OTL Logfile: Code:
OTL logfile created on: 18.11.2010 19:11:41 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\USER\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 245,00 Mb Available Physical Memory | 24,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 49,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 335,35 Gb Total Space | 114,33 Gb Free Space | 34,09% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: USER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\USER\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
PRC - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtblfs.exe (Kaspersky Lab)
PRC - C:\Programme\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\AppServ\MySQL\bin\mysqld-nt.exe ()
PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\USER\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
SRV - (CSObjectsSrv) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TeamViewer4) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
SRV - (mysql) -- C:\AppServ\MySQL\bin\mysqld-nt.exe ()
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (pccsmcfd) -- C:\Windows\System32\DRIVERS\pccsmcfd.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (CSCrySec) -- C:\Windows\system32\DRIVERS\CSCrySec.sys (Infowatch)
DRV - (CSVirtualDiskDrv) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (KLBG) -- C:\Windows\system32\DRIVERS\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (OemBiosDevice) -- C:\Windows\System32\drivers\royal.sys (PARADOX)
DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ovt519) -- C:\Windows\System32\drivers\ov519vid.sys (OmniVision Technologies, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Programme\Eazel-DE\tbEaze.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\tbPHP0.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\URLSearchHook: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Programme\Eazel-DE\tbEaze.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\tbPHP0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.2
FF - prefs.js..extensions.enabledItems: {6226BA26-C017-4007-928C-DE9715C6FA67}:1.0.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6
FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.4.15
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.192
FF - prefs.js..keyword.URL: "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q="
FF - prefs.js..network.proxy.autoconfig_url: "file:///C:/Users/USER/AppData/Local/RapidSolution/Videoraptor/WebRip/profile/rrproxy_ffox_4b7d9025.pac"
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.type: 2
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://www.searchcanvas.com/web?ot=7&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchcanvas.com/?ot=6"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://www.searchcanvas.com/web?ot=8&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\videoraptor-firefox-surf-and-catch-extension@audials.com: C:\Program Files\RapidSolution\RS Audials One\VideoRaptor\plugins\GeckoBased\videoraptor-firefox-surf-and-catch-extension@audials.com\ [2010.01.23 22:47:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.03 21:02:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.03 21:02:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky PURE\THBExt [2010.11.13 16:35:00 | 000,000,000 | ---D | M]
[2009.02.12 19:12:57 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\mozilla\Extensions
[2010.11.17 19:42:29 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\tuu7i1pl.default\extensions
[2010.07.29 20:55:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\tuu7i1pl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.10 12:06:50 | 000,000,000 | ---D | M] (Blingee Toolbar) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\tuu7i1pl.default\extensions\{6226BA26-C017-4007-928C-DE9715C6FA67}
[2010.06.23 19:16:20 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\tuu7i1pl.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.06.23 19:16:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\tuu7i1pl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.11.03 20:50:37 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\tuu7i1pl.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.11.01 22:23:38 | 000,000,000 | ---D | M] (kikin plugin) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\tuu7i1pl.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2010.11.03 20:50:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\tuu7i1pl.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2008.12.13 18:15:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\tuu7i1pl.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.09.13 16:43:14 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\tuu7i1pl.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2009.05.08 18:31:03 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\tuu7i1pl.default\extensions\ChoiceGuard@Microsoft
[2009.10.26 19:12:56 | 000,001,681 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\ask.uk.xml
[2008.12.13 18:18:57 | 000,000,681 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\ask.xml
[2010.11.03 21:28:35 | 000,000,881 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\conduit.xml
[2010.11.14 12:59:42 | 000,000,961 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-1.xml
[2009.06.08 16:01:41 | 000,000,950 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-10.xml
[2009.07.03 18:13:56 | 000,000,950 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-11.xml
[2009.08.08 20:43:05 | 000,000,950 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-12.xml
[2009.10.29 21:37:28 | 000,000,950 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-13.xml
[2010.06.16 13:06:40 | 000,000,961 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-14.xml
[2010.07.11 16:22:59 | 000,000,961 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-15.xml
[2010.07.22 13:18:10 | 000,000,961 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-16.xml
[2010.09.08 19:53:24 | 000,000,961 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-17.xml
[2010.09.13 20:01:46 | 000,000,961 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-18.xml
[2010.11.04 14:20:43 | 000,000,961 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-19.xml
[2008.11.13 19:58:32 | 000,000,950 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-2.xml
[2008.12.21 16:06:15 | 000,000,950 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-3.xml
[2009.02.12 19:13:04 | 000,000,950 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-4.xml
[2009.02.15 18:14:18 | 000,000,950 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-5.xml
[2009.03.26 16:54:19 | 000,000,950 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-6.xml
[2009.04.11 10:54:03 | 000,000,950 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-7.xml
[2009.04.11 11:21:15 | 000,000,950 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-8.xml
[2009.04.27 16:49:47 | 000,000,950 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin-9.xml
[2010.02.03 14:37:50 | 000,000,947 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\icqplugin.xml
[2009.05.08 19:12:09 | 000,001,632 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\live-search.xml
[2010.11.16 17:56:55 | 000,005,411 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\searchcanvas.xml
[2010.09.13 16:43:09 | 000,003,915 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\tuu7i1pl.default\searchplugins\sweetim.xml
[2010.11.13 16:41:12 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.11.20 19:51:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.11.04 20:56:41 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009.02.19 19:48:15 | 000,000,000 | ---D | M] (PHPNukeDE Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{c9508125-4747-4733-b048-e4b82dc9716d}
[2009.01.26 13:17:35 | 000,000,000 | ---D | M] (BearShare MediaBar) -- C:\Programme\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}
[2010.11.13 16:41:12 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2009.11.03 03:14:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.11.03 03:14:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.11.03 03:14:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009.11.03 03:14:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009.11.03 03:14:39 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Videoraptor_WebRipPlugin Class) - {3C0372C2-04C3-4100-BAB1-1D42C552BC48} - C:\Programme\RapidSolution\RS Audials One\VideoRaptor\plugins\IE\VR_WebRipIePlugin.dll (RapidSolution Software)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Programme\Eazel-DE\tbEaze.dll (Conduit Ltd.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Programme\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll ()
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\tbPHP0.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Programme\Eazel-DE\tbEaze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\tbPHP0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Programme\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar mit Pop-Up-Blocker) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\Toolbar\WebBrowser: (Eazel-DE Toolbar) - {69B6939F-C70D-45C5-9BBD-E2E2CC3DD8E5} - C:\Programme\Eazel-DE\tbEaze.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Programme\PHPNukeDE\tbPHP0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Programme\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
O3 - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O7 - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1121738598-1779892969-3180716531-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky PURE\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7ecde434-f234-11dd-89f1-0019214a819b}\Shell - "" = AutoRun
O33 - MountPoints2\{7ecde434-f234-11dd-89f1-0019214a819b}\Shell\AutoRun\command - "" = M:\pushinst.exe -- File not found
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\pushinst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Programme\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Users^USER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip - C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip - File not found
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Programme\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: avgnt - hkey= - key= - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
MsConfig - StartUpReg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
MsConfig - StartUpReg: BrMfcWnd - hkey= - key= - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
MsConfig - StartUpReg: ControlCenter3 - hkey= - key= - C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
MsConfig - StartUpReg: EA Core - hkey= - key= - C:\Program Files\Electronic Arts\EADM\Core.exe File not found
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
MsConfig - StartUpReg: IndexSearch - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: MyPoi Monitor - hkey= - key= - C:\Program Files\Common Files\MyPoiWorld Shared\MyPoiMonitor\MyPoiMonitor.exe (MERIAN scout)
MsConfig - StartUpReg: PaperPort PTD - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: PPort11reminder - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: Sidebar - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: SSBkgdUpdate - hkey= - key= - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: Steam - hkey= - key= - c:\program files\steam\steam.exe (Valve Corporation)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: SweetIM - hkey= - key= - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
MsConfig - StartUpReg: ukwauai - hkey= - key= - c:\users\user\appdata\local\ukwauai.exe File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {61E3FE32-07B9-4563-A3E0-2DE2D620FE10} - C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010.11.14 13:13:24 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.11.13 16:35:08 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys
[2010.11.13 16:35:08 | 000,039,352 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
[2010.11.13 16:33:37 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\InfoWatch
[2010.11.13 16:33:35 | 000,000,000 | ---D | C] -- C:\Programme\Kaspersky Lab
[2010.11.13 16:33:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.11.13 16:32:52 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.11.13 16:25:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010.11.12 21:53:35 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010.11.12 21:53:35 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010.11.12 21:53:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010.11.12 21:53:33 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010.11.12 21:53:32 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010.11.12 21:53:32 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010.11.12 21:53:31 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010.11.12 21:53:29 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010.11.12 21:53:27 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010.11.12 21:53:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.11.12 21:53:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010.11.12 21:53:26 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010.11.12 21:53:25 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.11.12 21:53:25 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.11.12 21:53:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010.11.12 21:53:22 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.11.12 21:53:18 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010.11.12 21:53:17 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.11.12 21:53:17 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010.11.12 21:53:15 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.11.12 21:53:13 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.11.12 21:53:13 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.11.12 21:53:10 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.11.12 21:53:09 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.11.12 21:53:07 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.11.12 21:53:06 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010.11.12 21:53:03 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.11.12 21:53:03 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.11.12 21:52:56 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010.11.12 21:52:52 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.11.12 21:52:52 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.11.12 21:52:49 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.11.12 21:52:48 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.11.12 21:49:24 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010.11.12 21:49:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010.11.11 15:17:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2010.11.04 20:57:30 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\skypePM
[2010.11.04 20:56:23 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
[2010.11.04 20:56:21 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2010.11.04 20:56:20 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Skype
[2010.11.04 20:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.11.03 20:50:39 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoftTB
[2010.11.03 20:50:36 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.11.01 22:21:52 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\kikin
[2010.11.01 22:21:51 | 000,000,000 | ---D | C] -- C:\Programme\kikin
[2010.11.01 22:21:49 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2010.11.01 21:22:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.11.01 21:02:14 | 000,000,000 | ---D | C] -- C:\Users\USER\Desktop\Musik
[2010.11.01 20:54:29 | 000,000,000 | ---D | C] -- C:\Users\USER\Desktop\Papas sachen sehr wichtig
[2010.11.01 17:12:48 | 000,000,000 | ---D | C] -- C:\ProgramData\301F2
[2010.10.20 16:56:03 | 000,000,000 | ---D | C] -- C:\Programme\Hugin
[2008.10.11 18:00:34 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\USER\AppData\Roaming\pcouffin.sys
[2002.12.27 09:47:26 | 001,059,840 | ---- | C] (Auto FX Software) -- C:\Programme\DS_Bonus_Plugin.8bf
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.11.18 18:59:16 | 000,115,465 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010.11.18 18:59:15 | 000,097,545 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010.11.18 18:40:43 | 000,004,672 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.18 18:40:43 | 000,004,672 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.18 18:40:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.18 18:40:23 | 1073,012,736 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.17 21:29:36 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1121738598-1779892969-3180716531-1000UA.job
[2010.11.17 19:58:13 | 000,651,112 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.17 19:58:13 | 000,618,272 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.17 19:58:13 | 000,120,908 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.17 19:58:13 | 000,107,416 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.17 19:48:53 | 000,082,014 | ---- | M] () -- C:\Users\USER\Documents\cc_20101117_194846.reg
[2010.11.17 19:25:20 | 143,726,987 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.11.16 18:31:49 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010.11.14 13:58:17 | 000,009,620 | ---- | M] () -- C:\Users\USER\AppData\Local\d3d9caps.dat
[2010.11.13 23:40:28 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.13 16:32:52 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.11.12 17:29:14 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1121738598-1779892969-3180716531-1000Core.job
[2010.11.04 20:57:35 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.11.01 21:38:31 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010.11.01 20:14:14 | 000,032,256 | ---- | M] () -- C:\Users\USER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.31 12:28:44 | 000,010,458 | ---- | M] () -- C:\Users\USER\AppData\Roaming\wklnhst.dat
[2010.10.25 20:14:20 | 000,041,984 | ---- | M] () -- C:\Users\USER\Documents\Rechnung 65.doc
[2010.10.25 19:52:01 | 000,038,912 | ---- | M] () -- C:\Users\USER\Documents\angebot kramer Goldchammerstr 42 Bochum.doc
[2010.10.24 20:04:52 | 000,038,912 | ---- | M] () -- C:\Users\USER\Documents\angebot kramer Goldchammerstr 48 Bochum.doc
[2010.10.24 16:38:37 | 000,041,984 | ---- | M] () -- C:\Users\USER\Documents\Rechnung 64.doc
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.11.17 19:48:49 | 000,082,014 | ---- | C] () -- C:\Users\USER\Documents\cc_20101117_194846.reg
[2010.11.17 19:25:06 | 143,726,987 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.11.16 18:31:49 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010.11.13 16:40:56 | 000,115,465 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010.11.13 16:40:56 | 000,097,545 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010.11.04 20:57:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.11.04 20:56:23 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.01 21:26:26 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010.10.25 20:14:18 | 000,041,984 | ---- | C] () -- C:\Users\USER\Documents\Rechnung 65.doc
[2010.10.24 20:04:52 | 000,038,912 | ---- | C] () -- C:\Users\USER\Documents\angebot kramer Goldchammerstr 48 Bochum.doc
[2010.10.24 19:10:49 | 000,038,912 | ---- | C] () -- C:\Users\USER\Documents\angebot kramer Goldchammerstr 42 Bochum.doc
[2010.10.24 16:38:36 | 000,041,984 | ---- | C] () -- C:\Users\USER\Documents\Rechnung 64.doc
[2010.09.08 20:04:38 | 000,000,295 | ---- | C] () -- C:\Windows\{B3A73210-3473-461F-AFCB-81D37822D1F9}_WiseFW.ini
[2010.01.23 22:34:12 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2010.01.23 22:33:52 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010.01.18 21:29:16 | 000,031,664 | ---- | C] () -- C:\Windows\maxlink.ini
[2009.11.22 15:31:01 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2009.08.08 21:16:06 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2009.08.08 21:16:06 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009.05.25 14:23:00 | 001,712,128 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
[2009.04.10 11:29:12 | 001,073,152 | ---- | C] () -- C:\Windows\System32\libmysql_c.dll
[2009.03.26 16:40:40 | 000,282,606 | ---- | C] () -- C:\Users\USER\AppData\Local\ukwauai_nav.dat
[2009.03.26 16:40:40 | 000,003,026 | ---- | C] () -- C:\Users\USER\AppData\Local\ukwauai.dat
[2009.03.26 16:40:40 | 000,002,414 | ---- | C] () -- C:\Users\USER\AppData\Local\ukwauai_navps.dat
[2009.02.28 16:19:08 | 000,022,328 | ---- | C] () -- C:\Users\USER\AppData\Roaming\PnkBstrK.sys
[2009.02.27 19:55:37 | 000,000,558 | ---- | C] () -- C:\Windows\DFC.INI
[2009.02.10 21:14:23 | 000,000,294 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009.02.06 17:24:00 | 000,010,458 | ---- | C] () -- C:\Users\USER\AppData\Roaming\wklnhst.dat
[2009.02.06 17:09:02 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.02.03 21:49:59 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009.02.03 21:49:59 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008.12.21 03:30:38 | 000,000,089 | ---- | C] () -- C:\Users\USER\AppData\Local\qceoycm.bat
[2008.10.28 16:40:48 | 000,173,552 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008.10.19 15:34:23 | 000,032,256 | ---- | C] () -- C:\Users\USER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.11 18:03:06 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2008.10.11 18:00:46 | 000,000,034 | ---- | C] () -- C:\Users\USER\AppData\Roaming\pcouffin.log
[2008.10.11 18:00:34 | 000,087,608 | ---- | C] () -- C:\Users\USER\AppData\Roaming\inst.exe
[2008.10.11 18:00:34 | 000,007,887 | ---- | C] () -- C:\Users\USER\AppData\Roaming\pcouffin.cat
[2008.10.11 18:00:34 | 000,001,144 | ---- | C] () -- C:\Users\USER\AppData\Roaming\pcouffin.inf
[2008.10.11 12:59:17 | 000,009,620 | ---- | C] () -- C:\Users\USER\AppData\Local\d3d9caps.dat
[2008.07.15 11:44:46 | 000,000,000 | ---- | C] () -- C:\ProgramData\f7129022-a000-4847-db07-470265a73c4f
[2008.06.11 08:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.06.11 08:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.06.11 08:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.06.11 08:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.06.11 08:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.06.11 08:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.06.11 08:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.06.11 08:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.06.11 08:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.06.05 07:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.05.08 10:16:12 | 000,043,562 | ---- | C] () -- C:\Windows\php.ini
[2008.05.02 12:07:04 | 002,076,672 | ---- | C] () -- C:\Windows\System32\libmysql.dll
[2008.02.27 11:30:18 | 000,000,022 | ---- | C] () -- C:\ProgramData\60a7806a-0eea-424c-a464-20f4730cd631
[2008.02.11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2007.10.25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.08.23 18:30:00 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003.10.18 18:06:42 | 000,135,168 | ---- | C] () -- C:\Windows\System32\ZipDLL.dll
[2003.07.15 15:32:30 | 000,122,368 | ---- | C] () -- C:\Windows\System32\UNZDLL.dll
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.01.23 12:43:15 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\AD ON Multimedia
[2010.02.05 17:10:04 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Adobe
[2008.12.11 13:27:58 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Ahead
[2009.05.29 21:30:19 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Apple Computer
[2009.03.21 14:35:23 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Atari
[2009.02.15 18:42:51 | 000,000,000 | R--D | M] -- C:\Users\USER\AppData\Roaming\Brother
[2010.11.03 20:50:36 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.02.07 13:23:26 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\elsterformular
[2009.12.21 19:28:34 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Hamachi
[2010.11.17 19:31:45 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ICQ
[2008.10.11 12:59:20 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Identities
[2010.01.18 21:29:51 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\InstallShield
[2010.08.01 11:17:23 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\InstallShield Installation Information
[2010.08.01 11:17:24 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\IPACS
[2010.11.01 22:23:25 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\kikin
[2009.11.08 19:03:21 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Leadertech
[2009.02.06 17:17:12 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Macromedia
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Media Center Programs
[2009.11.07 13:14:12 | 000,000,000 | --SD | M] -- C:\Users\USER\AppData\Roaming\Microsoft
[2009.02.12 19:12:57 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Mozilla
[2008.12.28 20:41:36 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Notepad++
[2009.08.08 21:19:53 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\PC Suite
[2010.02.02 20:00:12 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\RTPlayer
[2009.08.08 21:15:51 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Samsung
[2010.02.01 14:29:55 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ScanSoft
[2008.12.28 18:13:19 | 000,000,000 | RH-D | M] -- C:\Users\USER\AppData\Roaming\SecuROM
[2010.11.16 22:40:04 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Skype
[2010.11.16 20:10:01 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\skypePM
[2009.08.12 14:08:26 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\teamspeak2
[2009.04.19 12:45:49 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\TeamViewer
[2010.04.14 16:15:23 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Tunebite
[2008.10.11 18:09:21 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Vso
[2008.11.18 01:21:36 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2008.10.11 18:00:34 | 000,087,608 | ---- | M] () -- C:\Users\USER\AppData\Roaming\inst.exe
[2007.11.20 12:57:26 | 000,088,576 | ---- | M] (AD ON Multimedia Advertising GmbH) -- C:\Users\USER\AppData\Roaming\AD ON Multimedia\eBay Shortcuts\eBayShortcuts.exe
[2009.11.19 12:49:46 | 000,802,816 | ---- | M] (Acresso Software Inc. ) -- C:\Users\USER\AppData\Roaming\InstallShield Installation Information\{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}\setup.exe
[2009.11.19 12:49:42 | 002,166,784 | ---- | M] (IPACS) -- C:\Users\USER\AppData\Roaming\IPACS\easyFly 3 Starter Edition\easyfly3.exe
[2009.02.03 21:46:32 | 000,010,134 | R--- | M] () -- C:\Users\USER\AppData\Roaming\Microsoft\Installer\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}\ARPPRODUCTICON.exe
[2010.03.27 21:07:37 | 000,028,672 | R--- | M] () -- C:\Users\USER\AppData\Roaming\Microsoft\Installer\{63898E1C-0BDC-4FDC-91FC-AB3D3432FB02}\_FCEAE524F0D0_44AF_A79F_D37333D0FE54.exe
[2010.01.28 17:31:20 | 000,010,134 | R--- | M] () -- C:\Users\USER\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010.08.16 20:34:20 | 000,184,856 | ---- | M] (kikin) -- C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\tuu7i1pl.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}\components\KikinCrashReporter.exe
[2010.06.10 18:45:48 | 000,069,632 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Samsung\New PC Studio\DriverChecker.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\drivers\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
< MD5 for: SCECLI.DLL >
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
< MD5 for: USER32.DLL >
[2008.11.14 20:46:34 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2008.11.14 20:46:33 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2008.11.14 20:46:33 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
< MD5 for: USERINIT.EXE >
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WININIT.EXE >
[2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\System32\wininit.exe
[2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
< MD5 for: WINLOGON.EXE >
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\System32\drivers\ws2ifsl.sys
[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2006.11.02 10:46:04 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\expsrv.dll
[2006.11.02 10:46:10 | 001,376,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msvbvm60.dll
[2006.11.02 10:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2006.11.02 10:46:13 | 000,221,184 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report > --- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 18.11.2010 19:11:41 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\USER\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 245,00 Mb Available Physical Memory | 24,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 49,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 335,35 Gb Total Space | 114,33 Gb Free Space | 34,09% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: USER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1121738598-1779892969-3180716531-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F0CF1D3-B97D-42F9-A73E-F653CF35594A}" = rport=138 | protocol=17 | dir=out | app=system |
"{18BE4ABD-AA1D-4EF1-A339-0ACC89E87C9A}" = lport=138 | protocol=17 | dir=in | app=system |
"{348F8035-6A54-4BA1-82D9-6B0DEC85B48A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{48CF22D8-2228-4016-A64B-8003B87BEC5F}" = rport=137 | protocol=17 | dir=out | app=system |
"{4BCF323F-7EC3-4379-B0E2-461428828341}" = rport=445 | protocol=6 | dir=out | app=system |
"{4E04B3A3-4AD0-45E9-8397-EE195A8F68F0}" = lport=137 | protocol=17 | dir=in | app=system |
"{5EF2F46D-5A16-4DAC-9727-77CEEBB4A131}" = lport=139 | protocol=6 | dir=in | app=system |
"{849B075F-EF5E-4CC1-BCD0-432E5F78A887}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{94929B54-C599-4D14-BF95-3FF18739C6EE}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{B0E0FBA2-6B23-41BC-9B67-85AD3CE01A07}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C456801C-ED3C-4B49-8C7D-66F1B092CBF4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D41A21A5-C501-4929-98D8-B6495177FCAA}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 |
"{DC143839-E74D-48D6-9EB5-8A102E44FAD8}" = lport=445 | protocol=6 | dir=in | app=system |
"{DE40853B-4927-4651-AADD-4FD6A0F0E8CB}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{E95622DE-F82B-4D7E-AF83-51CB43AE67F0}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{012C11FF-4F84-436D-87BB-6FAF925A1576}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{03DC7086-3883-4CB6-BB46-53B5330C04C6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{08944515-9287-4700-9E2D-F18A7B2D8B27}" = protocol=6 | dir=in | app=c:\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{0AEAC1DF-70F1-4C10-AB32-31B8B8D611A6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0DC0D8C6-85F7-4BD4-A785-377D1C1AA5E1}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{0E958208-048C-4B70-8C24-6D61D9D4D02D}" = protocol=17 | dir=in | app=c:\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{132CDF21-87E5-4154-BE3A-F7DD4CFF78E9}" = protocol=58 | dir=out | app=system |
"{17B7A5B0-3D69-4535-ADB0-2605409CF1E9}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9506-to-3.0.9.9551-dede-downloader.exe |
"{1910EEA3-1BA7-48BC-BA7B-9719D3C721EC}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9806-to-3.1.1.9835-dede-downloader.exe |
"{1ABF8D28-617C-4FFA-ABEA-81B1CD715CCB}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.0.9767-to-3.1.1.9806-dede-downloader.exe |
"{1CEA0723-5EBA-494B-9D89-982940660F0C}" = protocol=17 | dir=in | app=c:\program files\rapidsolution\rs audials one\tunebite\tunebitehelper.exe |
"{1D3C0E64-9901-49AF-A949-919861471C20}" = protocol=58 | dir=out | app=system |
"{29E5A27C-3104-42A7-AA56-FB9F4251DD03}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{29F85B1C-82EF-4C1A-A171-E86B8E1D5D2C}" = protocol=6 | dir=in | app=c:\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{3224D585-97DB-471D-AE16-5079D022D0B6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{387310DF-2D54-4C3D-965A-ACD809F1BD6A}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{38ECB4D6-8BD3-4161-AAAB-B6332F027066}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9806-to-3.1.1.9835-dede-downloader.exe |
"{394AED7E-24B3-41A9-8487-20E04E83CF84}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3EC18552-2E49-4F2E-B82F-7BFE17C69E03}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{43F1479E-D1A1-43BE-90E0-BFD0FCB60061}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{44DC654A-AA70-412A-8649-E9A7D505F96B}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.2.9056-to-3.0.3.9183-dede-downloader.exe |
"{453DD35A-8F73-48E0-AB86-C5F882994809}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{487EC2EE-B278-4FB4-B38B-D8F12C4E9A94}" = protocol=17 | dir=in | app=c:\program files\merian scout navimanager\msnavimanager.exe |
"{4EA9A290-AD3B-4EC3-905E-C6F59B2B2FB4}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.3.9183-to-3.0.8.9464-dede-downloader.exe |
"{5101A7B6-5151-43F2-AB39-AED26559F617}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{51DCA91B-382E-4357-B58A-2A9E138D8863}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{52087D65-27DD-4294-ADAD-8F9E41935EA8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{539CAA12-A12C-48C2-B28A-9EA5535DC7FD}" = protocol=58 | dir=out | app=system |
"{54EC8D16-837C-4C28-892E-4B659C4B253B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{57031FFF-8F0F-49C4-BCAF-A4491CC9EAEB}" = protocol=17 | dir=in | app=c:\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{5848E98F-8ADF-40F4-B71D-DEA96D3E8A50}" = protocol=58 | dir=out | app=system |
"{5894EC57-88C0-4562-B6AE-7F286FE413D3}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{58ACB208-7348-4FF0-AFCA-BBD68142B2B5}" = protocol=17 | dir=in | app=c:\users\user\downloads\sweetimsetup.exe |
"{59945F9F-6AA3-47E2-BDF0-F34865ECA626}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{5AEE4652-D4B4-4752-9544-83913A518FD8}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.2.9901-to-3.1.3.9947-dede-downloader.exe |
"{5B2DA79B-F091-4F39-95FA-2C923F5F18F0}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.3.9183-to-3.0.8.9464-dede-downloader.exe |
"{5EE855F0-076A-43A2-9306-AACBF42B3A42}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{62A6F5C8-E78B-4FF0-B74A-E6ED323DE7B5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{6CA95CFC-69CF-499E-8AE4-4623841934E8}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{6EBF19AC-3587-4C14-B369-5925FC53155C}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{707A9382-B10B-436A-9674-DBBD5F37D77E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{71DCDF37-82F8-4C21-99B5-ED4D67A7A398}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9464-to-3.0.8.9506-dede-downloader.exe |
"{7343157E-89F2-4C0D-9EF2-BE373ECA2235}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{7500DB52-24BC-4A8A-AE28-FCC4C1E124D9}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{7525D265-0D71-4F6C-85F1-4FA5AC0EA221}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{7CA81D89-64FB-480C-BBE7-6C97AA7E2AC1}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{7F3041EB-90E9-4988-95AF-480B3F926F2A}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{819C41AB-78F6-4988-8185-55272F5054CA}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{888F18DC-3DAA-4DCE-9995-AED8923FEB81}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.2.9056-to-3.0.3.9183-dede-downloader.exe |
"{8ED3E219-278E-4DE3-94D1-A6BB0B924636}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{8EE8EF37-BB82-465D-8A4B-A8AC9924972A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{902A3D8A-C90B-4840-BC14-16FDD87A1313}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{9137FB7C-08A5-4262-82D7-01B2919A3F47}" = protocol=58 | dir=out | app=system |
"{93BAC75F-30BB-4BCE-A470-125E8CA4CF10}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{948B7489-E60D-4256-8C3F-1E2ACB09EA26}" = protocol=58 | dir=out | app=system |
"{94A54CE2-AFB9-4E6F-967B-2DEA4CF9EC74}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{950763E1-9EEB-4A84-8699-0077294D42FB}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\counterzocker711\counter-strike source\hl2.exe |
"{96C089BD-ADA9-41C0-A78F-6154B5D494FB}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{9CB71B7C-B380-4921-A7CB-72E7B11C6720}" = protocol=6 | dir=in | app=c:\world of warcraft\backgrounddownloader.exe |
"{9E1796D5-97FC-4A92-B849-6C42E0C3F404}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{A4011109-A738-44A9-BBD9-FCF1916F26EF}" = protocol=58 | dir=out | app=system |
"{A76CA1D7-037E-44A3-88CE-B318BDA771D9}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A88A623F-FC85-4CA3-8B91-D045477D590D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9506-to-3.0.9.9551-dede-downloader.exe |
"{AFD29718-F357-41F4-819F-48461D3DA1FC}" = protocol=6 | dir=in | app=c:\program files\rapidsolution\rs audials one\tunebite\tunebitehelper.exe |
"{B1FE6616-6A73-484B-A68F-D0435093C054}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{B8FBB6A1-1CE3-49BD-B895-509C4C8DDEF6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BEB45663-1519-46DE-B4CA-6B6A6FE229B9}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{C30F124F-A077-4623-AC9A-C45042223A1E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C3FBF0A1-DA74-44EF-AFCB-DD4799855064}" = protocol=17 | dir=in | app=c:\world of warcraft\backgrounddownloader.exe |
"{C7502F8F-AD94-4C82-A857-C19CD6BFEA46}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{C863040A-7691-4EB2-9D37-35A83CD49535}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{C944E154-D9CA-46F5-AB19-69BD6F5BC697}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{CAAD4F02-016A-4892-9D1B-C8D56A5EE7BB}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.2.9901-to-3.1.3.9947-dede-downloader.exe |
"{CDA74821-591D-49BC-A416-2C38FA22973F}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9464-to-3.0.8.9506-dede-downloader.exe |
"{CEF0569B-3715-4B22-B677-9704A8B2A24C}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{CF1C7CE1-F104-489D-A0A8-4AA0CBE6FE79}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{D703C9AF-FF21-4D1C-AEE3-EF8FABF817E8}" = protocol=6 | dir=in | app=c:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\backgrounddownloader.exe |
"{D839654B-7A5C-4307-8B7B-730A8A859BF2}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{D8607497-9959-4BC8-BC0C-8E65E306BC54}" = protocol=58 | dir=out | app=system |
"{DF3F4E26-B291-4C17-8E22-5CAB5685D352}" = protocol=6 | dir=in | app=c:\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{E1DE3007-34E9-4EF7-A8FC-1E6B1837F4E2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\counterzocker711\counter-strike source\hl2.exe |
"{E2ACA5A2-C867-4BEC-9BD6-6DC4723BA6E2}" = protocol=6 | dir=in | app=c:\program files\merian scout navimanager\msnavimanager.exe |
"{E2B51039-5AD2-446E-AD77-DC87D7709171}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.0.9767-to-3.1.1.9806-dede-downloader.exe |
"{E44024D8-6101-49DD-BF45-0565040AFFC4}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{E69D79DC-5760-4071-9DC3-CE05121C7799}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E6D54EEB-FFF8-4EAE-BE8E-66368E6AF420}" = protocol=6 | dir=in | app=c:\users\user\downloads\sweetimsetup.exe |
"{F1D88706-E2D2-4ACB-9B4C-A8455535779A}" = protocol=17 | dir=in | app=c:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\backgrounddownloader.exe |
"{F46C7AAA-683F-41D7-92CE-408FCF135BC8}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{F5AA03C3-04E2-406D-A1EC-4E848EBFCA5C}" = protocol=58 | dir=in | app=system |
"{FDF7AF88-BD45-4589-8253-D9D5D2BCBB2F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{FFC87F8E-83B7-476B-9017-759F99D4E50E}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{FFEF8CBB-D7E3-40D6-8D89-0A3C049A73EA}" = protocol=17 | dir=in | app=c:\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"TCP Query User{02EAD81A-F619-4552-A1B2-9EE04B0BE717}C:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\3.world.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\3.world.exe |
"TCP Query User{0842E5FD-22C5-4AAF-8039-5266AA9394B4}C:\users\user\appdata\local\temp\blizzard launcher temporary - c70a6890\launcher.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\temp\blizzard launcher temporary - c70a6890\launcher.exe |
"TCP Query User{08FDC5BD-9482-446B-A1C7-61053D34CFD6}C:\users\user\desktop\tcue-core-rev2\bin_x86\3.world.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\tcue-core-rev2\bin_x86\3.world.exe |
"TCP Query User{12BCEE79-78EF-41FE-A3EA-A44341283D99}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{19E491F5-C9CC-4F51-92F4-30DB527CCED3}C:\appserv\apache2.2\bin\httpd.exe" = protocol=6 | dir=in | app=c:\appserv\apache2.2\bin\httpd.exe |
"TCP Query User{1CD14C0F-9BD5-401C-A7F2-C0E283CECD74}D:\condition zero\czero.exe" = protocol=6 | dir=in | app=d:\condition zero\czero.exe |
"TCP Query User{20E48B00-3E75-490E-9C8C-E42C1D6C053D}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{21CC3D0F-72C0-464F-80F5-09CF4DA62B36}C:\users\user\desktop\tcue-core-rev2\bin_x86\1.login.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\tcue-core-rev2\bin_x86\1.login.exe |
"TCP Query User{2348E3DF-4CAF-483A-AAC6-2548747AFD60}C:\program files\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:\program files\left 4 dead\left4dead.exe |
"TCP Query User{23B14DFA-9FF9-43A9-AC32-D717351FE4CC}C:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\launcher.exe |
"TCP Query User{25CCB2D1-D1C2-4F89-960F-9771B4ED7C81}C:\users\user\desktop\tcue-core-rev2\bin_x86\2.char.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\tcue-core-rev2\bin_x86\2.char.exe |
"TCP Query User{293AAC23-C753-4DFC-B080-7D0309875564}C:\program files\softnyx\wolfteam\wolfteam.bin" = protocol=6 | dir=in | app=c:\program files\softnyx\wolfteam\wolfteam.bin |
"TCP Query User{2C3A0A60-37F4-4FD9-B642-07738A70EC11}C:\users\user\desktop\nicht löschen dateien von raimond\lightning55-core-v1\3. world server.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\lightning55-core-v1\3. world server.exe |
"TCP Query User{2EEBCB7B-6F8B-43F5-941E-64A4B0D07F9F}C:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\3.world.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\3.world.exe |
"TCP Query User{30CEF2F5-730C-431A-AB42-50FF1B2B9862}C:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\2.char.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\2.char.exe |
"TCP Query User{31C54360-AD92-41C2-B05C-1D5D350323A0}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{354B3F78-5968-40DF-ACB4-1A1236D51E9D}C:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\2.char.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\2.char.exe |
"TCP Query User{3D32F2CA-F2A6-4016-8956-CA4D70F20FC0}C:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\1.login.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\1.login.exe |
"TCP Query User{4642EB32-FCAC-4068-9037-04AD470BC6CB}C:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\launcher.exe |
"TCP Query User{497F39A8-BDE8-4AA3-B6A9-C15D1224EBF8}C:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\wow (2).exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\wow (2).exe |
"TCP Query User{52048003-0343-40F4-90EC-667F2FEB2A42}C:\program files\steam\steamapps\counterzocker711\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\counterzocker711\counter-strike source\hl2.exe |
"TCP Query User{528BCC87-E13D-477B-88E3-0953650AC769}C:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\2.char.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\2.char.exe |
"TCP Query User{529900FD-A522-4E31-8F0C-13F28373478F}C:\program files\steam\steamapps\common\dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe |
"TCP Query User{5796D99A-CE02-41A2-9E77-AABFA4895BE6}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{5BD10074-4BDF-424C-BCB4-E6803B80C44A}C:\program files\steam\steamapps\xetas1\zombie panic! source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\xetas1\zombie panic! source\hl2.exe |
"TCP Query User{5CD5976C-10AE-4771-AB48-25B65236D313}C:\program files\steam\steamapps\baby_phat\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\baby_phat\counter-strike source\hl2.exe |
"TCP Query User{65925A42-FBB6-473B-BDA0-F1D6294B78AB}C:\program files\steam\steamapps\baby_phat\zombie panic! source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\baby_phat\zombie panic! source\hl2.exe |
"TCP Query User{65FE15D0-8027-47AE-92A3-3FE037675B89}C:\program files\steam\steamapps\xray11600\zombie panic! source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\xray11600\zombie panic! source\hl2.exe |
"TCP Query User{661FBB4A-49BB-4CCE-88F1-B554E338BC37}C:\program files\free download manager\fdm.exe" = protocol=6 | dir=in | app=c:\program files\free download manager\fdm.exe |
"TCP Query User{6882FE34-A23F-436D-A251-396D1196B5C6}C:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe |
"TCP Query User{6A93BDD6-BDBA-4CDC-A4A7-3D07CFA5C8A6}C:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\1.login.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\1.login.exe |
"TCP Query User{6EDE964C-BA74-41CA-8809-0BC6C981F79D}C:\users\user\desktop\nicht löschen dateien von raimond\lightning55-core-v1\1. login server.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\lightning55-core-v1\1. login server.exe |
"TCP Query User{7AFF0382-3A2F-4C5B-B44F-78F4511AC267}C:\program files\metin2_germany\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2_germany\metin2.bin |
"TCP Query User{7B9D4DBC-992F-45B1-8397-B2BF1A34853E}C:\users\user\desktop\wow-burningcrusade-dede-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\wow-burningcrusade-dede-installer-downloader.exe |
"TCP Query User{7F045259-52F4-43FF-8DE2-F504CD027FD1}C:\users\user\desktop\tcue-core-rev2\bin_x86\1.login.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\tcue-core-rev2\bin_x86\1.login.exe |
"TCP Query User{81933895-08F6-4A42-8986-644DF2E74FD0}C:\program files\steam\steamapps\counterzocker711\day of defeat source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\counterzocker711\day of defeat source\hl2.exe |
"TCP Query User{81D7EBEF-832A-4561-9636-FB0372318C9A}C:\users\user\desktop\nicht löschen dateien von raimond\lightning55-core-v1\2. char server.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\lightning55-core-v1\2. char server.exe |
"TCP Query User{82B83493-DB1E-42CC-945C-D725F49E431F}C:\program files\icq7.1\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"TCP Query User{855055D6-C875-4DEC-8188-0DC7A7C3E2DE}C:\program files\steam\steamapps\baby_phat\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\baby_phat\counter-strike source\hl2.exe |
"TCP Query User{8D743704-3592-4232-B877-6FA3E465044F}C:\users\user\desktop\sro_new_full-client_downloader.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\sro_new_full-client_downloader.exe |
"TCP Query User{9408A9DF-7E10-4EE6-9B59-DF20E7D32812}C:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\1.login.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\1.login.exe |
"TCP Query User{98197B65-AD98-4BAB-8362-2B6FC70CF61F}C:\program files\steam\steamapps\thain84\zombie panic! source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\thain84\zombie panic! source\hl2.exe |
"TCP Query User{9A8BC7AA-3D38-4875-AB42-21EFBCD06E6A}C:\users\user\desktop\borderlands\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\borderlands\borderlands\binaries\borderlands.exe |
"TCP Query User{9AD76B1E-0851-4387-8994-3E27256238A5}C:\users\user\desktop\tcue-core-rev2\bin_x86\3.world.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\tcue-core-rev2\bin_x86\3.world.exe |
"TCP Query User{9E0D0173-BD24-4961-8DD2-CEDDD48968D2}C:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\3.world.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\3.world.exe |
"TCP Query User{A2BBA0AF-C307-48DA-BE35-E29D341EB707}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{A964E225-B6A8-4900-8915-36226455E325}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"TCP Query User{ACF07E81-7105-499C-9907-C42ECF5CB153}C:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\backgrounddownloader.exe |
"TCP Query User{AF6AB118-5626-49CD-8EED-1CF8D79EA9CB}C:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\1.login.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\1.login.exe |
"TCP Query User{B0F43AF6-E0A4-4942-ABB3-3F6E5CA0C794}C:\condition zero\czero.exe" = protocol=6 | dir=in | app=c:\condition zero\czero.exe |
"TCP Query User{B3B4D226-254A-41D4-86D2-BBB78E2C2B27}C:\program files\gametap\bin\release\gametap.exe" = protocol=6 | dir=in | app=c:\program files\gametap\bin\release\gametap.exe |
"TCP Query User{B4FADC18-8695-4ABD-A64D-6B06B30CE42C}C:\users\user\documents\meine empfangenen dateien\dead space.exe" = protocol=6 | dir=in | app=c:\users\user\documents\meine empfangenen dateien\dead space.exe |
"TCP Query User{BC046088-A91F-4477-A693-5E930027F126}C:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\2.char.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\2.char.exe |
"TCP Query User{C0BD80D5-513D-4038-8A8A-1253FC690DD7}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{C2B819F3-24EB-4862-BFF2-C84B14151CE9}C:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe |
"TCP Query User{C7F0A55F-DCC5-40E5-ACEA-0DB8E8C40D4E}C:\appserv\apache2.2\bin\httpd.exe" = protocol=6 | dir=in | app=c:\appserv\apache2.2\bin\httpd.exe |
"TCP Query User{C93AA6A2-39EF-4883-8891-DDD7D3BBA05A}C:\users\user\desktop\wow-dede-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\wow-dede-installer-downloader.exe |
"TCP Query User{CAFCBF81-C9AE-4867-893C-1ECA7513A2EE}C:\program files\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:\program files\left 4 dead\left4dead.exe |
"TCP Query User{DDCF3ED9-793D-4A3B-B97D-4C1182458D78}C:\users\user\documents\meine empfangenen dateien\dead space.exe" = protocol=6 | dir=in | app=c:\users\user\documents\meine empfangenen dateien\dead space.exe |
"TCP Query User{DF7FB05F-2C5F-4CC0-9476-EF8BC7F51584}C:\program files\steam\steamapps\xetas1\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\xetas1\counter-strike source\hl2.exe |
"TCP Query User{E2B8F3AE-F371-4AD7-85CB-4FFBD3A9D62F}C:\program files\steam\steamapps\xetas1\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\xetas1\half-life 2 deathmatch\hl2.exe |
"TCP Query User{E3A55B68-FEA7-421D-A359-0D032ECB6412}C:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\3.world.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\3.world.exe |
"TCP Query User{F4E5A920-86DD-471A-A383-78EDBE7588CB}C:\users\user\desktop\tcue-core-rev2\bin_x86\2.char.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\tcue-core-rev2\bin_x86\2.char.exe |
"TCP Query User{F73DC4D9-D722-427A-9851-23A48F5F34C5}C:\program files\steam\steamapps\xetas1\condition zero\hl.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\xetas1\condition zero\hl.exe |
"UDP Query User{0320328C-B122-40F8-8360-F9D04C981E46}C:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\1.login.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\1.login.exe |
"UDP Query User{06AF1027-E477-4797-B838-62E79CECBA2B}C:\appserv\apache2.2\bin\httpd.exe" = protocol=17 | dir=in | app=c:\appserv\apache2.2\bin\httpd.exe |
"UDP Query User{099A2137-6B6A-4563-97D4-7DF5C298C27A}C:\users\user\desktop\nicht löschen dateien von raimond\lightning55-core-v1\3. world server.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\lightning55-core-v1\3. world server.exe |
"UDP Query User{0C710A2E-AA44-4069-A2EE-C01262F8480A}C:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\2.char.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\2.char.exe |
"UDP Query User{0D4850C8-7551-4266-85C0-E832FC7B1ADA}C:\program files\steam\steamapps\xetas1\condition zero\hl.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\xetas1\condition zero\hl.exe |
"UDP Query User{1191149B-E1FA-46A7-A061-3AD35DFEB3F8}C:\program files\softnyx\wolfteam\wolfteam.bin" = protocol=17 | dir=in | app=c:\program files\softnyx\wolfteam\wolfteam.bin |
"UDP Query User{13B1CA32-BA08-4F37-9E36-CD56250743AA}C:\program files\free download manager\fdm.exe" = protocol=17 | dir=in | app=c:\program files\free download manager\fdm.exe |
"UDP Query User{13C1BCEB-21BF-4780-B6B8-9D5FE1FD666A}C:\users\user\desktop\borderlands\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\borderlands\borderlands\binaries\borderlands.exe |
"UDP Query User{16969181-F89E-4385-95B1-E6F5A7D094C0}C:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\1.login.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\1.login.exe |
"UDP Query User{1CC00FCB-54F1-4E5A-8504-24E33A4D1B5F}C:\program files\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:\program files\left 4 dead\left4dead.exe |
"UDP Query User{1D1040D8-B419-4514-BB0A-53383A15C047}C:\program files\metin2_germany\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2_germany\metin2.bin |
"UDP Query User{209C0055-9E69-47A3-9B93-90C59A4C30C0}C:\users\user\desktop\tcue-core-rev2\bin_x86\3.world.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\tcue-core-rev2\bin_x86\3.world.exe |
"UDP Query User{25327B01-7471-4338-B9D2-C3A2C5325D13}C:\users\user\documents\meine empfangenen dateien\dead space.exe" = protocol=17 | dir=in | app=c:\users\user\documents\meine empfangenen dateien\dead space.exe |
"UDP Query User{272641DB-3EA6-447B-82D7-5B87945373A4}C:\program files\steam\steamapps\xray11600\zombie panic! source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\xray11600\zombie panic! source\hl2.exe |
"UDP Query User{28570F8C-2893-490B-A197-66FA825E2090}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{293F80ED-59A2-4F17-B6F6-34A116A59672}C:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\3.world.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\3.world.exe |
"UDP Query User{29833A4F-496C-4577-A68A-DA728CEEAE0A}C:\program files\steam\steamapps\xetas1\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\xetas1\counter-strike source\hl2.exe |
"UDP Query User{3216C9F2-EBE5-496B-81CA-E2F503C9CE3D}C:\program files\steam\steamapps\counterzocker711\day of defeat source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\counterzocker711\day of defeat source\hl2.exe |
"UDP Query User{3419C54E-C056-44FF-A6EA-84437E2CCD1F}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{347204F3-2932-44A4-BC7E-1D94525E735D}C:\program files\steam\steamapps\counterzocker711\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\counterzocker711\counter-strike source\hl2.exe |
"UDP Query User{3D682295-993B-46AD-8CE7-95A62C685FA3}C:\condition zero\czero.exe" = protocol=17 | dir=in | app=c:\condition zero\czero.exe |
"UDP Query User{3E110667-FCA5-48BD-87E2-AA0C4380C399}C:\program files\steam\steamapps\baby_phat\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\baby_phat\counter-strike source\hl2.exe |
"UDP Query User{3E56364B-0445-499D-BAD4-8CB7F546B9ED}C:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\backgrounddownloader.exe |
"UDP Query User{4133D2D6-EEB5-4839-8A63-386D975F690C}C:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\2.char.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\2.char.exe |
"UDP Query User{4843609E-3288-4396-BD68-054672EABD67}C:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\3.world.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\3.world.exe |
"UDP Query User{4A2FB47B-71C0-4F4C-A33F-EE2A902364F4}C:\users\user\desktop\sro_new_full-client_downloader.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\sro_new_full-client_downloader.exe |
"UDP Query User{4E7DBB7A-39CF-4BB6-90B8-07F70A2BC191}C:\users\user\desktop\wow-burningcrusade-dede-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\wow-burningcrusade-dede-installer-downloader.exe |
"UDP Query User{515DE6B4-149F-4DA7-8FCE-A91AC3FE041F}C:\users\user\documents\meine empfangenen dateien\dead space.exe" = protocol=17 | dir=in | app=c:\users\user\documents\meine empfangenen dateien\dead space.exe |
"UDP Query User{55891D0F-B70A-4C6D-A629-AE0658AAD806}C:\users\user\desktop\nicht löschen dateien von raimond\lightning55-core-v1\2. char server.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\lightning55-core-v1\2. char server.exe |
"UDP Query User{57E75241-7809-4DF8-87FF-0355D2D519EA}C:\program files\icq7.1\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"UDP Query User{59830191-9140-4614-B203-6B82186EFDAE}C:\appserv\apache2.2\bin\httpd.exe" = protocol=17 | dir=in | app=c:\appserv\apache2.2\bin\httpd.exe |
"UDP Query User{5ADF51A0-A7B7-44F3-BD72-212A26CD3AB3}C:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\3.world.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\3.world.exe |
"UDP Query User{5C5C6ED3-8B01-4BDB-B434-5576CDCF4FDE}C:\users\user\desktop\wow-dede-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\wow-dede-installer-downloader.exe |
"UDP Query User{5CFCD817-E495-4B76-94F6-CDD3720B9501}C:\users\user\desktop\nicht löschen dateien von raimond\lightning55-core-v1\1. login server.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\lightning55-core-v1\1. login server.exe |
"UDP Query User{6769D7FE-FEA8-4077-BB47-E28995BA9022}C:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\wow (2).exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\wow (2).exe |
"UDP Query User{6B2061B1-9C70-4516-B6E9-2E3EEBBCE739}C:\users\user\desktop\tcue-core-rev2\bin_x86\2.char.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\tcue-core-rev2\bin_x86\2.char.exe |
"UDP Query User{6CD79CB9-CDAA-4E6C-AB8A-9A1BEB4F2A04}C:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\launcher.exe |
"UDP Query User{73DFEDB9-7537-406D-B4C3-9F125EA3FA15}C:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\1.login.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\1.login.exe |
"UDP Query User{7616BCBE-ECAF-462D-A33C-5EA56127E41B}C:\program files\steam\steamapps\baby_phat\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\baby_phat\counter-strike source\hl2.exe |
"UDP Query User{7DB45BC8-7BAA-4CA8-BA5B-2FD85779F564}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{818BFCB0-B9CA-4FFB-B202-6D4C03D8B73C}C:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\1.login.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\1.login.exe |
"UDP Query User{906EB96B-B811-402B-9423-0EB4749A2D9D}C:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\microsoft\messenger\xray3@hotmail.de\sharing folders\world of warcraft\launcher.exe |
"UDP Query User{913BC52D-B4CD-46C2-ACCA-406DC9A67658}C:\program files\steam\steamapps\baby_phat\zombie panic! source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\baby_phat\zombie panic! source\hl2.exe |
"UDP Query User{91CA5D02-B68B-4BB5-8A24-CD12C3BD4BE0}C:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\2.char.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\2.char.exe |
"UDP Query User{97400079-8BBC-408E-8585-D54B26F81681}C:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe |
"UDP Query User{A0736E37-611D-4DBC-8911-98778A4CDEB8}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{A2981DED-5D36-4324-9A49-65EABADDE561}C:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\3.world.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\neuer ordner\tcue-core-rev2\bin_x86\3.world.exe |
"UDP Query User{A4D55A0A-CFE9-4430-90D9-30F9C7B314D9}C:\program files\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:\program files\left 4 dead\left4dead.exe |
"UDP Query User{A8A5F09C-4902-4255-995C-454B6AE0EDE2}C:\users\user\desktop\tcue-core-rev2\bin_x86\1.login.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\tcue-core-rev2\bin_x86\1.login.exe |
"UDP Query User{B0D2E2A3-2584-4F45-9995-4324AC21DE84}C:\users\user\desktop\tcue-core-rev2\bin_x86\2.char.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\tcue-core-rev2\bin_x86\2.char.exe |
"UDP Query User{B31FA5FC-F51F-4138-A31B-9C33B9556919}C:\program files\steam\steamapps\xetas1\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\xetas1\half-life 2 deathmatch\hl2.exe |
"UDP Query User{B78873D2-7955-428D-B7D5-559AC5234A78}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{C3D4E325-F78F-49AB-94AC-3772836FA5E8}C:\program files\steam\steamapps\common\dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe |
"UDP Query User{C843A6EF-D2CC-42F5-A55D-607705030798}C:\program files\gametap\bin\release\gametap.exe" = protocol=17 | dir=in | app=c:\program files\gametap\bin\release\gametap.exe |
"UDP Query User{C857A83D-4E99-480A-AE3E-CBDDAFF65DB6}C:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe |
"UDP Query User{DB1282A7-E911-422A-ABC6-A2BC1D5FDA3A}C:\users\user\desktop\tcue-core-rev2\bin_x86\3.world.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\tcue-core-rev2\bin_x86\3.world.exe |
"UDP Query User{E1266C14-B8C0-4272-BD87-CB08170750E9}C:\users\user\desktop\tcue-core-rev2\bin_x86\1.login.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\tcue-core-rev2\bin_x86\1.login.exe |
"UDP Query User{E2A46E5D-3FFE-44B1-A2B1-D5573C226E81}C:\program files\steam\steamapps\thain84\zombie panic! source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\thain84\zombie panic! source\hl2.exe |
"UDP Query User{E5C4B86F-F94E-4225-BF5D-2CA7581588D8}D:\condition zero\czero.exe" = protocol=17 | dir=in | app=d:\condition zero\czero.exe |
"UDP Query User{E5ED6B08-1391-4D27-A7B7-99BDCC28FEA9}C:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\2.char.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\nicht löschen dateien von raimond\tcue-core-rev2\bin_x86\2.char.exe |
"UDP Query User{F149A6D3-4C06-40DE-B971-313AFEB19B82}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{F213307C-2C1E-44B0-9E32-5E72F09BBF7A}C:\users\user\appdata\local\temp\blizzard launcher temporary - c70a6890\launcher.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\temp\blizzard launcher temporary - c70a6890\launcher.exe |
"UDP Query User{F8873307-D556-4640-9BEB-157A6F39F642}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{FD7D762D-E563-404F-8472-C7E705723D5E}C:\program files\steam\steamapps\xetas1\zombie panic! source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\xetas1\zombie panic! source\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{08ED8855-4C2E-429B-A878-F129E1F624FA}" = SweetIM for Messenger 3.2
"{1A0B8239-664B-434A-99D8-C50793513249}" = Audials TV
"{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 15
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}" = Brother MFL-Pro Suite DCP-185C
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{44A91B04-3D0C-47F9-B644-7F682869AFF3}" = MobileMe Control Panel
"{48F32034-CDCC-411F-9620-D0752E29C313}" = Videoraptor
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5D95AD35-368F-47D5-B63A-A082DDF00116}" = Microsoft Foto 2006 Standard Edition Editor
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}" = PixiePack Codec Pack
"{63898E1C-0BDC-4FDC-91FC-AB3D3432FB02}" = Tom's RC Download Manager for FMS Models and Landscapes
"{668D583F-3BEE-4217-A149-09FDAFFE2477}" = Tunebite
"{691F4068-81BF-49E3-B32E-FE3E16400112}" = Microsoft Foto 2006 Standard Edition Bibliothek
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76629460-34BF-44E8-94A0-D5DCB876232E}" = Radiotracker
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90F1DDBF-0C56-44B0-A920-72CC90C51565}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A20A58C4-6784-4B4B-86CC-94E2E3671031}" = Nero 7 Ultra Edition
"{A6CC2CA2-2779-4F10-88BF-A3C9EB874C24}" = SweetIM Toolbar for Internet Explorer 3.9
"{A7E07C2B-2220-4415-87E3-784D5814BC93}" = NVIDIA PhysX v8.09.04
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3A73210-3473-461F-AFCB-81D37822D1F9}" = MERIAN scout NAVIMANAGER
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D99B8A7B-1896-4B3E-8372-3239A63B5362}" = Tagrunner
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ask Toolbar_is1" = Ask Toolbar
"Ask.com Search Assistant" = Ask.com Search Assistant 1.0.2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"CCleaner" = CCleaner
"DreamSuite Bonus" = Uninstall DreamSuite Bonus
"DRPU PC Data Manager(Basic)" = DRPU PC Data Manager(Basic)
"DVDFab Platinum" = DVDFab Platinum
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Eazel-DE Toolbar" = Eazel-DE Toolbar
"ElsterFormular 11.1.2.3848" = ElsterFormular
"Hamachi" = Hamachi 1.0.3.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ICQToolbar" = ICQ Toolbar
"InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"JDownloader" = JDownloader
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6 6.0.19.0 (D)
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.13)" = Mozilla Firefox (3.5.13)
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoScape" = PhotoScape
"PHPNukeDE Toolbar" = PHPNukeDE Toolbar
"PictureItPrem_v11" = Microsoft Foto 2006 Standard Edition
"PremiumSoft Navicat 8.0 for MySQL_is1" = PremiumSoft Navicat 8.0 for MySQL
"qceoycm" = Favorit
"RS Audials One_is1" = RS Audials One 2.1.35716.1600
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"ShapeCollage" = Shape Collage
"SmartPropoPlus" = SmartPropoPlus
"Steam App 240" = Counter-Strike: Source
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 4" = TeamViewer 4
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Works2006Setup" = Setup-Start von Microsoft Works Suite 2006
"World of Warcraft" = World of Warcraft
"Yahoo! Toolbar" = Yahoo! Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1121738598-1779892969-3180716531-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}" = easyFly 3 Starter Edition
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 17.11.2010 13:03:11 | Computer Name = USER-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 17.11.2010 13:03:11 | Computer Name = USER-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 17.11.2010 13:03:11 | Computer Name = USER-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 18.11.2010 13:49:54 | Computer Name = USER-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 18.11.2010 13:49:54 | Computer Name = USER-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 18.11.2010 13:49:54 | Computer Name = USER-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 18.11.2010 13:49:54 | Computer Name = USER-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 18.11.2010 13:49:55 | Computer Name = USER-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 18.11.2010 13:49:55 | Computer Name = USER-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 18.11.2010 13:49:55 | Computer Name = USER-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ System Events ]
Error - 14.11.2010 13:56:27 | Computer Name = USER-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 15.11.2010 12:56:20 | Computer Name = USER-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 15.11.2010 13:43:17 | Computer Name = USER-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 16.11.2010 15:40:47 | Computer Name = USER-PC | Source = DCOM | ID = 10010
Description =
Error - 16.11.2010 17:09:36 | Computer Name = USER-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 16.11.2010 17:57:36 | Computer Name = USER-PC | Source = DCOM | ID = 10010
Description =
Error - 17.11.2010 12:56:22 | Computer Name = USER-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 17.11.2010 13:14:49 | Computer Name = USER-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 17.11.2010 13:14:49 | Computer Name = USER-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 17.11.2010 14:25:07 | Computer Name = USER-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 17.11.2010 um 19:23:26 unerwartet heruntergefahren.
< End of report > --- --- --- |