] () -- C:\Users\******\Desktop\Holiday_Island.exe [2011.02.18 16:19:16 | 077,901,191 | ---- | C] () -- C:\Users\******\Desktop\Holiday Island - Szenarien [2011.02.18 00:42:47 | 000,000,625 | ---- | C] () -- C:\Users\******\Desktop\BoneTown.lnk [2011.02.06 15:30:08 | 000,017,408 | ---- | C] () -- C:\Users\******\AppData\Local\WebpageIcons.db [2011.01.21 22:35:41 | 000,083,968 | ---- | C] () -- C:\Windows\UnGins.exe [2011.01.21 22:35:31 | 000,473,600 | ---- | C] () -- C:\Windows\System32\Harmony.dll [2011.01.21 22:35:31 | 000,237,568 | ---- | C] () -- C:\Windows\System32\Unlha32.dll [2011.01.21 13:13:00 | 000,002,572 | R--- | C] () -- C:\Windows\WAVEMIX.INI [2011.01.02 20:47:56 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys [2010.12.31 20:58:18 | 000,000,005 | ---- | C] () -- C:\Users\******\AppData\Roaming\.sunvox_pateditor [2010.12.31 20:30:53 | 000,000,001 | ---- | C] () -- C:\Users\******\AppData\Roaming\.sunvox_colortheme [2010.11.24 21:04:41 | 000,000,016 | ---- | C] () -- C:\Windows\entpack.ini [2010.11.16 13:08:13 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010.10.28 16:09:16 | 000,000,940 | ---- | C] () -- C:\Windows\AnimatorDV.INI [2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.10.13 17:18:53 | 000,000,132 | ---- | C] () -- C:\Users\******\AppData\Roaming\Adobe PNG Format CS5 Prefs [2010.07.26 21:54:39 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.07.20 15:40:19 | 000,030,520 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010.07.20 15:40:18 | 000,022,328 | ---- | C] () -- C:\Users\******\AppData\Roaming\PnkBstrK.sys [2010.07.20 15:39:04 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2010.07.20 15:39:00 | 002,250,024 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2010.07.20 15:39:00 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010.06.21 20:10:43 | 000,079,269 | ---- | C] () -- C:\Windows\remove.EXE [2010.05.03 23:55:28 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2010.04.21 11:21:12 | 000,001,057 | ---- | C] () -- C:\Windows\eReg.dat [2010.04.19 22:15:08 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [2010.04.12 21:17:44 | 000,000,063 | ---- | C] () -- C:\Windows\AVerText.ini [2010.04.11 22:07:11 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat [2010.03.29 15:32:32 | 000,000,350 | ---- | C] () -- C:\Windows\System32\AP6RMHV.BIN [2010.03.29 15:32:32 | 000,000,308 | ---- | C] () -- C:\Windows\System32\AP6RMKV.BIN [2010.03.29 15:32:32 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJH.BIN [2010.03.29 15:32:32 | 000,000,238 | ---- | C] () -- C:\Windows\System32\AP6RMFP.BIN [2010.03.29 15:32:32 | 000,000,189 | ---- | C] () -- C:\Windows\System32\AP6RMKS.BIN [2010.03.29 15:32:32 | 000,000,126 | ---- | C] () -- C:\Windows\System32\AP6RMHR.BIN [2010.03.17 14:14:44 | 000,078,187 | ---- | C] () -- C:\Windows\hpqins05.dat [2010.03.13 16:49:22 | 000,019,573 | ---- | C] () -- C:\Windows\hpqins13.dat.temp [2010.03.09 14:45:21 | 000,138,540 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2010.03.05 14:15:23 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010.03.05 14:15:08 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010.03.04 10:42:56 | 000,000,095 | ---- | C] () -- C:\Users\******\AppData\Local\fusioncache.dat [2010.03.03 19:50:48 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010.02.23 22:03:10 | 000,019,573 | ---- | C] () -- C:\Windows\hpqins13.dat [2010.02.23 14:26:57 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010.02.23 14:26:56 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010.02.22 19:59:58 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010.02.22 19:20:25 | 000,164,867 | ---- | C] () -- C:\Windows\hpoins21.dat.temp [2010.02.22 19:20:25 | 000,007,262 | ---- | C] () -- C:\Windows\hpomdl21.dat.temp [2010.02.22 17:54:49 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010.02.22 17:53:41 | 000,000,395 | ---- | C] () -- C:\Windows\MAXLINK.INI [2010.02.21 21:46:47 | 000,249,856 | ---- | C] () -- C:\Users\******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.02.21 14:24:40 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2010.02.21 12:49:19 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.02.21 12:30:55 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe [2010.02.20 23:00:34 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2010.02.20 21:48:12 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2010.02.20 21:44:46 | 000,049,152 | ---- | C] () -- C:\Windows\revdevdll.dll [2010.02.20 21:06:23 | 000,001,356 | ---- | C] () -- C:\Users\******\AppData\Local\d3d9caps.dat [2009.12.03 09:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009.05.27 10:48:08 | 000,094,208 | ---- | C] () -- C:\Windows\System32\zmbv.dll [2008.07.29 17:33:22 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll [2008.04.16 12:11:34 | 000,669,120 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.04.16 12:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.04.16 12:11:34 | 000,145,158 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.04.16 12:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2008.04.16 11:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini [2007.08.16 14:17:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\nsldap32v50.dll [2007.04.16 03:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 003,904,200 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,629,724 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,119,088 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005.12.21 15:57:04 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsldappr32v50.dll [2005.12.21 15:54:34 | 000,040,960 | ---- | C] () -- C:\Windows\System32\nsldapssl32v50.dll [2005.04.03 15:30:00 | 000,110,592 | R--- | C] () -- C:\Windows\System32\scardsyn.dll [2004.12.20 11:08:28 | 000,155,648 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2004.12.20 11:03:26 | 000,679,936 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [1998.05.06 20:10:00 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll [1995.03.21 23:00:00 | 000,056,320 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll ========== LOP Check ========== [2011.01.23 23:03:15 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\.minecraft [2010.11.04 19:01:06 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Azureus [2010.11.05 10:15:23 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\biu software [2011.02.18 01:32:42 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\BoneTown [2010.05.10 20:28:13 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Braid [2010.02.21 15:47:17 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DAEMON Tools Lite [2010.02.21 14:45:31 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DAEMON Tools Pro [2010.08.30 12:43:01 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DNA [2011.02.13 00:42:26 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers [2011.02.15 20:58:37 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\FileZilla [2010.02.21 13:20:22 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\FlashGet [2010.02.21 13:35:50 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Foxit [2010.10.03 12:00:10 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Foxit Software [2010.03.09 15:14:02 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\HD Tune Pro [2011.03.17 10:51:02 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ICQ [2010.05.14 17:45:08 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Loonies [2010.09.19 10:19:19 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\LucasArts [2010.03.24 15:41:17 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ManyCam [2010.10.28 20:43:20 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\MonkeyJam [2010.05.18 12:52:59 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\MudTV [2010.07.30 16:05:25 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Need for Speed World [2010.08.28 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Nvu [2010.03.07 11:45:53 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\OpenOffice.org [2010.04.14 05:57:06 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Opera [2010.06.01 17:06:22 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Planetside Software [2010.10.20 10:49:10 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Polynomial [2011.01.03 08:15:14 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ProtectDISC [2010.06.16 20:35:47 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ScanSoft [2010.05.03 16:56:31 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\SongBeamer [2011.03.08 10:43:22 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Spyware Terminator [2010.04.14 13:31:49 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\SumatraPDF [2011.03.16 15:05:30 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TeamViewer [2010.03.05 08:20:07 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Tropico 3 Demo [2010.03.31 23:03:42 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TS3Client [2010.11.05 09:57:32 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TubeBox [2010.03.04 14:02:23 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Turbine [2010.06.01 17:06:23 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\uk.co.planetside [2010.05.23 20:38:40 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Ulead Systems [2011.02.05 23:28:45 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Uniblue [2011.03.08 10:30:27 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Xilisoft [2010.02.22 17:55:41 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Zeon [2010.09.19 21:42:32 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ZombieDriver [2011.03.18 00:11:38 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.03.18 14:12:47 | 000,000,400 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CA64AF00-3FA6-4A84-83EA-9D622EE2C500}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:7B30FBAD50D9AF91 < End of report > Code:
ATTFilter OTL Extras logfile created on: 18.03.2011 14:10:29 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\******\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 273,60 Gb Total Space | 47,37 Gb Free Space | 17,32% Space Free | Partition Type: NTFS
Drive D: | 182,40 Gb Total Space | 39,13 Gb Free Space | 21,45% Space Free | Partition Type: NTFS
Computer Name: ASUS | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1 -- [2011.02.14 15:03:46 | 000,000,000 | ---D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1 -- [2011.02.14 15:03:46 | 000,000,000 | ---D | M]
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1 -- [2011.02.14 15:03:46 | 000,000,000 | ---D | M]
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1 -- [2011.02.14 15:03:46 | 000,000,000 | ---D | M]
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2DCA5790-8B56-49CB-B161-88E39C02F97A}" = rport=138 | protocol=17 | dir=out | app=system |
"{31D07A1D-9AEF-4A33-8C5E-C3EF6C170C2F}" = rport=445 | protocol=6 | dir=out | app=system |
"{3921F701-9D31-4F3B-B3A6-1CB907A989D5}" = lport=137 | protocol=17 | dir=in | app=system |
"{44DCCA52-763C-45AB-A143-974FCC16A89B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{57B13531-11C4-4833-8A45-608E4810BAB9}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{5B4E5E25-A3F2-433F-8A24-AADF4347852F}" = lport=138 | protocol=17 | dir=in | app=system |
"{751F77D9-0B39-42AC-A26C-D6C090A20956}" = rport=139 | protocol=6 | dir=out | app=system |
"{79417468-BEB9-4867-82E7-3DD62E6361D6}" = rport=137 | protocol=17 | dir=out | app=system |
"{8599C032-90F5-4CE3-A38E-20E489A04B8B}" = lport=59585 | protocol=6 | dir=in | name=akamai netsession interface |
"{94C9FF76-69C8-4005-AE97-BE6A3E33552E}" = lport=49157 | protocol=6 | dir=in | name=akamai netsession interface |
"{B755E3E5-3157-4B70-8467-A626CC11D5B2}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{C2753D27-4E11-489B-ACBB-91DF67057099}" = lport=139 | protocol=6 | dir=in | app=system |
"{CFEAC2C2-3689-4CBD-9276-09E5A54C9471}" = lport=445 | protocol=6 | dir=in | app=system |
"{DC9DE573-52F1-4524-AAE0-17245732E2A5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00898167-E852-4BDE-96ED-594A58EF7F9F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00AFC327-1B80-4BC1-B0AC-B5F5B457CBFE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00E59D50-6028-41BF-B370-8DA14FCBE406}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{012506B3-9C0B-435A-ACD1-3A02F36A314C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\zombie bowl-o-rama\zombie bowl-o-rama.exe |
"{023EAE46-D7FF-4F75-B6EE-24D33361A070}" = protocol=6 | dir=in | app=d:\spiele\fuel\fuel.exe |
"{05C28E8D-0650-4F7C-A2CF-C8C95B1D6944}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0636EBBA-6EC2-4511-995A-0C11EB4EE438}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\devil may cry 4\devilmaycry4_dx9.exe |
"{0647721A-95A0-4344-9DDD-BB37355A7EA5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\jedi academy\gamedata\jasp.exe |
"{092E0198-BB43-432E-8752-8F5076EBDE41}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C710A3D-9B49-4F40-9535-6DF8BFD1EB91}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0DE28175-3B6B-4A54-999E-B09327D1CFD3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F8CF295-4CF1-4AAF-8D31-AE71ABE343A9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\overlord\overlord.exe |
"{154C6E42-1CAD-4677-9077-13BD105317EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{15AAF53F-D008-48A8-9809-A9A769F7002F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\overlord\overlord.exe |
"{15FA0846-5B31-4AB5-BE38-E4E59144E91B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{183E3052-2E5B-4EC9-A40D-D96D5C69D147}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{187DBBA6-7E11-4226-A0D6-114A481C4089}" = protocol=6 | dir=in | app=d:\spiele\audition\audition.exe |
"{19BD77A9-FBDF-4029-83A4-BAAAE9736ABA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\drakensang\drakensang.exe |
"{1C7772A7-3DB9-4BE8-9021-30D706C9E2C3}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{1CED9DBA-8C0D-404A-AFAC-2BD14DDC3694}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1DE7D319-BDE2-42A3-8BCD-3B914303B1F2}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{1F7ACB0C-2DA9-4D78-9CA3-3D9DE48DAE10}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21B37D7F-824A-4EEF-985D-704BA896F391}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{223C1A0E-E91B-4FCF-A130-5570A7411F3F}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{230F9F0E-E1AC-4764-ABDF-557F2AC79109}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{252DC52D-9E1D-429E-AD4F-7ECB319A3FB5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\devil may cry 4\devilmaycry4_dx10.exe |
"{25549F93-D22F-4BD4-B50E-6D6A5F9F232E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{2648C9DF-5AC4-40DE-AEB7-10103598DEFB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2794C239-D13D-4DB6-866C-1712E50F503D}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{27C55760-50FC-4B5F-AF5C-ADC4C448BD06}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{27DA28FE-1645-42E7-B8A8-8970C5C138C8}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{290A9BF0-B652-4291-B9DF-936EE97E0520}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{291CEB1E-E2BD-4FC5-A743-3D0FDA1FE5DE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BB64876-30DE-4C76-9AE3-1EC9923B0B52}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{2DCE4E9C-4558-414F-BC46-91173E2812C8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\monkey2\monkey2.exe |
"{2E70CB66-5E76-4645-9AE9-6FFA0AF39383}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2F018CFD-F681-4DD1-94C5-79806A03AAA2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{34D13072-D0A6-4962-98B8-D809DA22CA49}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3594CA95-D364-425C-94E8-F49D041383DA}" = protocol=6 | dir=in | app=d:\spiele\assassin's creed\assassinscreed_dx9.exe |
"{361504F4-E3DE-449F-8D81-49134F84D18D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\unreal tournament 3\binaries\ut3.exe |
"{36DDD466-01D4-42BD-A91C-FC92E9E9C1B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38AD6400-1C2A-4F59-B852-82960986CFD0}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{3BCC8403-48F0-4C75-8670-6BA2E7F12184}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3DB50B7F-C0CF-4356-9978-98A2C8665063}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{3EDA2BA7-5FF9-4602-9B2B-D2E4D08E09DD}" = protocol=17 | dir=in | app=d:\spiele\assassin's creed\assassinscreed_dx10.exe |
"{3F345316-7B6F-4265-91DD-CF7D17D23053}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{409AB07A-8686-482E-94BC-F8FAF8A32B90}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4112236B-F478-44D1-91A1-159C80D9EC18}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{41F5C93D-B2BE-40CC-8346-6A722D6AC913}" = protocol=6 | dir=in | app=d:\spiele\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{4485E311-91F9-47C8-83C4-65C1DDA9E45D}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{45CF5986-4060-45D7-9CA6-58E8B7A8C588}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{46F09DAD-86B1-4874-A151-B30EA2B1B900}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dogfighter\bin\x86_vc8\dogfightersteam.exe |
"{47CA7B3E-A973-4AA2-B4E4-EC066E97D6AB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{483B8705-4628-41AC-BD0C-DEE07CB1A9EB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\overlord ii\overlord2.exe |
"{48E7F18E-34C2-4A4A-BD99-7A16225D2B78}" = protocol=17 | dir=in | app=d:\spiele\fuel\fuel.exe |
"{4B645235-393D-4CE8-92BB-5EC459A99CE9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{4DCEA031-2BB5-459E-8003-9E7CA12D40CC}" = protocol=17 | dir=in | app=d:\spiele\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{5006A125-D4A7-41AD-84A6-4014CCA43E0F}" = protocol=6 | dir=in | app=d:\steam\steamapps\bastelm\garrysmod\hl2.exe |
"{52E7A131-3D84-4A57-A9E4-04C932CE05CB}" = protocol=17 | dir=in | app=d:\spiele\audition\patcher.exe |
"{53192378-2AA4-4BB9-A0EE-CD2BD28C58A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{531B5BE0-63FA-4E62-8ABE-39560E14A685}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{533207E3-894D-447E-A2C2-09AFE9A020F1}" = protocol=17 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{55EDCA78-924D-4C38-8C09-E4F97CC28353}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{56014AD0-B5B9-4A20-9B6B-095C27C7CB7D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{564E848C-48A9-405D-B713-0131BC6F722C}" = protocol=17 | dir=in | app=d:\steam\steamapps\bastelm\garrysmod\hl2.exe |
"{56D816CD-B1BE-44C0-B87D-60A481B32734}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5836535E-70FF-4D39-9E0C-45241B3CEF58}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{5A2B0D36-5206-4FB5-95B0-ABE4A61FFCF5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C25D98A-F8CB-40D9-9123-3302F39A3BA5}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5E1552D3-5A6F-4918-AC0F-6FEB05F4719F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{603985CB-5A5A-4028-99EF-539F4DCD7D04}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{6083571C-2DF7-43B2-8A35-FE21B78BDC08}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\shank\bin\shank.exe |
"{643CDDC5-7A41-4D92-906B-80AAE1AE6448}" = protocol=17 | dir=in | app=d:\spiele\assassin's creed\assassinscreed_dx9.exe |
"{64D3A9B2-62F6-4735-9A12-09C9AE3B513A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{661F8987-19EC-488A-8901-4F4B00FA99B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6627A9AA-DAD6-4C92-9BE9-A8675A637ECC}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{68BF946F-3900-4832-8405-C1837DB5CCAA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6C402114-3608-424F-A338-A3EA9132BBCC}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{6E01B023-4F6E-496E-8344-D0CA1633AB49}" = protocol=6 | dir=in | app=d:\spiele\assassin's creed\assassinscreed_dx10.exe |
"{6E319063-3749-4EDD-9A1B-73AEAADFD3DA}" = protocol=17 | dir=in | app=d:\steam\steamapps\bastelm\counter-strike source\hl2.exe |
"{6ED168C3-F008-4FCF-94C2-0B0A31CB4480}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\jedi academy\gamedata\jamp.exe |
"{6FD1895E-C4E2-4B4B-A9FC-81FBD2E2E108}" = protocol=6 | dir=in | app=d:\spiele\assassin's creed\assassinscreed_launcher.exe |
"{6FF650A1-F4E2-4A9F-8002-9B6862D1E0DE}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{70177300-3063-4260-8281-77C36D834BA9}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{702457BC-4AE4-410C-9932-7CCFDD47D12F}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{72766982-39D0-4A85-B053-72C846E7881F}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{7276ADA5-0A6C-4EA5-BE0F-66B86F09768B}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{7418DD7F-0AFB-458B-AC94-190FFFA1555A}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{756C68BA-D81E-4FB9-ABCF-D49FBC8DD5A9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7687483E-084E-4851-A348-2ED6189330D9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{7722FFAF-2E57-431E-B040-4919E97BA4C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7802F1AE-D668-45A4-9C82-3D00A640C408}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the secret of monkey island special edition\mise.exe |
"{795B2EAA-D656-4E0B-ABE1-3F986294A7D3}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{7966D095-9CD4-48D9-B942-8001B414D4B2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{7C229D21-86D4-491C-AF57-7CFA70DB57C9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{7E028448-836D-4CF2-BE07-E8406280C3C8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\zombie driver\release\zombiedriver.exe |
"{803B3856-8E95-4929-BFE2-47DD475CE584}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{811D89FA-E900-4573-A4A2-0D6EB225150B}" = protocol=6 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{8236C17A-AFCD-4A78-8579-9D8FAD665BAA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{825C7401-96E3-4DE1-BEAA-258CBF27756F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\alien swarm\swarm.exe |
"{8281204A-D692-4554-9AE5-944F46A33E58}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\overlord\config.exe |
"{844FF435-3CB7-4693-AF93-A85C74B53D07}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{8945C9C7-12CA-451C-A415-1DC526528F61}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{8A127B39-6AAC-472F-83AC-7CE01A750F42}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{8B5891E3-1993-4CEB-8807-39BA709D4F97}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{8B6912C9-CBE2-4F70-9DE9-C0F90FEDE878}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\star wars battlefront ii\gamedata\battlefrontii.exe |
"{8C58C865-1D55-4C09-845F-F4C664527E4A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8D40B468-683B-41DF-8BEA-870698C44683}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{8D49A8E8-7FCA-4D9B-B67D-88B20E1EEC43}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{8DEC090A-8C08-4A3A-AEB9-D660390B2487}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8E815A27-8AD5-455E-AD6B-AF7F0ABEBBC4}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{8F0C8C99-EA69-43D6-AED6-7887B957C4EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9022F1EB-A5C0-4597-88E6-C0678C0CA8F0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{907AD5B0-9EC2-41C2-BE49-2644BAA644BA}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{9200E0B4-F1DC-4BE3-9225-02180D08286D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\star wars battlefront ii\gamedata\battlefrontii.exe |
"{92E05223-E184-4C96-B0A1-741720AE42E1}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{939A3A04-306A-4834-85B1-E7E7F15CF19F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96CA9A9C-8781-483E-96F6-FF62B894C6EE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{98F12F52-A000-4AAE-998F-C31B1CA13F1D}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{9C4304A4-6908-4E41-9F81-6DB8D6471465}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{9D8521E7-5AE4-4943-ADF7-74E63182090F}" = protocol=17 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{9FB78DA9-3CCF-4B31-AB53-30B749EE12C5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\jedi academy\gamedata\jasp.exe |
"{A1D778CA-A297-4099-89C2-5E190685BBCD}" = protocol=6 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{A2D28676-5D8B-4AEB-A070-AEA226AB1C4E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A5B0F76F-8B6D-4A3D-99F8-3C8534765A6A}" = protocol=6 | dir=in | app=d:\spiele\pro evolution soccer 2008\pes2008.exe |
"{A5ECB99A-6B87-4277-BEDB-42F2724FDE5F}" = protocol=6 | dir=in | app=d:\steam\steamapps\bastelm\counter-strike source\hl2.exe |
"{A69959F3-EFB6-4D49-AB6C-09DEB851D5FE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\shank\bin\shank.exe |
"{A77E9046-45A5-4D79-98E3-91136030E79A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A806ECA5-FF89-409E-AF90-EC1B28718D37}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A85CB57F-786F-42F0-A8A3-DCE73DDAAF4A}" = protocol=17 | dir=in | app=d:\spiele\pro evolution soccer 2008\pes2008.exe |
"{A8C88223-3C6F-4430-A227-198D060D451F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\overlord\overlord.exe |
"{A8F646E3-4499-4913-8E30-CDC950384826}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{AA63B86C-D62A-4400-93C6-0F90D863CB32}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{AA904CCA-4C33-4501-B755-FEEEBBC2673A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{AEB5EB0B-39E9-400F-9500-25A3F3711286}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{AFA2E658-62B9-41A9-B913-46600C7F2807}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFAA6061-C226-4300-B75F-8D1FE86C6BDC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{AFDC27CE-DB87-47E9-BDE7-BA537623B110}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B03BAA00-1969-4657-A5F1-DF88A4A1BD56}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B1DEAFC5-4319-41C8-BAAC-97ECB104E259}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B2B29A14-00D2-4E5E-BE99-234D2D2F774C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B2DF9674-0E0F-4ABE-9500-23F5C5C30691}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{B3E3E168-B87C-4B14-988F-309D9399F9C0}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\jedi academy\gamedata\jamp.exe |
"{B3E7A93E-53FF-4A9E-BC4A-16C0742F239D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B404EBF6-242E-4DCD-8F9F-5B822F4C2E2E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\unreal tournament 3\binaries\ut3.exe |
"{BAD3A760-D324-45A1-B0FB-DDD56276AC9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BAD6E4A1-E327-49AE-A546-1AC38E51CB19}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB7CD099-7599-492A-975A-D45031527C34}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{BC8A8971-5DFE-45E9-B54E-095669EEEC7D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BDF97E36-6785-4BDA-B8D5-F6CE9E6DD0A4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BE658BB6-F082-4EF3-A4F4-BB71F18091C7}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\drakensang\drakensang.exe |
"{C2B16A8A-1890-499E-A27A-684AAF9A8B80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C2B72B9D-E881-4751-AEDC-C0AB2DD584EF}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{C2BCFA6E-C0DC-4A4B-8F1B-629EE4DCF863}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\overlord\config.exe |
"{C36AB76D-A2DC-4CDD-8555-03200471616C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C5796D7F-530C-4912-982C-FCBCB744F492}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C9B01188-EBDF-41FD-93F1-34F0477DC11A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C9C3DE50-83DF-493B-BB05-5EC2F5269418}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{CA46A66B-FECD-4450-AB85-5CF3A1CAB4D3}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{CCC9D64A-F7E8-4333-9986-7DBEF5F60AC4}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\devil may cry 4\devilmaycry4_dx10.exe |
"{CE8CA67A-03E7-40E1-882F-3D5E6E2BF919}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\overlord ii\config.exe |
"{D1F9E36E-018A-4351-A47D-5D5798FB2089}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D33456EC-E485-4802-A046-3068A2C3A6A0}" = protocol=17 | dir=in | app=d:\spiele\assassin's creed\assassinscreed_launcher.exe |
"{D36C14EB-7EFE-4566-AED4-44D35C765DFE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dogfighter\bin\x86_vc8\dogfightersteam.exe |
"{D421A97A-6BA9-44CB-BFB4-1B49BE4F8E54}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{D53BA302-A503-43C6-B996-E9F931F562FE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D64A185A-778A-4BFC-8939-39A1146CAAFE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\overlord ii\overlord2.exe |
"{D8C525BF-5921-41B2-8FE0-84D89250643D}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{DBA05100-D4BC-46C1-AC43-836D1056FB51}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DC3E495B-9A1E-476B-A133-683B06BD26CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD1DB137-7DA3-42EB-8F13-4F4661F2A47E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\alien swarm\swarm.exe |
"{E09AD6FE-ACB6-4628-96FE-4BBE7583EA28}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the secret of monkey island special edition\mise.exe |
"{E0C56EA3-204D-48FE-A445-0A04805CED41}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{E3594F9C-8583-4B8C-902A-B31E7A8F2980}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{E365F570-ED6F-46D5-871A-44C98B86FD09}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{E3A043D3-315B-44D3-968C-3C05B39AEAAF}" = protocol=17 | dir=in | app=d:\spiele\audition\audition.exe |
"{E402D635-4278-4DDB-BD89-679397DD5053}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E45E9461-2EAD-499E-93E8-F212B2EB634A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E92EE28F-B72A-4A3A-B32E-A97BE27BBB6C}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{EA00973C-9335-4A34-B7B0-372A0CB97D1C}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{EA253D0A-B36A-42E2-B302-812B5B064DF4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EB885CF7-2555-4B5E-929B-81B400BCD27D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{EC35750D-CA2E-485B-A04D-B5F483F42646}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{EE2AC095-47AB-4C72-8484-3285ED34CC85}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\zombie driver\release\zombiedriver.exe |
"{EF719682-444B-497C-9986-C05B5459B67D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EFD2E670-DB0A-4622-B05B-D0632E0B3789}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{EFE45421-6F65-46B4-B2BB-2D78A37950FB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{F0EAB370-86BC-44CE-AA7E-91864B6AF477}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{F114E044-3DE9-40B1-8A03-7CAE4B2A3603}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F203DB38-534C-4D25-BFAC-7380049DBEA5}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{F2F6D947-F65F-42DF-8AF0-688B328A0F61}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\overlord\overlord.exe |
"{F407DC61-2C2F-4D76-AB7D-B962494E256A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\overlord ii\config.exe |
"{F41DCA5F-BA3D-4738-8C5C-EDD929DBC651}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F4EC5100-CCF6-4CC1-BCC6-488C0FAF1DC5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F58A7692-1D2D-412A-B96A-7A0027346282}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{F5B79C2A-4DBA-42E4-9288-618E2971390E}" = protocol=6 | dir=in | app=d:\spiele\audition\patcher.exe |
"{F8197B63-3104-409B-B6BB-C918B870E227}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\devil may cry 4\devilmaycry4_dx9.exe |
"{F8224B49-DDC9-480F-A067-587D156EE996}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\zombie bowl-o-rama\zombie bowl-o-rama.exe |
"{FB99CB56-CF4F-4647-A810-69146E26EF62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC058DB0-0A19-4AFC-B871-2AFEC1434D2E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\monkey2\monkey2.exe |
"{FED2F012-36CF-4D36-A3E3-FC14916D1EE6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{02769DC7-4A70-423F-BA15-819B967C228E}C:\program files\air mouse\air mouse\air mouse.exe" = protocol=6 | dir=in | app=c:\program files\air mouse\air mouse\air mouse.exe |
"TCP Query User{16DB056E-D4E1-4F6C-87BE-F44333E0AAFF}D:\spiele\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\spiele\world of warcraft\launcher.exe |
"TCP Query User{1FDDB126-23DE-464E-A3EC-A25011F97AEF}D:\spiele\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=d:\spiele\battlefield 1942\bf1942.exe |
"TCP Query User{23051233-0E5B-4F23-8CF1-4B97D0E2AAB7}D:\spiele\gta iv complete edition\gtaiv.exe" = protocol=6 | dir=in | app=d:\spiele\gta iv complete edition\gtaiv.exe |
"TCP Query User{2490ABFD-447D-4016-BA75-50C0768E86CA}D:\steam\steamapps\common\defcon\defcon.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\defcon\defcon.exe |
"TCP Query User{2BC36F3C-C459-402E-B514-CF947AA6CF61}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{337620E6-E929-4C6A-A5D6-9D53CBD27898}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{3932F929-677A-4B3B-9364-1F03CF685706}D:\steam\steamapps\bastelm\source sdk base\hl2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\bastelm\source sdk base\hl2.exe |
"TCP Query User{3ECA6548-FCAB-4BC0-9D31-B78BD3CAB559}D:\spiele\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=d:\spiele\der herr der ringe online\lotroclient.exe |
"TCP Query User{524210CF-DEAE-4EA7-BD48-54BC4FC35FF1}D:\spiele\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\spiele\tmnationsforever\tmforever.exe |
"TCP Query User{721A14E0-43BD-4181-A8B7-46F34E75968D}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{758AC190-D20E-40B5-9EAD-193E6724CB7B}D:\spiele\der herr der ringe online - beta\lotroclient.exe" = protocol=6 | dir=in | app=d:\spiele\der herr der ringe online - beta\lotroclient.exe |
"TCP Query User{795B1DCE-855A-4341-95DF-71AD4E88D5FD}D:\spiele\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\spiele\tmnationsforever\tmforever.exe |
"TCP Query User{8053BD0D-518F-48E4-AE2E-CE2F97B65B2A}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{80CB22B1-849F-4594-97DD-03E12FE95A9C}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{A63D241D-6E5F-452A-8FB1-68A3C932E980}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{AEB45952-03E2-4873-A49F-B97AF46F07D2}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe |
"TCP Query User{B40BBC59-594C-4767-9D6E-D2D5E43E7F3E}D:\spiele\fifa online\nfe.exe" = protocol=6 | dir=in | app=d:\spiele\fifa online\nfe.exe |
"TCP Query User{BC4C77DF-3D54-4DA4-B5BD-D74EDF83D31D}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{BF705CC0-2630-4597-9526-FD38C9EB89A9}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{C095F34F-011F-49F5-B0BF-DA1F58BBF28B}C:\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"TCP Query User{C2034F7C-F6FD-40D3-9B18-6E48B0BF02B5}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{C9C5CE45-EEC1-471F-AE89-AE27566C24F6}D:\spiele\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\spiele\borderlands\binaries\borderlands.exe |
"TCP Query User{D14BA693-115C-4FB0-B38C-612A3E7AA31F}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{D5FF86B6-5CE3-47AF-B253-6B757204B52F}C:\program files\air mouse\air mouse\air mouse.exe" = protocol=6 | dir=in | app=c:\program files\air mouse\air mouse\air mouse.exe |
"TCP Query User{DA3031DF-5195-45D3-9D76-750A5D55AA92}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe |
"TCP Query User{ECCBD67C-7C99-4C56-80E5-8A344DEF542D}D:\spiele\flatout2\flatout2.exe" = protocol=6 | dir=in | app=d:\spiele\flatout2\flatout2.exe |
"TCP Query User{F2844D80-0486-4401-8363-720846F727B0}D:\spiele\dirt\dirt.exe" = protocol=6 | dir=in | app=d:\spiele\dirt\dirt.exe |
"TCP Query User{F290C10E-49EC-4096-BC0E-79AF0B36FB20}D:\spiele\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=d:\spiele\der herr der ringe online\lotroclient.exe |
"UDP Query User{03E2420A-6983-41A0-B107-5E2A4F38B09F}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{111AAEDD-ED78-43D0-B7FD-1FB83E4F039E}D:\spiele\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\spiele\world of warcraft\launcher.exe |
"UDP Query User{13666EB0-69CB-413B-86E0-E6470DAAE075}D:\steam\steamapps\common\defcon\defcon.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\defcon\defcon.exe |
"UDP Query User{16D9E6E0-5F8C-4A3C-B32B-8C871A9B385F}D:\spiele\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=d:\spiele\der herr der ringe online\lotroclient.exe |
"UDP Query User{2012BAE4-6777-47D5-8E7C-902AB4C33879}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{20B745F0-3ED6-4F0B-8BB9-E725BCBB6AD3}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{2402130B-17A7-4431-AA57-23DC6765D871}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{25DBEB88-8CBD-4110-AA96-5AC90D547A88}D:\spiele\gta iv complete edition\gtaiv.exe" = protocol=17 | dir=in | app=d:\spiele\gta iv complete edition\gtaiv.exe |
"UDP Query User{369CD1E3-69CE-482C-A918-245D068D9F88}C:\program files\air mouse\air mouse\air mouse.exe" = protocol=17 | dir=in | app=c:\program files\air mouse\air mouse\air mouse.exe |
"UDP Query User{4FA1F888-B199-455C-BBAF-14007907C4A6}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{558EA5F9-E5D7-4628-B593-F648679B4182}D:\spiele\fifa online\nfe.exe" = protocol=17 | dir=in | app=d:\spiele\fifa online\nfe.exe |
"UDP Query User{5B5A95DD-59AE-419A-94EB-A81723B60117}D:\spiele\flatout2\flatout2.exe" = protocol=17 | dir=in | app=d:\spiele\flatout2\flatout2.exe |
"UDP Query User{5CC0CB49-43A2-43B1-9A9E-6AFF82F3BD1E}D:\spiele\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\spiele\tmnationsforever\tmforever.exe |
"UDP Query User{5E284B56-D7B3-45F9-AFDB-12FE0D42CED7}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"UDP Query User{69417623-2C0E-43E1-ADEF-01DE85FF697F}C:\program files\air mouse\air mouse\air mouse.exe" = protocol=17 | dir=in | app=c:\program files\air mouse\air mouse\air mouse.exe |
"UDP Query User{77D67615-6F2B-445D-A39F-2C4EFCB33246}D:\spiele\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=d:\spiele\der herr der ringe online\lotroclient.exe |
"UDP Query User{96B649D3-962E-4DE8-A445-880D54A7F749}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{9D286C10-59C5-4CE1-BB9F-50A760D15DB7}C:\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"UDP Query User{A25D69D4-AD2A-40A6-99FC-A4E604C3224F}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe |
"UDP Query User{A37DD893-1C6C-4332-ACC7-1B75FD50698E}D:\spiele\dirt\dirt.exe" = protocol=17 | dir=in | app=d:\spiele\dirt\dirt.exe |
"UDP Query User{B3F21E48-77D1-4170-A61A-8915094DEEE6}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe |
"UDP Query User{B448E412-A68D-4B3B-96BA-5EB6CEF064B9}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{B87E7C82-40E6-49E8-90F0-DB10EE7EB039}D:\spiele\der herr der ringe online - beta\lotroclient.exe" = protocol=17 | dir=in | app=d:\spiele\der herr der ringe online - beta\lotroclient.exe |
"UDP Query User{C24F723C-0C20-4555-95B6-64BE68F24576}D:\spiele\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\spiele\tmnationsforever\tmforever.exe |
"UDP Query User{CA0F1A91-3146-4458-A393-266048223FB4}D:\steam\steamapps\bastelm\source sdk base\hl2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\bastelm\source sdk base\hl2.exe |
"UDP Query User{CEEEB785-10D7-43F7-B489-8CC6766DD9C1}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{D246B467-38D9-4B43-9B16-B574EC60775A}D:\spiele\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\spiele\borderlands\binaries\borderlands.exe |
"UDP Query User{D376A109-B1D5-4933-8756-A7FAB9318EEA}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{E107E57B-A5FD-4CE4-AC48-6E9AE59DE535}D:\spiele\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=d:\spiele\battlefield 1942\bf1942.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB0c}" = LaTale_eu_Test
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}" = Express Gate
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{42F7C377-2A1F-44FB-A17F-053C29E81031}" = Nero 7 Premium
"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = SPEEDLINK Strike 2 Gamepad
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03
"{5AB36A6C-27A8-4CB1-89A1-9D05F3F16625}" = Mobile Mouse Server
"{5B593C8E-ACD9-47B8-85DA-7EB9294A39FA}" = StarMoney
"{5E7C721D-B008-4269-A1C4-2CE7E9757983}" = BoneTown
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67EC0AB2-8CF7-4415-9F70-7FBC593C0D5E}" = ScanSoft PDF Create! 4
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{88C0C3AF-744D-49BB-99D3-117A6DC74AFF}_is1" = Robinson Crusoe
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A6AD979-8170-49ED-8529-14174317B281}" = SA60xx Device Manager
"{8C4504A1-9280-11D5-9F7E-00902712427E}" = Sid Meier's SimGolf
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1" = MPEG Video Wizard DVD 5.0.0.109 (07/2010)
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AE6FB990-18C6-40A0-B45D-A30FBFBA0BD3}_is1" = MadTV 2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5C8DE40-1AB7-11D4-854E-00A0C99F6AF9}" = LEGO Alpha Team
"{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}" = FlatOut2
"{CA1ED5B6-CCD6-4C77-AB4B-DD7C6F8F6B9A}" = Flashgrabber Gold 1.0.8
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC4729BF-0396-47EF-AA0B-3A04111F19F9}" = FightBoard
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD0B60EF-1F53-41B7-A2C2-E5B51FCEC821}" = StarMoney
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE66EFAD-B9CC-4FD4-9157-6C18E5100161}" = Dolby Control Center
"{DF74C7BA-5C9F-4F17-8B6F-5ECE08280F34}" = ScanSoft OmniPage 16
"{E337B156-DF81-48D8-8977-B1574EE87BCF}" = USB2.0 Capture Device
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E71AC707-179D-458D-A1E8-F52977CAEAB4}" = M.U.D. TV
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = DER HERR DER RINGE ONLINE: Die Minen Von Moria v02.01.03.4020
"7-Zip" = 7-Zip 4.65
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AnimatorDV Simple+ 9.02_is1" = AnimatorDV Simple+ 9.02
"Aquaria" = Aquaria
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Ballerburg_is1" = Ballerburg
"Binary Clock Screensaver 3_is1" = Binary Clock Screensaver 3
"Bridge Building Game" = Bridge Building Game
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Daemon Vector" = Daemon Vector 1.0
"DDA23392-9C73-4909-A221-BC12C6D2664D" = GmoteServer
"D-Fend Reloaded" = D-Fend Reloaded 0.9.3 (deinstallieren)
"Die Gilde - Gaukler, Gruften und Geschütze" = Die Gilde - Gaukler, Gruften und Geschütze
"Die Gilde Addon Update v. 2.06 " = Die Gilde Addon Update v. 2.06
"DOSShell" = DOSShell 1.6
"EvilLyrics" = EvilLyrics
"FairUse Wizard 2" = FairUse Wizard 2
"FileZilla Client" = FileZilla Client 3.3.5.1
"FlashGet" = FlashGet 1.9.6.1073
"FormatFactory" = FormatFactory 2.60
"Foxit Creator" = Foxit Creator
"Foxit Reader" = Foxit Reader
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.8.10
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.33
"GyroMeter" = GyroMeter
"HijackThis" = HijackThis 2.0.2
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"InstallShield_{CC4729BF-0396-47EF-AA0B-3A04111F19F9}" = FightBoard Advanced 2.00
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Mpeg Video Wizard DVD 5.0" = MPEG Video Wizard DVD 5.0.0.109 (07/2010)
"Need For Speed - Porsche" = Need For Speed - Porsche
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"RTL Biathlon 2007_0001" = RTL Biathlon 2007
"RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts)
"Spyware Terminator_is1" = Spyware Terminator
"Steam App 11450" = Overlord
"Steam App 12710" = Overlord: Raising Hell
"Steam App 12810" = Overlord II
"Steam App 19900" = Far Cry 2
"Steam App 20900" = The Witcher: Enhanced Edition
"Steam App 215" = Source SDK Base 2006
"Steam App 26800" = Braid
"Steam App 31410" = Zombie Driver
"Steam App 32160" = Zombie Bowl-O-Rama
"Steam App 32360" = The Secret of Monkey Island: Special Edition
"Steam App 32460" = Monkey Island 2: Special Edition
"Steam App 3592" = Plants vs. Zombies Demo
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 42500" = DogFighter
"Steam App 45700" = Devil May Cry 4
"Steam App 6020" = Star Wars Jedi Knight: Jedi Academy
"Steam App 6060" = Star Wars - Battlefront II
"Steam App 6120" = Shank
"Steam App 73050" = Magicka - Demo
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"TmNationsForever_is1" = TmNationsForever
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.9
"USB2.0 1.3M UVC WebCam" = USB2.0 1.3M UVC WebCam
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 1.1.5
"WBFS Manager 3.0" = WBFS Manager 3.0
"Winamp" = Winamp
"XviD_is1" = XviD MPEG-4 Video Codec
"ZMBV" = Zip Motion Block Video codec (Remove Only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"sc11-AT_ORF_MAIN" = Ski Challenge 11 (AT)
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 08.03.2011 06:14:37 | Computer Name = Asus | Source = Windows Search Service | ID = 9002
Description =
Error - 08.03.2011 06:14:37 | Computer Name = Asus | Source = Windows Search Service | ID = 3029
Description =
Error - 08.03.2011 06:14:40 | Computer Name = Asus | Source = Windows Search Service | ID = 3029
Description =
Error - 08.03.2011 06:14:40 | Computer Name = Asus | Source = Windows Search Service | ID = 3028
Description =
Error - 08.03.2011 06:14:40 | Computer Name = Asus | Source = Windows Search Service | ID = 3058
Description =
Error - 08.03.2011 07:23:03 | Computer Name = Asus | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung mDNSResponder.exe, Version 2.0.4.0, Zeitstempel
0x4cae1be1, fehlerhaftes Modul mDNSResponder.exe, Version 2.0.4.0, Zeitstempel
0x4cae1be1, Ausnahmecode 0xc0000005, Fehleroffset 0x0000110a, Prozess-ID 0x3b4, Anwendungsstartzeit
01cbdd832e4ed4c8.
Error - 08.03.2011 10:13:13 | Computer Name = Asus | Source = Application Hang | ID = 1002
Description = Programm FarCry2.exe, Version 0.1.0.1 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 1778 Anfangszeit: 01cbdd970c997a05 Zeitpunkt der Beendigung:
1194
Error - 08.03.2011 10:20:18 | Computer Name = Asus | Source = VSS | ID = 8194
Description =
Error - 08.03.2011 10:21:03 | Computer Name = Asus | Source = System Restore | ID = 8193
Description =
Error - 13.03.2011 02:47:29 | Computer Name = Asus | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung mDNSResponder.exe, Version 2.0.4.0, Zeitstempel
0x4cae1be1, fehlerhaftes Modul mDNSResponder.exe, Version 2.0.4.0, Zeitstempel
0x4cae1be1, Ausnahmecode 0xc0000005, Fehleroffset 0x0000110a, Prozess-ID 0x318, Anwendungsstartzeit
01cbe14a83208f59.
[ System Events ]
Error - 03.03.2010 03:38:36 | Computer Name = Asus | Source = disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk2\DR3.
Error - 03.03.2010 14:38:25 | Computer Name = Asus | Source = HTTP | ID = 15016
Description =
Error - 03.03.2010 14:39:56 | Computer Name = Asus | Source = Service Control Manager | ID = 7022
Description =
Error - 03.03.2010 14:40:23 | Computer Name = Asus | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 03.03.2010 15:41:43 | Computer Name = Asus | Source = HTTP | ID = 15016
Description =
Error - 03.03.2010 15:43:17 | Computer Name = Asus | Source = Service Control Manager | ID = 7022
Description =
Error - 03.03.2010 15:44:26 | Computer Name = Asus | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 04.03.2010 03:45:44 | Computer Name = Asus | Source = HTTP | ID = 15016
Description =
Error - 04.03.2010 03:47:32 | Computer Name = Asus | Source = Service Control Manager | ID = 7022
Description =
Error - 04.03.2010 03:47:56 | Computer Name = Asus | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
< End of report >
|
|
19.03.2011, 13:52
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Abstürze ~ found.005\file000chk chkdsk der Systempartition
__________________1. Klick auf Start, Ausführen 2. Tipp ein cmd und bestätige mit ok, die Konsole öffnet sich. 3. Tipp dort ein: chkdsk %systemdrive% /f /r /v und bestätige mit enter. 4. Die folgende Abfrage mit j bestätigen und enter drücken. 5. Windows neu starten, es sollte ein Hinweis auf eine geplante Datenträgerüberprüfung erscheinen - die Zeit verstreichen lassen, keine Taste drücken!! 6. Abwarten bis der Vorgang abgeschlossen ist. Bei großen Partitionen kann es u.U. recht lange dauern. Windows bootet automatisch neu.
__________________ |
|
19.03.2011, 21:35
| #3 |
| | Abstürze ~ found.005\file000chk <wie beschrieben durchgeführt, danach Probehalber Antivir laufen lassen, wieder bei 21,9% aufgehängt, Datei diesmal found.004\file001chk
__________________ |
|
20.03.2011, 12:21
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Abstürze ~ found.005\file000chk Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
@Alternate Data Stream - 24 bytes -> C:\Windows:7B30FBAD50D9AF91
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{032ad35c-1e60-11df-9c74-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{032ad35c-1e60-11df-9c74-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{7c87f4ae-1ef7-11df-ac57-002243c7c22a}\Shell - "" = AutoRun
O33 - MountPoints2\{7c87f4ae-1ef7-11df-ac57-002243c7c22a}\Shell\AutoRun\command - "" = F:\autorun.exe {5E7C721D-B008-4269-A1C4-2CE7E9757983} Setup.msi
O33 - MountPoints2\{b3af1dae-b723-11df-be1e-002354649317}\Shell - "" = AutoRun
O33 - MountPoints2\{b3af1dae-b723-11df-be1e-002354649317}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.hta
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
:Files
c:\found.*
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
20.03.2011, 13:36
| #5 |
| | Abstürze ~ found.005\file000chk Durchgeführt, Log: All processes killed ========== OTL ========== ADS C:\Windows:7B30FBAD50D9AF91 deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{032ad35c-1e60-11df-9c74-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{032ad35c-1e60-11df-9c74-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{032ad35c-1e60-11df-9c74-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{032ad35c-1e60-11df-9c74-806e6f6e6963}\ not found. File E:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c87f4ae-1ef7-11df-ac57-002243c7c22a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c87f4ae-1ef7-11df-ac57-002243c7c22a}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c87f4ae-1ef7-11df-ac57-002243c7c22a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c87f4ae-1ef7-11df-ac57-002243c7c22a}\ not found. File F:\autorun.exe {5E7C721D-B008-4269-A1C4-2CE7E9757983} Setup.msi not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b3af1dae-b723-11df-be1e-002354649317}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b3af1dae-b723-11df-be1e-002354649317}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b3af1dae-b723-11df-be1e-002354649317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b3af1dae-b723-11df-be1e-002354649317}\ not found. File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.hta not found. Prefs.js: "localhost" removed from network.proxy.http Prefs.js: 9666 removed from network.proxy.http_port Prefs.js: "localhost" removed from network.proxy.socks Prefs.js: 9050 removed from network.proxy.socks_port Prefs.js: true removed from network.proxy.socks_remote_dns Prefs.js: "localhost" removed from network.proxy.ssl Prefs.js: 9666 removed from network.proxy.ssl_port Prefs.js: 0 removed from network.proxy.type ========== FILES ========== c:\found.000\dir0000.chk folder moved successfully. c:\found.000 folder moved successfully. c:\found.001\dir0000.chk folder moved successfully. c:\found.001 folder moved successfully. c:\found.002 folder moved successfully. c:\found.003 folder moved successfully. c:\found.004 folder moved successfully. c:\found.005\dir0000.chk folder moved successfully. c:\found.005 folder moved successfully. c:\found.006 folder moved successfully. c:\found.007\dir0001.chk folder moved successfully. c:\found.007\dir0000.chk folder moved successfully. c:\found.007 folder moved successfully. c:\found.008\dir0000.chk folder moved successfully. c:\found.008 folder moved successfully. c:\found.009 folder moved successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: ***** ->Temp folder emptied: 2197025 bytes ->Temporary Internet Files folder emptied: 41297460 bytes ->FireFox cache emptied: 22302746 bytes ->Flash cache emptied: 824 bytes User: Public User: ***** ->Temp folder emptied: 557412 bytes ->Temporary Internet Files folder emptied: 1195330 bytes ->Java cache emptied: 9796407 bytes ->FireFox cache emptied: 100324091 bytes ->Apple Safari cache emptied: 11640832 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 13336 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 521156 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 380424 bytes RecycleBin emptied: 250 bytes Total Files Cleaned = 181,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 03202011_131307 Files\Folders moved on Reboot... Registry entries deleted on Reboot... |
|
20.03.2011, 13:44
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Abstürze ~ found.005\file000chk Probier jetzt mal den Vollscan mit Malwarebytes.
__________________ --> Abstürze ~ found.005\file000chk |
|
20.03.2011, 16:43
| #7 |
| | Abstürze ~ found.005\file000chk Durchgeführt, 2 infizierte Dateien gefunden. Soll ich noch einen Suchlauf mit Antivir probieren? Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6110 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19019 20.03.2011 16:41:01 mbam-log-2011-03-20 (16-41-01).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 465821 Laufzeit: 2 Stunde(n), 36 Minute(n), 20 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 2 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\Users\Steffen\Desktop\cryptload_1.1.8\ocr\netload.in\asmcaptcha\test.exe (Malware.Packer) -> Quarantined and deleted successfully. c:\Users\Steffen\Desktop\cryptload_1.1.8\router\fritz!box\nc.exe (PUP.KeyLogger) -> Quarantined and deleted successfully. |
|
20.03.2011, 16:47
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Abstürze ~ found.005\file000chk Ja mach auch mit AntiVir.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.03.2011, 18:09
| #9 |
| | Abstürze ~ found.005\file000chk Antivir hängt sich bei 24% auf, immerhin etwas weiter als vorher, diesmal bei: c:\programdata\microsoft\windows\wer\reportarchiv\report1494a497 Es hängt nicht wirklich, die Zeit läuft, aber der Text "flackert" im Sekundentakt kaum wahrnehmbar, habe nach gut 60 Minuten abgebrochen, beim drücken auf Abbruch hängt sich der Rechner auf |
|
20.03.2011, 19:49
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Abstürze ~ found.005\file000chk Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.03.2011, 06:44
| #11 |
| | Abstürze ~ found.005\file000chk Ich hab combofix nach Anleitung durchgeführt, allerdings hängt es anscheinend. Der Rechner war nun die Nacht über an, combofix zeigt nach wie vor als letztes an: Fertiggestellt Stufe_3 Ich schreibe diese Nachicht vom Handy, wie soll ich weiter Verfahren? |
|
21.03.2011, 10:21
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Abstürze ~ found.005\file000chk Starte Windows neu, lad CF neu als cofi.exe runter. Die alte cofi.exe vorher löschen. Probier es dann mit CF nochmal.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.03.2011, 11:41
| #13 |
| | Abstürze ~ found.005\file000chk Alte cofi.exe gelöscht, neu runtergeladen, gleiches Ergebnis  |
|
21.03.2011, 13:29
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Abstürze ~ found.005\file000chk Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.03.2011, 17:53
| #15 |
| | Abstürze ~ found.005\file000chk Log hier, ein Fund, da ich nicht sicher war welche Aktion angebracht ist hab ich erstmal geskipt Code:
ATTFilter 2011/03/21 17:50:11.0609 5324 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/21 17:50:11.0991 5324 ================================================================================
2011/03/21 17:50:11.0991 5324 SystemInfo:
2011/03/21 17:50:11.0991 5324
2011/03/21 17:50:11.0991 5324 OS Version: 6.0.6002 ServicePack: 2.0
2011/03/21 17:50:11.0991 5324 Product type: Workstation
2011/03/21 17:50:11.0991 5324 ComputerName: ASUS
2011/03/21 17:50:11.0991 5324 UserName: ******
2011/03/21 17:50:11.0991 5324 Windows directory: C:\Windows
2011/03/21 17:50:11.0991 5324 System windows directory: C:\Windows
2011/03/21 17:50:11.0991 5324 Processor architecture: Intel x86
2011/03/21 17:50:11.0991 5324 Number of processors: 2
2011/03/21 17:50:11.0991 5324 Page size: 0x1000
2011/03/21 17:50:11.0991 5324 Boot type: Normal boot
2011/03/21 17:50:11.0991 5324 ================================================================================
2011/03/21 17:50:22.0414 5324 Initialize success
2011/03/21 17:50:34.0161 5244 ================================================================================
2011/03/21 17:50:34.0161 5244 Scan started
2011/03/21 17:50:34.0161 5244 Mode: Manual;
2011/03/21 17:50:34.0161 5244 ================================================================================
2011/03/21 17:50:35.0284 5244 acedrv11 (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys
2011/03/21 17:50:35.0440 5244 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/03/21 17:50:35.0658 5244 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/03/21 17:50:35.0908 5244 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/03/21 17:50:36.0033 5244 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/03/21 17:50:36.0204 5244 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/03/21 17:50:36.0392 5244 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/03/21 17:50:36.0719 5244 AgereSoftModem (1cfeba39fc613e45b49d3eddfbcda289) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/03/21 17:50:37.0078 5244 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/03/21 17:50:37.0562 5244 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/03/21 17:50:37.0905 5244 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/03/21 17:50:38.0108 5244 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/03/21 17:50:38.0217 5244 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/03/21 17:50:38.0388 5244 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/03/21 17:50:38.0685 5244 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/03/21 17:50:38.0950 5244 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/03/21 17:50:39.0106 5244 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/03/21 17:50:39.0246 5244 ASMMAP (7b4d08d2017ac06689d422e06c43f0aa) C:\Program Files\ATKGFNEX\ASMMAP.sys
2011/03/21 17:50:39.0590 5244 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/21 17:50:39.0902 5244 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/03/21 17:50:40.0089 5244 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/03/21 17:50:40.0245 5244 ATSWPDRV (f70d2392158cb68e775f8c4cd3d12fbb) C:\Windows\system32\DRIVERS\ATSwpDrv.sys
2011/03/21 17:50:40.0588 5244 AVerAF15 (38705242bf951f642b034fdb34603d02) C:\Windows\system32\Drivers\AVerAF15.sys
2011/03/21 17:50:40.0760 5244 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/03/21 17:50:40.0962 5244 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/03/21 17:50:41.0056 5244 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/03/21 17:50:41.0134 5244 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/03/21 17:50:41.0290 5244 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/21 17:50:41.0430 5244 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/03/21 17:50:41.0696 5244 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/03/21 17:50:41.0883 5244 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/03/21 17:50:42.0086 5244 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/03/21 17:50:42.0273 5244 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/03/21 17:50:42.0444 5244 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/03/21 17:50:42.0554 5244 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/03/21 17:50:42.0616 5244 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/03/21 17:50:42.0772 5244 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/03/21 17:50:42.0897 5244 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2011/03/21 17:50:43.0131 5244 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/03/21 17:50:43.0287 5244 btwaudio (463483285b2d2d345443aaee7b9391e7) C:\Windows\system32\drivers\btwaudio.sys
2011/03/21 17:50:43.0412 5244 btwavdt (4f82b6173ef8637cb26cf4e73b90f172) C:\Windows\system32\drivers\btwavdt.sys
2011/03/21 17:50:43.0458 5244 btwl2cap (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/03/21 17:50:43.0505 5244 btwrchid (f771034f5b59a4a5054a2fa6f4e9f28b) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/03/21 17:50:43.0770 5244 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/21 17:50:43.0942 5244 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/21 17:50:44.0129 5244 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
2011/03/21 17:50:44.0238 5244 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/03/21 17:50:44.0379 5244 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/21 17:50:44.0426 5244 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/03/21 17:50:44.0472 5244 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/21 17:50:44.0597 5244 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/03/21 17:50:44.0769 5244 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/03/21 17:50:44.0940 5244 DCamUSBET (699ce24fe6b5120af709a0b91582a02d) C:\Windows\system32\DRIVERS\etDevice.sys
2011/03/21 17:50:45.0128 5244 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/03/21 17:50:45.0237 5244 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/03/21 17:50:45.0315 5244 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
2011/03/21 17:50:45.0408 5244 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/03/21 17:50:45.0502 5244 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/03/21 17:50:45.0564 5244 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/03/21 17:50:45.0752 5244 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/21 17:50:45.0923 5244 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/03/21 17:50:46.0344 5244 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/03/21 17:50:46.0532 5244 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/03/21 17:50:46.0719 5244 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/03/21 17:50:46.0875 5244 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/03/21 17:50:46.0953 5244 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/03/21 17:50:47.0000 5244 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/21 17:50:47.0046 5244 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/03/21 17:50:47.0124 5244 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/03/21 17:50:47.0171 5244 FiltUSBET (e50433dff5e6bf08693fa49a9205dee6) C:\Windows\system32\DRIVERS\etFilter.sys
2011/03/21 17:50:47.0265 5244 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/21 17:50:47.0312 5244 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/03/21 17:50:47.0405 5244 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/21 17:50:47.0452 5244 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/03/21 17:50:47.0546 5244 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/03/21 17:50:47.0639 5244 ghaio (31b40f40e09513addc460f6a297ad474) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
2011/03/21 17:50:47.0733 5244 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
2011/03/21 17:50:47.0826 5244 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/03/21 17:50:47.0920 5244 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/03/21 17:50:47.0967 5244 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
2011/03/21 17:50:47.0998 5244 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/03/21 17:50:48.0076 5244 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/03/21 17:50:48.0138 5244 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/03/21 17:50:48.0216 5244 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/03/21 17:50:48.0248 5244 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/21 17:50:48.0279 5244 iaStor (707c1692214b1c290271067197f075f6) C:\Windows\system32\DRIVERS\iaStor.sys
2011/03/21 17:50:48.0372 5244 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/03/21 17:50:48.0435 5244 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/03/21 17:50:48.0560 5244 IntcAzAudAddService (23ebcee9aaa4d6c88728791fab462456) C:\Windows\system32\drivers\RTKVHDA.sys
2011/03/21 17:50:48.0684 5244 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/03/21 17:50:48.0747 5244 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/21 17:50:48.0794 5244 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/21 17:50:48.0918 5244 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/03/21 17:50:48.0950 5244 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/03/21 17:50:49.0074 5244 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/03/21 17:50:49.0121 5244 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/03/21 17:50:49.0168 5244 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/03/21 17:50:49.0230 5244 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/03/21 17:50:49.0293 5244 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys
2011/03/21 17:50:49.0340 5244 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/03/21 17:50:49.0433 5244 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/03/21 17:50:49.0464 5244 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/03/21 17:50:49.0527 5244 kbfiltr (27bd4ac228ef6c0d490617c32e86a672) C:\Windows\system32\DRIVERS\kbfiltr.sys
2011/03/21 17:50:49.0574 5244 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
2011/03/21 17:50:49.0605 5244 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/21 17:50:49.0745 5244 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/03/21 17:50:49.0792 5244 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/21 17:50:49.0839 5244 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/03/21 17:50:49.0917 5244 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/03/21 17:50:49.0948 5244 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/03/21 17:50:49.0979 5244 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/03/21 17:50:50.0042 5244 ManyCam (c6d085c7045200143528136a43a65fde) C:\Windows\system32\DRIVERS\ManyCam.sys
2011/03/21 17:50:50.0120 5244 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/03/21 17:50:50.0198 5244 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/03/21 17:50:50.0276 5244 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/03/21 17:50:50.0338 5244 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys
2011/03/21 17:50:50.0432 5244 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/21 17:50:50.0478 5244 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/21 17:50:50.0494 5244 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/21 17:50:50.0556 5244 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/03/21 17:50:50.0603 5244 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/03/21 17:50:50.0619 5244 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/21 17:50:50.0697 5244 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/03/21 17:50:50.0728 5244 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/03/21 17:50:50.0806 5244 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/21 17:50:50.0868 5244 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/21 17:50:50.0946 5244 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/21 17:50:51.0009 5244 msahci (de77526bde93142bdc90cfa9f5cead36) C:\Windows\system32\drivers\msahci.sys
2011/03/21 17:50:51.0071 5244 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/03/21 17:50:51.0118 5244 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/03/21 17:50:51.0134 5244 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/03/21 17:50:51.0227 5244 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/21 17:50:51.0274 5244 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/21 17:50:51.0290 5244 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/03/21 17:50:51.0368 5244 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/03/21 17:50:51.0414 5244 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/03/21 17:50:51.0430 5244 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/03/21 17:50:51.0508 5244 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys
2011/03/21 17:50:51.0555 5244 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/03/21 17:50:51.0617 5244 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/21 17:50:51.0680 5244 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/03/21 17:50:51.0773 5244 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/21 17:50:51.0804 5244 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/21 17:50:51.0851 5244 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/21 17:50:51.0914 5244 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/03/21 17:50:51.0960 5244 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/21 17:50:51.0992 5244 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/21 17:50:52.0194 5244 NETw5v32 (f0c42e0cdce558d658fa53a222b4ccb1) C:\Windows\system32\DRIVERS\NETw5v32.sys
2011/03/21 17:50:52.0366 5244 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/03/21 17:50:52.0428 5244 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/03/21 17:50:52.0460 5244 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/21 17:50:52.0569 5244 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/03/21 17:50:52.0678 5244 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/03/21 17:50:52.0709 5244 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/03/21 17:50:52.0756 5244 NVHDA (0e40ef12bc029ff8b13043f157452c47) C:\Windows\system32\drivers\nvhda32v.sys
2011/03/21 17:50:53.0021 5244 nvlddmkm (bd409de5681c74c1de51d72427dc202d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/03/21 17:50:53.0302 5244 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/03/21 17:50:53.0364 5244 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/03/21 17:50:53.0458 5244 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/03/21 17:50:53.0536 5244 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/03/21 17:50:53.0692 5244 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/03/21 17:50:53.0770 5244 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/03/21 17:50:53.0801 5244 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/03/21 17:50:53.0910 5244 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/03/21 17:50:53.0973 5244 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/03/21 17:50:54.0051 5244 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/03/21 17:50:54.0113 5244 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/03/21 17:50:54.0378 5244 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/21 17:50:54.0425 5244 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/03/21 17:50:54.0488 5244 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/21 17:50:54.0581 5244 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/03/21 17:50:54.0675 5244 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/03/21 17:50:54.0737 5244 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/21 17:50:54.0800 5244 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/21 17:50:54.0846 5244 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/21 17:50:54.0909 5244 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/21 17:50:55.0002 5244 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/21 17:50:55.0127 5244 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/21 17:50:55.0174 5244 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/21 17:50:55.0252 5244 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/03/21 17:50:55.0346 5244 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/21 17:50:55.0408 5244 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/03/21 17:50:55.0517 5244 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/03/21 17:50:55.0564 5244 rimmptsk (ded01a389926a89540b82373e4c550ee) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/03/21 17:50:55.0642 5244 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/03/21 17:50:55.0704 5244 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
2011/03/21 17:50:55.0814 5244 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/21 17:50:55.0876 5244 RTL8169 (13e97cf38286b8a1d7605d3175db28ee) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/03/21 17:50:55.0970 5244 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/03/21 17:50:56.0032 5244 ScanUSBET (d4b6a94c007af4e398e1b78a90f254ea) C:\Windows\system32\DRIVERS\etScan.sys
2011/03/21 17:50:56.0126 5244 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2011/03/21 17:50:56.0172 5244 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/03/21 17:50:56.0266 5244 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/03/21 17:50:56.0297 5244 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/03/21 17:50:56.0328 5244 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/03/21 17:50:56.0438 5244 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/03/21 17:50:56.0484 5244 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/03/21 17:50:56.0516 5244 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/03/21 17:50:56.0594 5244 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/03/21 17:50:56.0718 5244 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/03/21 17:50:56.0781 5244 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/03/21 17:50:56.0859 5244 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/03/21 17:50:56.0952 5244 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/03/21 17:50:57.0062 5244 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys
2011/03/21 17:50:57.0186 5244 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/03/21 17:50:57.0249 5244 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\Windows\system32\Drivers\sptd.sys
2011/03/21 17:50:57.0249 5244 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
2011/03/21 17:50:57.0264 5244 sptd - detected Locked file (1)
2011/03/21 17:50:57.0342 5244 sp_rsdrv2 (8831252bcf05fcfb5abd116a22e552d8) C:\Windows\system32\drivers\sp_rsdrv2.sys
2011/03/21 17:50:57.0452 5244 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2011/03/21 17:50:57.0576 5244 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/21 17:50:57.0623 5244 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/21 17:50:57.0654 5244 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/03/21 17:50:57.0779 5244 StkAMini (69a926dbca12046633e3d6e6d46e7087) C:\Windows\system32\Drivers\StkAMini.sys
2011/03/21 17:50:57.0904 5244 StkCMini (86368b44e27085cbe2585c40e9374d0f) C:\Windows\system32\Drivers\StkCMini.sys
2011/03/21 17:50:58.0013 5244 StkScan (83406fb18cb0abfec501add986d63572) C:\Windows\system32\Drivers\StkScan.sys
2011/03/21 17:50:58.0060 5244 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/03/21 17:50:58.0154 5244 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/03/21 17:50:58.0185 5244 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/03/21 17:50:58.0216 5244 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/03/21 17:50:58.0278 5244 SynTP (be78198c69135ef1fa157e08fd5c90ff) C:\Windows\system32\DRIVERS\SynTP.sys
2011/03/21 17:50:58.0388 5244 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/03/21 17:50:58.0528 5244 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/21 17:50:58.0622 5244 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/21 17:50:58.0668 5244 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/03/21 17:50:58.0700 5244 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/03/21 17:50:58.0762 5244 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/21 17:50:58.0840 5244 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/03/21 17:50:58.0902 5244 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/21 17:50:58.0980 5244 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/03/21 17:50:59.0043 5244 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/21 17:50:59.0074 5244 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/03/21 17:50:59.0152 5244 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/21 17:50:59.0214 5244 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/03/21 17:50:59.0292 5244 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/03/21 17:50:59.0386 5244 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/03/21 17:50:59.0448 5244 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/03/21 17:50:59.0464 5244 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/21 17:50:59.0573 5244 UnlockerDriver5 (d0cb75386d9e89c864d808d64ec9160f) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/03/21 17:50:59.0698 5244 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
2011/03/21 17:50:59.0760 5244 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2011/03/21 17:50:59.0838 5244 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/03/21 17:50:59.0885 5244 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/03/21 17:50:59.0916 5244 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/21 17:50:59.0994 5244 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/03/21 17:51:00.0041 5244 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/03/21 17:51:00.0119 5244 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/03/21 17:51:00.0166 5244 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/03/21 17:51:00.0291 5244 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/21 17:51:00.0322 5244 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/21 17:51:00.0416 5244 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/03/21 17:51:00.0462 5244 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/21 17:51:00.0494 5244 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/03/21 17:51:00.0572 5244 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/03/21 17:51:00.0618 5244 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/03/21 17:51:00.0634 5244 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/03/21 17:51:00.0712 5244 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/03/21 17:51:00.0774 5244 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/03/21 17:51:00.0837 5244 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/03/21 17:51:00.0899 5244 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/03/21 17:51:00.0930 5244 VtcDrv (c7cbd125b95e2efbdf57bb33fef34505) C:\Windows\system32\Drivers\vtcdrv.sys
2011/03/21 17:51:01.0024 5244 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/03/21 17:51:01.0055 5244 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/21 17:51:01.0071 5244 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/21 17:51:01.0180 5244 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/03/21 17:51:01.0227 5244 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/21 17:51:01.0414 5244 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/03/21 17:51:01.0508 5244 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/03/21 17:51:01.0539 5244 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/21 17:51:01.0632 5244 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/21 17:51:01.0679 5244 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/03/21 17:51:01.0742 5244 ================================================================================
2011/03/21 17:51:01.0742 5244 Scan finished
2011/03/21 17:51:01.0742 5244 ================================================================================
2011/03/21 17:51:01.0742 5944 Detected object count: 1
2011/03/21 17:51:50.0272 5944 Locked file(sptd) - User select action: Skip
|
|
| Themen zu Abstürze ~ found.005\file000chk |
| 32 bit, 7-zip, adblock, akamai, alternate, antivir, avgntflt.sys, avira, bho, bonjour, c:\windows\system32\rundll32.exe, converter, counter-strike source, document, error, excel, firefox, flash player, gfnexsrv.exe, home, hängt, install.exe, jdownloader, location, locker, logfile, microsoft office word, monkey island, mp3, nvlddmkm.sys, oldtimer, opera.exe, otl.exe, plug-in, problem, programdata, realtek, registry, saver, sched.exe, searchplugins, security, sekunden, senden, shell32.dll, skype.exe, software, sptd.sys, spyware, spyware terminator, start menu, teamspeak, vista, windows |
Linear-Darstellung
