SecurityTool entfernt, aber Unsicherheit, ob es wirklich weg ist
Servus,
auch ich habe mir bescheidenerweise dieses Tool eingefangen. Bis eben hatte es mir das System so zerschossen, dass ich Windows ned mal mehr starten konnte. Das geht jetzt wieder, allerdings geht mir momentan das Tool teilweise noch auf die Nerven. Ich habe eure Anleitung gelesen und wollte nun hier gern die Logs posten, damit eventuell jemand nachschauen kann, ob jetzt wieder alles in Ordnung ist. Wäre toll, wenn jemand so nett wäre und mir helfen könnte. Da ich vorher bereits gelesen und die Anleitung Schritt für Schritt befolgt habe, hier nun direkt die Logfiles, die ihr benötigt: Hier das Malwarebytes-Logfile: Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 5204
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975
28.11.2010 16:50:29
mbam-log-2010-11-28 (16-50-29).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 427498
Laufzeit: 2 Stunde(n), 6 Minute(n), 6 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 4
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 15
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\cs41275 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{28eb0708-cb60-5afe-919a-f6949664a414} (Trojan.Zbot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\portwexexe.exe (Trojan.Zbot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\portwexexe.exe (Trojan.Zbot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Users\***\AppData\Roaming\Utyhte\uzydo.exe (Trojan.Zbot) -> Quarantined and deleted successfully.
C:\portwexexe.exe\portwexexe.exe (Trojan.Zbot) -> Quarantined and deleted successfully.
C:\Users\***\AppData\Local\633895.exe (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6LH4AAEB\1014[1].exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O9K8I1JF\az[1].exe (Trojan.Zbot) -> Quarantined and deleted successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QH415Y1S\inst[1].exe (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YZ0UEEB3\fda[1].exe (Trojan.Zbot) -> Quarantined and deleted successfully.
D:\Arbeit\dings\porrasturvat\msvcp60.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
D:\Cryptload\ocr\netload.in\asmCaptcha\test.exe (Malware.Packer) -> Quarantined and deleted successfully.
D:\Cryptload\ocr\rapidshare.com\asmCaptcha\test.exe (Malware.Packer) -> Quarantined and deleted successfully.
D:\Programme\Adobe Illustrator CS4\Patch.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Programme\Adobe Illustrator CS4\Adobe Illustrator CS4\Patch.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Windows\System32\khfFWqnn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Public\Documents\Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully.
Hier das OTL.txt-Logfile: Code:
OTL logfile created on: 28.11.2010 17:05:14 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\***\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 34,00 Gb Total Space | 0,87 Gb Free Space | 2,55% Space Free | Partition Type: NTFS
Drive D: | 198,88 Gb Total Space | 9,30 Gb Free Space | 4,67% Space Free | Partition Type: NTFS
Computer Name: DIAGNOSE | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - D:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - D:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
PRC - C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
PRC - C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo)
PRC - C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo)
PRC - C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo)
PRC - D:\Programme\a-squared Free\a2service.exe (Emsi Software GmbH)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - D:\Programme\1&1\FritzBox Starter\IGDCTRL.EXE (AVM Berlin)
PRC - D:\Programme\ObjectDock\ObjectDock.exe (Stardock)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - D:\Programme\ObjectDock\DockShellHook.dll ()
========== Win32 Services (SafeList) ==========
SRV - (AntiVirSchedulerService) -- D:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (AcSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo)
SRV - (AcPrfMgrSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (a2free) -- D:\Programme\a-squared Free\a2service.exe (Emsi Software GmbH)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (vvdsvc) -- C:\Windows\System32\Nagasoft\vjocx.dll (NanJing Nagasoft Co, LTD.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (EPGService) -- D:\Programme\WinTV\EPG Services\System\EPGService.exe (Hauppauge Computer Works)
SRV - (CacheBoost Service) -- C:\Programme\Systweak\Systweak CacheBoost\cbSrv.exe (Systweak Inc)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (CVPND) -- D:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (IGDCTRL) -- D:\Programme\1&1\FritzBox Starter\IGDCTRL.EXE (AVM Berlin)
SRV - (AcronisOSSReinstallSvc) -- C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe ()
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (DS1410D) -- C:\Windows\System32\drivers\ds1410d.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (snapman) -- C:\Windows\system32\DRIVERS\snapman.sys (Acronis)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (USB28xxOEM) -- C:\Windows\System32\drivers\emOEM.sys (Hauppauge Computer Works, Inc.)
DRV - (USB28xxBGA) -- C:\Windows\System32\drivers\emBDA.sys (eMPIA Technology, Inc.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (lenovo.smi) -- C:\Windows\System32\drivers\smiif32.sys (Lenovo Group Limited)
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (CrystalSysInfo) -- D:\Programme\MediaCoder\SysInfo.sys ()
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (RDID1021) -- C:\Windows\System32\drivers\Rdwm1021.sys (Roland Corporation)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (Hardlock) -- C:\Windows\System32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (Sentinel) -- C:\Windows\System32\Drivers\SENTINEL.SYS (Rainbow Technologies, Inc.)
DRV - (Sntnlusb) -- C:\Windows\System32\drivers\SNTNLUSB.SYS (Rainbow Technologies Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B1 4D EB 27 A1 7E CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {46868735-c3fa-47ce-8ce7-cce51a66aceb}:1.2
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: firebug@tools.sitepoint.com:1.5.2
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {c9c58820-7bd4-11da-a72b-0800200c9a66}:3.20100306
FF - prefs.js..network.proxy.backup.ftp: "213.164.26.4"
FF - prefs.js..network.proxy.backup.ftp_port: 2301
FF - prefs.js..network.proxy.backup.gopher: "213.164.26.4"
FF - prefs.js..network.proxy.backup.gopher_port: 2301
FF - prefs.js..network.proxy.backup.socks: "213.164.26.4"
FF - prefs.js..network.proxy.backup.socks_port: 2301
FF - prefs.js..network.proxy.backup.ssl: "213.164.26.4"
FF - prefs.js..network.proxy.backup.ssl_port: 2301
FF - prefs.js..network.proxy.ftp: "81.189.215.181"
FF - prefs.js..network.proxy.ftp_port: 2301
FF - prefs.js..network.proxy.gopher: "81.189.215.181"
FF - prefs.js..network.proxy.gopher_port: 2301
FF - prefs.js..network.proxy.http: "81.189.215.181"
FF - prefs.js..network.proxy.http_port: 2301
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "81.189.215.181"
FF - prefs.js..network.proxy.socks_port: 2301
FF - prefs.js..network.proxy.ssl: "81.189.215.181"
FF - prefs.js..network.proxy.ssl_port: 2301
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.22 11:52:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: D:\Programme\Mozilla Firefox\components [2010.10.28 20:53:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2010.11.16 19:13:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.22 11:52:15 | 000,000,000 | ---D | M]
[2010.01.18 15:14:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.01.18 15:14:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions\MediaCoder
[2010.11.26 12:32:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions
[2010.04.27 16:48:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.02.18 10:50:01 | 000,000,000 | ---D | M] (oldbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}
[2010.05.11 13:53:35 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010.03.12 16:07:21 | 000,000,000 | ---D | M] (iPox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}
[2010.11.03 14:14:45 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.05.11 13:53:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\firebug@software.joehewitt.com
[2010.05.11 13:53:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\firebug@tools.sitepoint.com
[2009.11.11 11:01:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\firefox@tvunetworks.com
[2009.08.06 19:02:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\moveplayer@movenetworks.com
[2010.09.12 20:46:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\personas@christopher.beard
[2009.05.17 21:50:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\tcastv1@tom.com
[2009.11.04 18:13:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\vd@bbmao.com
[2010.08.17 20:51:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\vshare@toolbar
[2010.03.12 16:07:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}\chrome\mozapps\extensions
[2010.03.12 16:07:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\vestyvnd.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}\chrome\mozapps\extensions\CVS
O1 HOSTS File: ([2010.06.22 14:08:12 | 000,001,436 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 hh-software.com
O1 - Hosts: 127.0.0.1 H+H Software GmbH
O1 - Hosts: 127.0.0.1 im.adtech.de
O1 - Hosts: 127.0.0.1 adserver.adtech.de
O1 - Hosts: 127.0.0.1 adtech.de
O1 - Hosts: 127.0.0.1 ar.atwola.com
O1 - Hosts: 127.0.0.1 atwola.com
O1 - Hosts: 127.0.0.1 adserver.71i.de
O1 - Hosts: 127.0.0.1 adicqserver.71i.de
O1 - Hosts: 1 more lines...
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - D:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
O4 - HKLM..\Run: [ACWlIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [] File not found
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = D:\Programme\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - D:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\Windows\System32\acaptuser32.dll (Adobe Systems Incorporated)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{613d21a1-02a6-11de-ba8b-001fe2e23266}\Shell - "" = AutoRun
O33 - MountPoints2\{613d21a1-02a6-11de-ba8b-001fe2e23266}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{613d21a2-02a6-11de-ba8b-001fe2e23266}\Shell - "" = AutoRun
O33 - MountPoints2\{613d21a2-02a6-11de-ba8b-001fe2e23266}\Shell\AutoRun\command - "" = G:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{8f88a3f8-0407-11de-8111-001fe2e23266}\Shell - "" = AutoRun
O33 - MountPoints2\{8f88a3f8-0407-11de-8111-001fe2e23266}\Shell\AutoRun\command - "" = I:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{8f88a3fa-0407-11de-8111-001fe2e23266}\Shell - "" = AutoRun
O33 - MountPoints2\{8f88a3fa-0407-11de-8111-001fe2e23266}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{a8b84a23-1348-11de-a8fb-adcbd387fd4c}\Shell - "" = AutoRun
O33 - MountPoints2\{a8b84a23-1348-11de-a8fb-adcbd387fd4c}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{a8b84a24-1348-11de-a8fb-adcbd387fd4c}\Shell - "" = AutoRun
O33 - MountPoints2\{a8b84a24-1348-11de-a8fb-adcbd387fd4c}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{ca50e583-de9f-11dd-9b52-001fe2e23266}\Shell - "" = AutoRun
O33 - MountPoints2\{ca50e583-de9f-11dd-9b52-001fe2e23266}\Shell\AutoRun\command - "" = G:\StartVMCLite.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\StartVMCLite.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.11.28 15:05:28 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.11.28 14:41:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.11.28 14:41:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.28 14:41:49 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.28 14:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.28 14:39:37 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\***\Desktop\mbam-setup.exe
[2010.11.27 00:52:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Utyhte
[2010.11.27 00:52:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Gigeed
[2010.11.27 00:52:49 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\Server
[2010.11.25 21:40:33 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\James Blunt - Some Kind Of Trouble
[2010.11.23 16:10:09 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\eishockey
[2010.11.16 19:13:54 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll
[2010.11.10 17:05:15 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010.11.10 17:05:15 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010.11.10 17:05:14 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010.11.10 17:05:14 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010.11.10 17:05:14 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010.11.10 17:05:14 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010.11.10 17:05:14 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010.11.10 17:05:14 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010.11.10 17:05:14 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010.11.10 17:05:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.11.10 17:05:14 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010.11.10 17:05:13 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010.11.10 10:46:45 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\handy save
[2010.11.05 12:06:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
[2010.11.03 14:25:18 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\pelz
[2009.05.06 16:29:09 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\***\AppData\Roaming\pcouffin.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\***\Desktop\*.tmp files -> C:\Users\***\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.11.28 16:59:48 | 000,678,092 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.28 16:59:48 | 000,637,304 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.28 16:59:48 | 000,147,050 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.28 16:59:48 | 000,120,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.28 16:53:30 | 000,196,455 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.11.28 16:53:30 | 000,196,455 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.11.28 16:52:49 | 000,064,280 | ---- | M] () -- C:\Users\Public\Documents\AccConnAdvanced.dat
[2010.11.28 16:52:49 | 000,056,600 | ---- | M] () -- C:\Users\Public\Documents\ACGinaWinlogon.dat
[2010.11.28 16:52:49 | 000,016,336 | ---- | M] () -- C:\Users\Public\Documents\AcIpConfig.dat
[2010.11.28 16:52:12 | 008,405,015 | ---- | M] () -- C:\Windows\TempFile
[2010.11.28 16:52:09 | 000,004,176 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.28 16:52:09 | 000,004,176 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.28 16:52:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.28 16:50:46 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.11.28 15:05:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.11.28 14:39:37 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\***\Desktop\mbam-setup.exe
[2010.11.28 14:38:00 | 000,364,032 | ---- | M] () -- C:\Users\***\Desktop\rkill.com
[2010.11.26 23:41:49 | 000,330,557 | ---- | M] () -- C:\Users\***\Desktop\desktop.jpg
[2010.11.26 22:29:20 | 000,055,081 | ---- | M] () -- C:\Users\***\Desktop\Unbenannt3.jpg
[2010.11.26 21:27:27 | 000,036,954 | ---- | M] () -- C:\Users\***\Desktop\jk.jpg
[2010.11.26 21:10:00 | 000,650,272 | ---- | M] () -- C:\Users\***\Desktop\zimmer2.jpg
[2010.11.26 20:58:29 | 000,679,419 | ---- | M] () -- C:\Users\***\Desktop\wohnzimmer2.jpg
[2010.11.26 20:57:38 | 000,743,782 | ---- | M] () -- C:\Users\***\Desktop\wohnzimmer1.jpg
[2010.11.26 20:56:32 | 000,719,318 | ---- | M] () -- C:\Users\***\Desktop\zimmer.jpg
[2010.11.26 19:09:14 | 000,217,773 | ---- | M] () -- C:\Users\***\Desktop\Bildschirmfoto 2010-11-26 um 19.08.48.png
[2010.11.26 19:06:39 | 000,171,875 | ---- | M] () -- C:\Users\***\Desktop\Unbenannt2.png
[2010.11.26 15:59:44 | 000,045,398 | ---- | M] () -- C:\Users\***\Desktop\Nebentätigkeit-Lehrmess.pdf
[2010.11.26 13:50:00 | 000,150,016 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.25 20:09:29 | 000,894,448 | ---- | M] () -- C:\Users\***\Desktop\rennsteig.jpg
[2010.11.25 13:04:56 | 012,850,170 | ---- | M] () -- C:\Users\***\Desktop\pes.2011.gameplay.patch.by.komu-1.07.rar
[2010.11.25 12:33:58 | 000,021,639 | ---- | M] () -- C:\Users\***\Desktop\ziehung.png
[2010.11.23 18:59:44 | 019,224,630 | ---- | M] () -- C:\Users\***\Desktop\Saxtrack - Reboot Twisted Fist Remix.mp3
[2010.11.22 23:29:19 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.11.17 13:16:34 | 000,119,541 | ---- | M] () -- C:\Users\***\AppData\Roaming\NMM-MetaData.db
[2010.11.16 14:45:46 | 000,174,527 | ---- | M] () -- C:\Users\***\Desktop\Foto0101.jpg
[2010.11.15 19:31:55 | 000,035,891 | ---- | M] () -- C:\Users\***\Desktop\homer.jpg
[2010.11.14 13:22:48 | 000,031,300 | ---- | M] () -- C:\Users\***\Desktop\Unbenannt.png
[2010.11.14 13:20:36 | 000,140,776 | ---- | M] () -- C:\Users\***\Desktop\RyanairBoardingPass.pdf
[2010.11.13 14:04:36 | 000,008,958 | ---- | M] () -- C:\Users\***\Desktop\whatevery.gif
[2010.11.12 20:00:32 | 000,097,197 | ---- | M] () -- C:\Users\***\Desktop\Foto0111.jpg
[2010.11.10 22:23:25 | 000,077,206 | ---- | M] () -- C:\Users\***\Desktop\Foto0103klein.jpg
[2010.11.09 19:14:40 | 000,077,230 | ---- | M] () -- C:\Users\***\Desktop\Foto0103.jpg
[2010.11.08 12:08:42 | 000,214,291 | ---- | M] () -- C:\Users\***\Desktop\Petersberg Konzeption.pdf
[2010.11.04 23:28:41 | 000,069,236 | ---- | M] () -- C:\Users\***\Desktop\buchung norwegen.pdf
[2010.11.03 10:52:42 | 000,062,422 | ---- | M] () -- C:\Users\***\Desktop\aufstellung.png
[2010.11.02 12:41:41 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.11.02 12:35:33 | 003,938,368 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.11.01 15:00:00 | 000,000,132 | ---- | M] () -- C:\Users\***\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\***\Desktop\*.tmp files -> C:\Users\***\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.11.28 14:37:55 | 000,364,032 | ---- | C] () -- C:\Users\***\Desktop\rkill.com
[2010.11.28 14:19:26 | 000,056,600 | ---- | C] () -- C:\Users\Public\Documents\ACGinaWinlogon.dat
[2010.11.28 14:19:25 | 000,064,280 | ---- | C] () -- C:\Users\Public\Documents\AccConnAdvanced.dat
[2010.11.26 23:41:46 | 000,330,557 | ---- | C] () -- C:\Users\***\Desktop\desktop.jpg
[2010.11.26 22:29:20 | 000,055,081 | ---- | C] () -- C:\Users\***\Desktop\Unbenannt3.jpg
[2010.11.26 21:27:27 | 000,036,954 | ---- | C] () -- C:\Users\***\Desktop\jk.jpg
[2010.11.26 21:09:58 | 000,650,272 | ---- | C] () -- C:\Users\***\Desktop\zimmer2.jpg
[2010.11.26 20:58:27 | 000,679,419 | ---- | C] () -- C:\Users\***\Desktop\wohnzimmer2.jpg
[2010.11.26 20:57:37 | 000,743,782 | ---- | C] () -- C:\Users\***\Desktop\wohnzimmer1.jpg
[2010.11.26 20:56:30 | 000,719,318 | ---- | C] () -- C:\Users\***\Desktop\zimmer.jpg
[2010.11.26 19:09:01 | 000,217,773 | ---- | C] () -- C:\Users\***\Desktop\Bildschirmfoto 2010-11-26 um 19.08.48.png
[2010.11.26 19:06:38 | 000,171,875 | ---- | C] () -- C:\Users\***\Desktop\Unbenannt2.png
[2010.11.26 15:59:43 | 000,045,398 | ---- | C] () -- C:\Users\***\Desktop\Nebentätigkeit-Lehrmess.pdf
[2010.11.25 20:09:27 | 000,894,448 | ---- | C] () -- C:\Users\***\Desktop\rennsteig.jpg
[2010.11.25 13:04:37 | 012,850,170 | ---- | C] () -- C:\Users\***\Desktop\pes.2011.gameplay.patch.by.komu-1.07.rar
[2010.11.25 12:33:58 | 000,021,639 | ---- | C] () -- C:\Users\***\Desktop\ziehung.png
[2010.11.23 18:58:26 | 019,224,630 | ---- | C] () -- C:\Users\***\Desktop\Saxtrack - Reboot Twisted Fist Remix.mp3
[2010.11.15 19:31:52 | 000,035,891 | ---- | C] () -- C:\Users\***\Desktop\homer.jpg
[2010.11.14 13:22:48 | 000,031,300 | ---- | C] () -- C:\Users\***\Desktop\Unbenannt.png
[2010.11.14 13:20:35 | 000,140,776 | ---- | C] () -- C:\Users\***\Desktop\RyanairBoardingPass.pdf
[2010.11.13 14:02:05 | 000,008,958 | ---- | C] () -- C:\Users\***\Desktop\whatevery.gif
[2010.11.12 20:00:00 | 000,097,197 | ---- | C] () -- C:\Users\***\Desktop\Foto0111.jpg
[2010.11.10 22:23:20 | 000,077,206 | ---- | C] () -- C:\Users\***\Desktop\Foto0103klein.jpg
[2010.11.09 18:54:34 | 000,077,230 | ---- | C] () -- C:\Users\***\Desktop\Foto0103.jpg
[2010.11.09 18:54:13 | 000,174,527 | ---- | C] () -- C:\Users\***\Desktop\Foto0101.jpg
[2010.11.08 12:08:43 | 000,214,291 | ---- | C] () -- C:\Users\***\Desktop\Petersberg Konzeption.pdf
[2010.11.04 23:28:41 | 000,069,236 | ---- | C] () -- C:\Users\***\Desktop\buchung norwegen.pdf
[2010.11.03 10:52:42 | 000,062,422 | ---- | C] () -- C:\Users\***\Desktop\aufstellung.png
[2010.08.05 22:08:51 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010.06.12 21:37:41 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2010.06.06 21:35:06 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\chrtmp
[2010.03.09 19:14:05 | 000,017,408 | ---- | C] () -- C:\Users\***\AppData\Local\WebpageIcons.db
[2009.12.09 15:30:02 | 000,196,455 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.12.09 15:29:59 | 000,196,455 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.12.09 13:13:42 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2009.11.02 19:51:07 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\downloads.m3u
[2009.06.14 23:36:30 | 000,000,029 | ---- | C] () -- C:\Users\***\AppData\Roaming\default.rss
[2009.06.12 17:08:20 | 000,119,541 | ---- | C] () -- C:\Users\***\AppData\Roaming\NMM-MetaData.db
[2009.05.26 11:56:44 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.06 20:12:17 | 000,000,399 | ---- | C] () -- C:\Windows\vtplus32.ini
[2009.05.06 20:12:14 | 000,000,030 | ---- | C] () -- C:\Windows\System32\UNWISE.INI
[2009.05.06 20:11:35 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll
[2009.05.06 20:11:07 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009.05.06 20:11:07 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.05.06 20:11:06 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll
[2009.05.06 20:10:01 | 000,002,216 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2009.05.06 16:29:22 | 000,000,034 | ---- | C] () -- C:\Users\***\AppData\Roaming\pcouffin.log
[2009.05.06 16:29:09 | 000,087,608 | ---- | C] () -- C:\Users\***\AppData\Roaming\inst.exe
[2009.05.06 16:29:09 | 000,007,887 | ---- | C] () -- C:\Users\***\AppData\Roaming\pcouffin.cat
[2009.05.06 16:29:09 | 000,001,144 | ---- | C] () -- C:\Users\***\AppData\Roaming\pcouffin.inf
[2009.04.29 12:23:10 | 000,007,366 | ---- | C] () -- C:\Users\***\AppData\Roaming\PStrip.bko
[2009.04.29 12:02:59 | 000,009,361 | ---- | C] () -- C:\Users\***\AppData\Roaming\PStrip.bk!
[2009.04.29 12:02:57 | 000,009,338 | ---- | C] () -- C:\Users\***\AppData\Roaming\PStrip.bak
[2009.04.29 12:00:57 | 000,009,361 | ---- | C] () -- C:\Users\***\AppData\Roaming\PStrip.ini
[2009.04.29 11:56:02 | 000,000,064 | ---- | C] () -- C:\Windows\wininit.ini
[2009.04.17 15:01:05 | 000,012,800 | ---- | C] () -- C:\Windows\System32\RdCi1021.dll
[2009.04.02 22:16:01 | 000,000,095 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2009.03.19 18:44:03 | 000,001,044 | ---- | C] () -- C:\Users\***\AppData\Roaming\vso_ts_preview.xml
[2009.03.05 16:53:54 | 001,456,640 | ---- | C] () -- C:\Programme\Common Files\Falk Navi-Manager.msi
[2009.02.23 14:57:16 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009.02.23 14:57:16 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009.02.18 13:30:29 | 000,150,016 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.09 14:47:32 | 000,000,818 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008.11.30 16:46:49 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.11.26 20:24:03 | 000,000,395 | ---- | C] () -- C:\Windows\BeatBox.INI
[2008.11.26 19:06:06 | 000,000,028 | ---- | C] () -- C:\Windows\Robota.INI
[2008.11.26 19:04:59 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2008.11.26 19:04:25 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2008.11.26 19:02:38 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.11.07 18:40:25 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008.11.07 18:39:55 | 000,000,301 | ---- | C] () -- C:\Windows\game.ini
[2008.11.04 12:55:55 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2008.11.04 12:55:55 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2008.10.21 12:15:27 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.10.20 17:28:40 | 000,033,117 | ---- | C] () -- C:\Windows\Irremote.ini
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.06.12 20:36:38 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008.04.12 07:41:20 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.04.12 07:30:20 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.01.18 08:33:29 | 000,003,584 | ---- | C] () -- C:\Windows\System32\wceprv.dll
[2007.10.26 13:28:18 | 000,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2007.03.29 22:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.05.06 18:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2002.10.06 19:42:57 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2002.10.05 00:04:25 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2002.10.05 00:04:24 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2002.10.05 00:04:17 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:6CC69D3C
< End of report >
Und das Extras.txt-Logfile: Code:
OTL Extras logfile created on: 28.11.2010 17:05:14 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\***\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 34,00 Gb Total Space | 0,87 Gb Free Space | 2,55% Space Free | Partition Type: NTFS
Drive D: | 198,88 Gb Total Space | 9,30 Gb Free Space | 4,67% Space Free | Partition Type: NTFS
Computer Name: DIAGNOSE | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [ID3-TagIT] -- "D:\Programme\ID3-TagIT 3\ID3-TagIT.exe" "/P=%1" ( )
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2291405412-476702637-1940178958-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2291405412-476702637-1940178958-1004]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1323DEB6-573B-4437-AB96-63245BAF7CAF}" = lport=445 | protocol=6 | dir=in | app=system |
"{1DC1D2F9-D3E1-4C7C-AE2C-E9EE429C14C4}" = lport=139 | protocol=6 | dir=in | app=system |
"{515E0F9E-986B-47B5-87D1-0655F85919ED}" = lport=137 | protocol=17 | dir=in | app=system |
"{595D04EE-F8C3-4D63-B9C8-3CEADFEC55D5}" = lport=6004 | protocol=17 | dir=in | app=d:\programme\microsoft office\office12\outlook.exe |
"{6CE22A5C-AA53-4E75-8B72-ED0EC217B357}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{780269C3-B657-445F-9263-DBC346A2D756}" = lport=138 | protocol=17 | dir=in | app=system |
"{78EFFE20-B024-46BC-91E9-DE6F3BBC6EE9}" = rport=138 | protocol=17 | dir=out | app=system |
"{8A26755D-D5DD-4952-981D-22566D356565}" = rport=139 | protocol=6 | dir=out | app=system |
"{A45F1B3D-4A9D-4A11-B0F2-2B6747CF6D34}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AD28C03C-0CE3-476F-BFC1-4BBD1F5BF1FE}" = rport=137 | protocol=17 | dir=out | app=system |
"{E4A20AFA-6BC9-4CE1-A1B5-F5818B7C02AE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EA6E5729-FFE3-45EC-B4A7-66AF6D41A411}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00EF593B-F546-4CF7-B744-AFBEF9EB20EA}" = protocol=6 | dir=in | app=d:\programme\1&1\fritzdsl.exe |
"{040578B0-838C-4D72-B0F1-51F98D603092}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{04C11F42-5E3F-4E2C-81FE-8AE749E3D5A2}" = protocol=6 | dir=in | app=d:\programme\icq7.2\aolload.exe |
"{067BD6FF-8BA3-4794-B860-6537F5D6BB67}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{072DB738-063F-40D6-9C83-B2D24F2BC13A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{07508E3E-1BA9-47C3-9CE3-F57B9CA5EF63}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0952E550-704B-4CF0-BAB4-DCA5DB1FF82E}" = protocol=17 | dir=in | app=d:\programme\icq7.2\aolload.exe |
"{09A57F1F-3D27-489E-9609-B0B5A7E8A6FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0AD10065-6703-4262-BDF2-7A65B0AA9FF5}" = protocol=6 | dir=in | app=d:\programme\1&1\fritzbox starter\igdctrl.exe |
"{0B15BF63-C844-4266-87C5-E7EE11163014}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C1AA340-7A7A-449D-9401-2BE205D12FF8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C8CDD4D-245C-46CF-A1F9-BD9BA9B1D54A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{116C7768-33CF-4D65-AE99-4EDFC7732010}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{127481C8-68EC-4991-B283-6298ADD5BAB1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{138E7963-DDA2-42DF-AAE4-9E2590BDC1A0}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{14504357-0997-42BE-BE50-27EB641CCE52}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{148626E4-F82B-4FF6-BC4D-0FBA2BCD24A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14F41B4F-AD50-42B4-9400-D2771EC15A9D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{173F1DD1-00C5-44F2-8F1A-9809962C1C3F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{17BCAA10-5C70-4969-99EA-03788F3F3107}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1997FABB-0685-41FC-A095-A58BC8FFF5BD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{19AFE54D-AA7F-42B2-A5F6-D480A9065D1A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1A88DCDB-0F39-4A56-911A-E4B1F7873C5E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1B63F822-424D-4D87-A9A0-19E066D19490}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1C04AD43-A17C-451A-8BE5-39C38EFC7621}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1C539FAE-214C-4EB0-9CEB-0006B0C12C17}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1D303B8A-6FD0-40FE-968A-091ABE541E15}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1F5D2EF5-DACB-43DC-BC97-371D274CA7AE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1FC4A735-0EFC-47A7-8911-71E26A6546ED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2002AC83-A20B-4750-BD9D-B626337DBA1F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{20439282-4E0F-42D4-B598-5A682ED89CB2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{205E5D24-F3F0-4339-BB6F-6743F691BBE4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{20C06C62-D287-4338-93FE-4751165C4E45}" = protocol=17 | dir=in | app=d:\spiele\counter-strike source\cstrike.exe |
"{23E481D6-D7F2-4D9C-8408-16724841F43A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24FD9279-1CB5-41E0-8980-A940BC40067D}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{2877089F-C537-4621-8E75-4AD5236302E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{28D85EA7-3E77-4849-8005-31399F3BCDC3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{28EAE796-0F40-48BA-9795-4B3515533162}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2973899F-EF06-43E4-A365-433C8FA15E33}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B19CF1B-7A0C-48C5-8CDE-8915382F62C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B2A4065-7395-4242-85AC-0FAB7E5322EE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BCF0331-0F59-4F15-91BC-3AB6EBE2414E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BF874CB-81DD-421F-9083-D9D4F88D3D9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{316303BD-39D6-49C3-A575-1F4CF14E8263}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{32C1C581-BA86-462F-9EE0-029CBFB56019}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{349EA6D7-AB2C-4BCD-967D-A0137427AD76}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{364A88A4-F9F2-414A-927C-F34B317F08D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3756E044-8DCB-4F54-9AA9-197E7972DD20}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C09D00C-9414-4459-852D-9AE996C2E778}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3F38915E-9A94-40D5-B150-AF57E629FDA6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3F903C0D-67DF-486A-807D-6CFC06EFACCF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3F9D1AA1-0BAC-4C84-B740-DD407BFE60A2}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{3FC00382-424C-4BF0-9BDF-83FAD8237E04}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3FE937E2-30A3-4243-B9BB-51CB9C0A1544}" = protocol=17 | dir=in | app=d:\programme\utorrent\utorrent.exe |
"{4114E90A-1339-4A18-A875-8CD7741A6985}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{419FF65D-8E34-4007-9A05-E87F3D27A972}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{41FB183F-C105-4930-AB99-F29D94CCF25F}" = protocol=6 | dir=in | app=d:\programme\icq7.2\aolload.exe |
"{42CDD3AB-0B64-4AC4-9354-B520580F35EF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{49308F5B-06A6-43CD-A1F1-8902683FCB47}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{496739B0-6A1F-4836-AFAE-D9A8F5CA8599}" = protocol=17 | dir=in | app=d:\programme\icq7.2\aolload.exe |
"{49AC418E-613B-4267-9ABA-3B858B088DC4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4A13A920-3C29-42E0-92EB-9FAFAA104E25}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4A75094D-AEB4-433C-92A3-2C12D4717F9E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4B2101DB-0CFA-4B9A-9CC4-ECC219074F47}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4BEA3685-EFC8-43C4-855B-3CC5285F0D7A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4E19DF31-A717-4AD6-A638-4EC74BB5B820}" = protocol=6 | dir=in | app=d:\programme\bittorrent\bittorrent.exe |
"{4EF09980-A8F8-43C2-A382-152B85E29AF1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{509EFA52-4654-47FE-9DD9-62C7ED870BE0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{510C101E-7960-473E-90FD-CC114CFD110F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{522A55FF-068C-43E8-B59C-A1644CA9049B}" = protocol=6 | dir=in | app=d:\programme\1&1\fritzbox starter\webwaigd.exe |
"{55281773-2CEE-4537-93B0-6F2FD0244031}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{55C769AA-6BEA-401A-A349-15D103B793AF}" = protocol=6 | dir=in | app=c:\programme\bittorrent\bittorrent.exe |
"{55DBE77F-2236-4553-A36D-493F3E11610C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57FAB1CD-3B52-4586-88AA-C3A307956C40}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{58971BBD-DCDB-41F4-854D-CD65FABE17BF}" = protocol=6 | dir=in | app=d:\programme\icq7.2\aolload.exe |
"{58FA7FA1-5AA8-41FE-BF59-FA4ACBC79840}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{59448382-C223-4B85-8331-08822AA70301}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{594C5D3D-8195-4657-9FAD-1F3DA396701E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A39C1B9-B894-421B-9C4B-2AE3C030762D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B5D248B-B84D-4C3E-B068-4D76AB383219}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5C559215-922E-4C28-BC88-F98ADF1A050C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5CBAAF4A-B576-4D68-AC5C-65286547ADD4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5CFFE957-FDA7-4473-9343-FAB05BEBAC31}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5D19DFD4-9F5E-49FE-AB4D-06066A981E36}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5F7C0DF3-70B5-4EC2-A20B-E6B5150A9A26}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{605704FD-0149-4A3E-855B-8A4D6F20A448}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{607A37AB-E286-4EC7-8F1C-538D98B170D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{638F5E09-B2FC-4ED2-8828-75ABAF8B4116}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{664763FB-DDA3-4108-9514-29B979813E7B}" = protocol=17 | dir=in | app=d:\programme\1&1\fritzdsl.exe |
"{68C715DF-4EF0-4DD1-B7DB-E5215678C8BA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6A58D998-3B94-482E-B29F-DFD3FD2D1C6C}" = protocol=6 | dir=in | app=d:\programme\1&1\fritzbox starter\fboxupd.exe |
"{6B324A70-7BF9-4E5E-AE4D-93D404C9585A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6ECF4F52-81F3-423B-A1A9-4E0F0CCC6570}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6FF67B02-A77D-4F00-938A-82334C9AD3EA}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{7185E990-3A0A-4423-B080-008D54FA25C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{72629EEA-961C-4E84-B3E1-309E355DB0A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{74659F07-2ED9-4EEE-84C4-AF50D73CB1AC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{76A0359E-C7C1-4B9D-BB6F-CC46EACAAD3B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{76BD4628-8FD7-48F6-A340-F675C47B9E0D}" = protocol=6 | dir=in | app=d:\programme\filezilla\filezilla.exe |
"{7713E16D-F990-42D9-B03E-BD04EAD48E01}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77A3C293-4B4A-4F41-9054-6D4F21DC363A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78DFF025-0C3D-478D-B2AA-58FFF1E5234D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78F276DF-B868-40DB-B948-61E3F87EACAA}" = protocol=17 | dir=in | app=d:\programme\autodesk\backburner\manager.exe |
"{7952FCA1-9244-4DDE-A91F-25922E0D9BC2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7CA348FF-EB49-475F-9F40-6111D6238F33}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D2A0A77-478B-4F0C-B7E0-5946DC4C6814}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D9D6F91-4576-493D-A715-FF71FC739DA2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7E23EAD3-6DC4-482E-8643-E4E66FE02E4E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{825DD84F-606C-4A7D-B746-EE2CB88AA031}" = protocol=6 | dir=in | app=d:\programme\1&1\stcenter.exe |
"{855EB251-72A8-46EE-950D-8F5FC6E832A5}" = protocol=17 | dir=in | app=d:\programme\1&1\fritzbox starter\fboxupd.exe |
"{864C3650-DDB2-4EB7-BE92-737EAC2B4B38}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8959F137-4AF1-4503-A454-9ACCB07E11A6}" = protocol=17 | dir=in | app=d:\programme\1&1\fritzbox starter\webwaigd.exe |
"{89753263-0157-49CD-B9BC-6AEE806AB451}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{89D976FD-B34F-456F-A3E9-E89CF1A7A0F1}" = protocol=6 | dir=in | app=d:\programme\utorrent\utorrent.exe |
"{8B9923D0-C8F5-48B5-948F-5A3265CC2250}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C3B1F01-4DE9-4FBD-9740-E52C4919C83F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8FBBA0DB-9F46-4AF7-A738-67A0226F1997}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90A689EB-8DF8-4F22-9DCB-F45198CA9812}" = protocol=17 | dir=in | app=d:\programme\bittorrent\bittorrent.exe |
"{93C4D56E-2987-44FC-A8E8-EA14E29B511B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98A90B37-4D54-42B0-A6B2-A0D3E2740791}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{99D34560-B0AA-4CE9-B38D-E1DFC46D48CF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B92D41C-1BF4-485F-8125-09DC5E957B3E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9C21C7DC-1C54-47ED-848B-DC2E748409BE}" = protocol=17 | dir=in | app=d:\programme\filezilla\filezilla.exe |
"{9C438960-62AD-49EC-818E-5C5FCD64B5FB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9CEC1B7F-4383-4B0D-ACDA-CE94FF9FC46A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9D4407DD-A700-43B5-813B-D8D2ACABF541}" = protocol=17 | dir=in | app=c:\programme\bittorrent\bittorrent.exe |
"{9E50F697-026F-453E-B4C2-4F7026A8664A}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{9E528AD2-9156-4489-81AE-AAD84E808410}" = protocol=6 | dir=in | app=d:\programme\autodesk\backburner\manager.exe |
"{9EB598E0-B65B-4759-A591-B52074421A1D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A0540A9B-8B45-42C8-89C7-53860CB2878F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A456F757-2CFE-446E-9A77-1F61DF4CC65B}" = protocol=17 | dir=in | app=d:\programme\1&1\fritzbox starter\igdctrl.exe |
"{A465EA1C-0989-4A19-BC66-EEC681A02477}" = protocol=6 | dir=in | app=d:\spiele\counter-strike source\srcds.exe |
"{A6D8E346-BE49-49A5-9743-CC63EBD5EF46}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{A6FB1FE6-4DAC-4BB2-87BF-C3CAC5C38205}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A710254A-FA53-42CD-B4D8-01AC7E283093}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A734E395-1996-4363-9F29-AD58E0C10F24}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA872664-A634-4689-9B22-6408F45EB446}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AAC376E4-8537-4957-AFF5-3A575765B337}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB1BF075-2C9D-491F-A60C-4285C431212C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB4DC42C-F9F1-449B-BAFA-4FB586F1A8D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AED6CED3-36FD-48DB-8163-615B36C9DEB4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B07962ED-FADA-4B09-AE07-70A0064E4858}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{B1F9981E-25AB-4B69-9DCC-9ABD9C2ADC2D}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\zero gear\zerogear.bat |
"{B229A339-DAE2-4169-A62E-CDE69A706817}" = protocol=17 | dir=in | app=d:\programme\icq7.2\icq.exe |
"{B3375DA3-B7FA-4FB7-B173-A320453BBA69}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B687D59F-B432-4C15-B83A-C4C7FA2F6819}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B8B29AE3-5C60-44CE-A71C-F71874485919}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B947CC28-579E-4A7A-80E6-AC0E588AB4A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC043D1D-8693-4159-B27D-DDD68B1C9A17}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC0C45B3-ED55-4ED3-A291-0831ABAC4093}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD0719E5-B16C-4797-BE9A-7987161CB1E5}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{BD198D19-DB78-4647-827E-4C4BCD59A5CA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD228B77-FFC4-4890-8C33-4FDBD44B040A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD74EEB2-38E4-4A2A-A520-07961093DC7A}" = protocol=6 | dir=in | app=d:\programme\icq7.2\icq.exe |
"{BD98BF3B-2E52-4537-A3F1-F010EAE60F9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BECA72B0-EEDE-4DFB-BB9D-688ECA2AC3C6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C0639085-C41A-45DF-B1FB-97ACEEE790FC}" = protocol=17 | dir=in | app=d:\spiele\counter-strike source\hl2.exe |
"{C224A213-B1AB-4333-9617-12321A413241}" = protocol=17 | dir=in | app=d:\programme\icq7.2\aolload.exe |
"{C2A991BA-2F4A-426F-A2B7-AEDB1B15C06D}" = protocol=17 | dir=in | app=d:\programme\icq7.2\icq.exe |
"{C2D60313-C5DD-4F17-8966-94432CDC89FA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C30C77ED-B5C0-4BF2-84A8-B1ED65612A2A}" = protocol=17 | dir=in | app=d:\programme\microsoft office\office12\onenote.exe |
"{C3581C22-5479-43ED-9FEB-2CDEF03478D4}" = protocol=17 | dir=in | app=d:\programme\icq7.2\icq.exe |
"{C35D5A80-E88A-4F23-8CE0-A9D79A5CD5FD}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\zero gear\zerogear.bat |
"{C6731956-3381-477B-B1AF-4BCF0D9D593C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C732E0E8-12C5-4A39-9240-95D8373621ED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CAB4C3CB-9DE6-4AE1-97EE-BCE6372586C4}" = protocol=6 | dir=in | app=d:\programme\microsoft office\office12\onenote.exe |
"{CB3CD3A6-3F6D-40EB-9954-6893AFFD0499}" = protocol=17 | dir=in | app=d:\programme\1&1\stcenter.exe |
"{CBB4FF86-0DAE-4D1C-8F7C-F5C6D19FE4ED}" = protocol=6 | dir=in | app=d:\spiele\counter-strike source\cstrike.exe |
"{CE44D0A6-7786-4303-BEAF-766D588D53E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CE8A53E3-AF52-4982-A562-E8478613FD87}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CEA9FB2D-4EFC-4F03-B8E3-C48C6D61DF8F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CF3E49A4-60CB-4758-A9A4-C872B7DD40F4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D1DDB741-EFFC-4086-83A5-9222786F1A3C}" = protocol=17 | dir=in | app=d:\programme\autodesk\backburner\server.exe |
"{D55EC51A-6602-4B29-A5FB-A7713F1BAF73}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D61C4585-FED8-4A67-8083-90E333A05D16}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D89F279D-50EB-4738-83C8-9440BE04353C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DAB4F599-317E-4407-9EB2-25A3C50D38C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DABA43D0-5B34-4A24-BD16-28F87FF8EFCE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DDA12EC4-7D4A-40F0-A28B-1F4B7980E631}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DDEDA70D-8E1A-43E2-808A-0D27833EAC5C}" = protocol=6 | dir=in | app=d:\programme\autodesk\backburner\monitor.exe |
"{DE47C599-AB11-4D92-9216-03F122634DF3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DEB1D165-59D7-4F03-9742-25CA14EBBE7D}" = protocol=6 | dir=in | app=d:\programme\icq7.2\icq.exe |
"{DEB6EF50-8713-401D-AAC1-728DE22124EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DEEE278A-2CFC-4724-9F2C-EEA1A3ADA258}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E095BA93-5788-486F-A276-0C207C63A01C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E18D5FA4-EBAD-4ADC-A7EB-E1134CB065EC}" = protocol=17 | dir=in | app=d:\spiele\counter-strike source\srcds.exe |
"{E33EF6B2-4AF4-4C0F-8BDA-05A3180AA342}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E3F87EAD-E77E-4BFC-A3A0-6A1C2BB1DC54}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E418F4B8-CCDD-47C5-A154-0D87DAFD0EF8}" = protocol=6 | dir=in | app=c:\programme\bittorrent\bittorrent.exe |
"{E58D8153-B209-41A3-A011-0B2658633F29}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E6DBA6D7-1C6A-4961-AAEB-32834EEC944B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E7BDAE8A-E278-4C6E-BA2D-2467981093AE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E8201234-076F-415A-8F8C-B9BD45362AFA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EDE8AB35-A494-4901-8CB4-C1DBC5A2D2D4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EEF62E3E-ADCD-4094-9491-F3F012E19895}" = protocol=6 | dir=in | app=d:\programme\icq7.2\icq.exe |
"{F2143FDC-908A-46D4-A67E-FD24D6F2186D}" = protocol=17 | dir=in | app=d:\programme\autodesk\backburner\monitor.exe |
"{F2E43C57-4D79-44CD-B5C7-1E6428E8B156}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F437533F-3CDD-4315-AE14-44DEB68ADD1E}" = protocol=6 | dir=in | app=d:\programme\autodesk\backburner\server.exe |
"{F66F5577-3E91-4050-851F-F6F48839FED4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F7C71B22-6DAB-4635-8C59-C43962C5C2A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FA3C1E46-E50D-4C4F-B265-9FC4AD4B27BF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FAA165F3-9145-4824-B83A-93ED53B46D96}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FAF7B3CA-C645-4920-B2AB-720066E5B9E0}" = protocol=17 | dir=in | app=c:\programme\bittorrent\bittorrent.exe |
"{FB03256F-0852-4D22-A2FB-AD6D710E4D7E}" = protocol=6 | dir=in | app=d:\spiele\counter-strike source\hl2.exe |
"{FB4D9482-C36F-4FA0-A095-97176565D120}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FC160D3A-9AF5-4A3D-B1B9-B16316F678E1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FFDB3D1A-8074-41D6-87F9-A9787EE31308}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FFE751BD-8475-4BF4-BC3E-C1A4F98E2B78}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{062FDBED-1F26-4E4F-BB98-DE1BBA8E992B}D:\programme\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\programme\sopcast\sopcast.exe |
"TCP Query User{09D0BCD4-54F0-4EA8-8556-CC46856E7348}D:\programme\caplio software\rgatelxp.exe" = protocol=6 | dir=in | app=d:\programme\caplio software\rgatelxp.exe |
"TCP Query User{0A1E465C-6710-4066-895A-0C836AA510B5}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{11CD21A2-800E-4256-95E5-3C7960F472FE}D:\programme\icq6\icq.exe" = protocol=6 | dir=in | app=d:\programme\icq6\icq.exe |
"TCP Query User{11FEB703-B66F-407B-BF12-7D1BA4CC198E}D:\neu\games\delta force black hawk down\delta force black hawk down\update.exe" = protocol=6 | dir=in | app=d:\neu\games\delta force black hawk down\delta force black hawk down\update.exe |
"TCP Query User{1238918A-0992-417A-AD82-433F2D0CD9E4}D:\programme\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=d:\programme\mozilla firefox\firefox.exe |
"TCP Query User{1342F092-7125-4CD8-934D-58714EFC2FE4}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{1B3C3E4D-EA11-47B6-A3F6-8277148F6B24}D:\programme\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=d:\programme\bittorrent\bittorrent.exe |
"TCP Query User{1BB2A92C-0F15-484A-8739-D40F2E6F06B5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{1D7DC569-5E5B-461B-AB30-E4F77462B920}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{1ECA817C-4877-4801-B5D3-F2A6A17885D6}C:\users\***\desktop\eclipse-java-europa-winter-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\***\desktop\eclipse-java-europa-winter-win32\eclipse\eclipse.exe |
"TCP Query User{2491AB7F-2F0E-442F-88C6-4B7D7A7A662E}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{2AD8110B-34F0-41FC-90A4-C0853CC25E66}D:\programme\real player\realplay.exe" = protocol=6 | dir=in | app=d:\programme\real player\realplay.exe |
"TCP Query User{2C8B8978-AB46-4CD4-A43D-97AA905C408A}D:\programme\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\programme\sopcast\adv\sopadver.exe |
"TCP Query User{3330FF47-6837-487C-BC36-D27526E8C0D1}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{3CD84560-B694-4119-8C7F-2BA43F9994F1}D:\programme\trillian\trillian.exe" = protocol=6 | dir=in | app=d:\programme\trillian\trillian.exe |
"TCP Query User{3EA6CA37-B02B-4C5F-8365-752EBBC3203A}D:\programme\caplio software\rgatelxp.exe" = protocol=6 | dir=in | app=d:\programme\caplio software\rgatelxp.exe |
"TCP Query User{3F2F7F5F-853E-4E7E-BF84-43619B4E0F8B}D:\programme\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\programme\sopcast\adv\sopadver.exe |
"TCP Query User{40059AC5-94C4-444C-AB0E-B4031DF7C243}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{40BCD606-CAE1-4340-BEC4-7469F7F44DF1}C:\users\***\desktop\sc_serv.exe" = protocol=6 | dir=in | app=c:\users\***\desktop\sc_serv.exe |
"TCP Query User{4DDE9782-06AE-46D7-BF08-4BAED7EC79F9}D:\programme\steam\steamapps\common\zero gear\server\zerogearserver.exe" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\zero gear\server\zerogearserver.exe |
"TCP Query User{55253AE0-B949-4BD7-96DC-E8F8731BF027}D:\programme\icq6\icq.exe" = protocol=6 | dir=in | app=d:\programme\icq6\icq.exe |
"TCP Query User{558F757C-847B-4A77-B20A-A0F57AA4EF52}D:\programme\nero 9\nero 9\nero showtime\showtime.exe" = protocol=6 | dir=in | app=d:\programme\nero 9\nero 9\nero showtime\showtime.exe |
"TCP Query User{5B35E8A1-BACB-4EBD-ABCA-8371615E6087}D:\programme\soulseek\slsk.exe" = protocol=6 | dir=in | app=d:\programme\soulseek\slsk.exe |
"TCP Query User{62FE8A37-69D7-4A07-919E-4E8A2D971139}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{656D5200-B9C3-4158-8D6B-9CC33A09F6A7}D:\programme\caplio software\capftpd.exe" = protocol=6 | dir=in | app=d:\programme\caplio software\capftpd.exe |
"TCP Query User{680CCDFA-8153-4FD3-97FD-FB6054EBB869}D:\programme\zattoo\zattood.exe" = protocol=6 | dir=in | app=d:\programme\zattoo\zattood.exe |
"TCP Query User{725BC036-5831-46D9-942F-0905F8312110}D:\programme\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=d:\programme\mozilla firefox\firefox.exe |
"TCP Query User{725E4C15-6377-42FA-A792-721D91FAF9FE}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{81473311-64F0-498D-B85D-E8BF7DF602AB}D:\spiele\sunshine beach volleyball\game.exe" = protocol=6 | dir=in | app=d:\spiele\sunshine beach volleyball\game.exe |
"TCP Query User{818F38B3-C10E-4332-8CC6-39D656BCF640}D:\programme\tvants\tvants.exe" = protocol=6 | dir=in | app=d:\programme\tvants\tvants.exe |
"TCP Query User{927C0811-13C0-4131-A5E3-7B4D8C22E993}D:\programme\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=d:\programme\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{9B5342FC-6D8F-4F8A-9AD2-07EA02C16B50}D:\programme\zattoo\zattoo.exe" = protocol=6 | dir=in | app=d:\programme\zattoo\zattoo.exe |
"TCP Query User{A9BE748C-5544-4B75-AB37-94A547638E1B}D:\programme\autodesk\maya 8.5\bin\maya.exe" = protocol=6 | dir=in | app=d:\programme\autodesk\maya 8.5\bin\maya.exe |
"TCP Query User{AB195F88-D997-4752-857B-7FD7DB832A72}D:\programme\tvants\tvants.exe" = protocol=6 | dir=in | app=d:\programme\tvants\tvants.exe |
"TCP Query User{B61054B7-395A-47CA-9D01-448DC62626E7}C:\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"TCP Query User{B67C058E-AC60-4150-BF35-EBC4F8996A6B}D:\programme\icq6.5\icq.exe" = protocol=6 | dir=in | app=d:\programme\icq6.5\icq.exe |
"TCP Query User{BE265231-9994-4C85-BACC-05901DD3B5FD}D:\programme\icq6.5\icq.exe" = protocol=6 | dir=in | app=d:\programme\icq6.5\icq.exe |
"TCP Query User{C033086C-3CAB-4D45-A19C-4EE2BA129F96}D:\programme\utorrent\utorrent.exe" = protocol=6 | dir=in | app=d:\programme\utorrent\utorrent.exe |
"TCP Query User{C788A97B-DFF4-4586-998C-6A8BCBCEC983}D:\programme\autodesk\maya 8.5\bin\maya.exe" = protocol=6 | dir=in | app=d:\programme\autodesk\maya 8.5\bin\maya.exe |
"TCP Query User{CC5F6002-C144-42B4-88CA-2C347EB7ACAD}D:\programme\adobe\adobe flash builder 4\flashbuilder.exe" = protocol=6 | dir=in | app=d:\programme\adobe\adobe flash builder 4\flashbuilder.exe |
"TCP Query User{D1631432-050A-498C-9D0B-618EEC3D1B53}D:\programme\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=d:\programme\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{D2106970-AD00-4E85-8AA2-2479FB683940}D:\programme\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\programme\sopcast\sopcast.exe |
"TCP Query User{E0F17801-A7E7-443F-86E4-6E84AD89A98F}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{E4E4C2BE-9072-456C-A9BD-428C1F5F82FE}D:\programme\adobe\adobe flash builder 4\flashbuilder.exe" = protocol=6 | dir=in | app=d:\programme\adobe\adobe flash builder 4\flashbuilder.exe |
"TCP Query User{E61848CE-311B-43B3-857A-671463BCF187}D:\programme\trillian\trillian.exe" = protocol=6 | dir=in | app=d:\programme\trillian\trillian.exe |
"TCP Query User{EB0F2D9A-5BF4-4145-A487-47E1C2BD6A3D}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{EFD9BBA9-9F9B-431D-AC21-9B00FE895EE2}D:\programme\zattoo\zattood.exe" = protocol=6 | dir=in | app=d:\programme\zattoo\zattood.exe |
"TCP Query User{F0327EFC-2906-4CBC-A5C0-FE7A50465F39}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{004D92D4-1935-49C2-96E4-360C73FB682E}D:\programme\caplio software\rgatelxp.exe" = protocol=17 | dir=in | app=d:\programme\caplio software\rgatelxp.exe |
"UDP Query User{04BA0D02-A19A-41A2-A930-7B365D9BB699}D:\programme\tvants\tvants.exe" = protocol=17 | dir=in | app=d:\programme\tvants\tvants.exe |
"UDP Query User{0D4EDBDC-4323-46C2-B9C9-8537A4253DA0}D:\programme\real player\realplay.exe" = protocol=17 | dir=in | app=d:\programme\real player\realplay.exe |
"UDP Query User{13CDDBE7-EABE-46FE-ABBC-CE8070A15BBF}D:\programme\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=d:\programme\bittorrent\bittorrent.exe |
"UDP Query User{1CE4518B-B4D5-4736-BF52-F1E43343524B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2803B631-731D-47D0-ACFC-1B0EECA4897A}D:\programme\icq6.5\icq.exe" = protocol=17 | dir=in | app=d:\programme\icq6.5\icq.exe |
"UDP Query User{3054E418-8BD0-4746-B082-390D6E705CBC}C:\users\***\desktop\eclipse-java-europa-winter-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\***\desktop\eclipse-java-europa-winter-win32\eclipse\eclipse.exe |
"UDP Query User{381D7935-361B-4B89-BFDB-368AE473F2F2}D:\programme\autodesk\maya 8.5\bin\maya.exe" = protocol=17 | dir=in | app=d:\programme\autodesk\maya 8.5\bin\maya.exe |
"UDP Query User{3884E2D1-A017-4C02-9E1C-B8FCA5F174F7}D:\programme\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=d:\programme\mozilla firefox\firefox.exe |
"UDP Query User{3FD412D2-449A-45F6-85CE-2A57893F241A}D:\programme\steam\steamapps\common\zero gear\server\zerogearserver.exe" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\zero gear\server\zerogearserver.exe |
"UDP Query User{45169157-A112-4AF1-8D38-1D55E7BE540A}D:\programme\icq6.5\icq.exe" = protocol=17 | dir=in | app=d:\programme\icq6.5\icq.exe |
"UDP Query User{4CD92BAA-CBF9-44CB-9A6B-332BA98C769F}D:\programme\adobe\adobe flash builder 4\flashbuilder.exe" = protocol=17 | dir=in | app=d:\programme\adobe\adobe flash builder 4\flashbuilder.exe |
"UDP Query User{5C1361B8-D0B9-4C40-B563-5928F3A7BA19}D:\programme\trillian\trillian.exe" = protocol=17 | dir=in | app=d:\programme\trillian\trillian.exe |
"UDP Query User{5E60CF11-060C-45CA-84C2-45FB5668457E}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{6467878D-A914-4D19-8D2B-238B4F0BFAA2}D:\programme\autodesk\maya 8.5\bin\maya.exe" = protocol=17 | dir=in | app=d:\programme\autodesk\maya 8.5\bin\maya.exe |
"UDP Query User{66461ADA-EE18-4C12-AF69-2FCC118A8780}D:\programme\zattoo\zattood.exe" = protocol=17 | dir=in | app=d:\programme\zattoo\zattood.exe |
"UDP Query User{6DC1B7D0-C5F2-495C-AA3A-DCB8C878CE99}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{72DC4E15-31CB-410F-9BB8-2DB812EC9E3B}D:\programme\adobe\adobe flash builder 4\flashbuilder.exe" = protocol=17 | dir=in | app=d:\programme\adobe\adobe flash builder 4\flashbuilder.exe |
"UDP Query User{7737C847-2CB3-4C73-8D87-406D48F7FCBB}D:\programme\soulseek\slsk.exe" = protocol=17 | dir=in | app=d:\programme\soulseek\slsk.exe |
"UDP Query User{7B8B625C-091A-4D64-A5CB-982E7A7A62C8}D:\neu\games\delta force black hawk down\delta force black hawk down\update.exe" = protocol=17 | dir=in | app=d:\neu\games\delta force black hawk down\delta force black hawk down\update.exe |
"UDP Query User{7FB47D8E-D117-4CE2-9388-74CEF0A4D7D3}D:\programme\utorrent\utorrent.exe" = protocol=17 | dir=in | app=d:\programme\utorrent\utorrent.exe |
"UDP Query User{8328CB8D-9074-475B-9C1A-E289FD91089F}D:\programme\zattoo\zattoo.exe" = protocol=17 | dir=in | app=d:\programme\zattoo\zattoo.exe |
"UDP Query User{8BF5A1DC-D500-4099-A034-8209CDC1C275}C:\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"UDP Query User{8DCA9E78-60AF-4EC8-9BD5-F297F79E7C60}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{90812D39-88AC-43E4-86AF-736EC3B93105}D:\programme\icq6\icq.exe" = protocol=17 | dir=in | app=d:\programme\icq6\icq.exe |
"UDP Query User{90F63AA7-DF59-4370-89C2-27BAD5F63744}D:\spiele\sunshine beach volleyball\game.exe" = protocol=17 | dir=in | app=d:\spiele\sunshine beach volleyball\game.exe |
"UDP Query User{91D7BA70-ECAB-4201-ACB5-84871D7C0CAD}D:\programme\caplio software\rgatelxp.exe" = protocol=17 | dir=in | app=d:\programme\caplio software\rgatelxp.exe |
"UDP Query User{91F185A4-E46D-4D1B-8E92-187813F7E4C8}D:\programme\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\programme\sopcast\adv\sopadver.exe |
"UDP Query User{9660D796-C8A3-4307-8D8D-C604F1BAA9BC}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{9B98DD64-79F7-49D7-9291-984A8E895867}D:\programme\tvants\tvants.exe" = protocol=17 | dir=in | app=d:\programme\tvants\tvants.exe |
"UDP Query User{A95911EA-F97F-4A5D-94B3-12984F70B29D}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{AB6D5767-C921-482F-891F-84FE960F2AE4}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{B29F631E-7213-4BF4-8E4F-F260AD115FD7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{C7F2EAB9-4565-41AE-ABFE-66FDD4887A09}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{C8D1D6BC-FCFE-4100-93EB-26FCB5E7E334}C:\users\***\desktop\sc_serv.exe" = protocol=17 | dir=in | app=c:\users\***\desktop\sc_serv.exe |
"UDP Query User{CC9E7710-4F28-414D-A04E-F77EAC93A383}D:\programme\zattoo\zattood.exe" = protocol=17 | dir=in | app=d:\programme\zattoo\zattood.exe |
"UDP Query User{D0AC2AB9-BD92-4B67-88B5-734BBA18EBC4}D:\programme\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\programme\sopcast\sopcast.exe |
"UDP Query User{D24E4FD2-D66E-45A6-A5AA-9A8293D01065}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{D3300E00-685F-45D6-B92F-B46F7484945C}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{DA9E529A-AB2E-4FD8-B005-7C54EF1EB3FF}D:\programme\icq6\icq.exe" = protocol=17 | dir=in | app=d:\programme\icq6\icq.exe |
"UDP Query User{DFB170B4-73DC-430A-8116-3F4E364DC1A9}D:\programme\nero 9\nero 9\nero showtime\showtime.exe" = protocol=17 | dir=in | app=d:\programme\nero 9\nero 9\nero showtime\showtime.exe |
"UDP Query User{E0B4107B-3762-45E4-811D-69887B9F4C1D}D:\programme\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\programme\sopcast\sopcast.exe |
"UDP Query User{E0F5AD52-310E-43CB-816C-8A1944D9A7D7}D:\programme\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=d:\programme\mozilla firefox\firefox.exe |
"UDP Query User{EBE24107-F65E-44C0-9AA8-29F17A63C96F}D:\programme\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=d:\programme\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{F1497FF7-2B6C-48E2-94E8-E4F26816C211}D:\programme\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\programme\sopcast\adv\sopadver.exe |
"UDP Query User{F2913BE9-64E0-48FF-91AE-7EC184816E6B}D:\programme\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=d:\programme\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{F2B9C76F-C201-400F-A8CA-D71CA972DB7B}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{FBC8A85E-3624-4542-9260-67A5AD8756B7}D:\programme\trillian\trillian.exe" = protocol=17 | dir=in | app=d:\programme\trillian\trillian.exe |
"UDP Query User{FC8F05CA-E9AB-4274-9DED-743683B166C6}D:\programme\caplio software\capftpd.exe" = protocol=17 | dir=in | app=d:\programme\caplio software\capftpd.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.2 Build #3129 Banner Remover 1.0
"{0B56244C-7B61-0407-A739-3E29DDE4DC3C}" = Bluerock Technologies Flight Studio 3ds Max 2009 32-bit
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{177E1CA1-14CC-4398-AB15-A5746EFE8F22}" = Adobe Flash Builder 4
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1E2FDD18-E514-4631-AF4A-0CC58FD93DCB}" = Quake Live Mozilla Plugin
"{1EA56FAA-6CA2-4DDB-9FFD-62755076396E}" = Falk Navi-Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20B3FD5B-A987-406B-A5B5-CDE3CA1EF4E1}" = Adobe Flash Player 10 ActiveX
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{2300EE96-0A41-4FAB-BD03-989EC44577A0}" = Acronis Disk Director Suite
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3260D61B-DCA6-4ec6-8A41-DCCE01BC6EE4}" = c4100_Help
"{32A3A4F4-B792-11D6-A78A-00B0D0160180}" = Java(TM) SE Development Kit 6 Update 18
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4BD295B9-0190-4C54-B08E-33A6ECA922DF}" = ThinkVantage Access Connections
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}" = FRITZ!Box starter
"{4F121350-54E4-4348-BA9F-5A7836EF4CCB}" = Falk Navi-Manager
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.33
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5AFEABF5-7411-4C29-9FA9-71ABE880662D}" = Nokia PC Suite
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AEE2B0B-B3C1-4367-B1EF-FC4ED98DEED1}" = C4100
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{71414EC2-0684-4A15-A85A-E0E259D117AF}" = Microangelo Toolset 6
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{744A5C19-AA4C-0407-BC07-9F4C73C8B247}" = Autodesk 3ds Max 2009 32-Bit Vault 2009 Plug-In
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.7.3.190
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77C1B8D7-1283-48A4-BD79-79FA37064A13}" = Lenovo Fingerprint Software
"{7A046E1F-BEB7-49C8-83E2-78E1F1C65C60}" = Turbo Squid Tentacles 3ds Max 2009 32-bit
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{871DF2BE-41D2-4334-AC33-839AF16FC8FE}" = Cisco Systems VPN Client 5.0.02.0090
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}" = Adobe Setup
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}_941" = Adobe Acrobat 9.4.1 - CPSID_83708
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B5761811-28F3-4257-B537-815C5EEF472C}" = Vodafone Mobile Connect Lite
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{c4d6eb46-9401-40f3-8f49-d7122a8e8f3d}" = Nero 9
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC9654D2-A845-4439-9C41-8FBDE74646E1}" = Falk Navi-Manager
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DFE506AB-DDEA-4C94-BDE0-C26F4B21C71A}" = Falk Navi-Manager
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EC422FB2-9F4D-4FB1-A5CE-5F741132EBC5}" = Lenovo Fingerprint Software
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{EED50C97-C79E-4149-BD82-7C5A22437708}" = Adobe Setup
"{EFCBBB01-F876-0407-B91F-7B6132E8BB64}" = Autodesk 3ds Max 2009 32-Bit Vault 2008 Plug-In
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9766AC1-1461-1033-B862-DF8FE1C033BE}" = Adobe InDesign CS5
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.16 beta
"Absolute Audio Converter_is1" = Absolute Audio Converter 4.1
"Adobe AIR" = Adobe AIR
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2a31ae7a5c43ff52d8577782dd34e04" = Adobe Illustrator CS4
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_a68eec966ce913ddaa63251dc82ed31" = Adobe Flash CS4 Professional
"Allok Video Joiner_is1" = Allok Video Joiner 4.0.1019
"ASIO4ALL" = ASIO4ALL
"a-squared Free_is1" = a-squared Free 4.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Video Converter 4.3_is1" = AVS Video Converter 4.3.1.371
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem (03/05/2008 3.7)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CPU-Control_is1" = CPU-Control
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem (03/13/2008 6.86.0.1)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FBX Plugin 2009.0 for Max 2009" = FBX Plugin 2009.0 for Max 2009
"FileZilla Client" = FileZilla Client 3.3.5.1
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV Soft PVR" = Hauppauge WinTV Soft PVR
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPOCR" = HP OCR Software 8.0
"ID3-TagIT 3_is1" = ID3-TagIT 3
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"IrfanView" = IrfanView (remove only)
"LENOVO.SMIIF" = Lenovo System Interface Driver
"MAGIX 3D Maker D" = MAGIX 3D Maker (embeded)
"MAGIX Screenshare D" = MAGIX Screenshare
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaCoder" = MediaCoder 0.7.2.4582
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Monopoly Deluxe" = Monopoly Deluxe
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Nakido" = Nakido
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"ObjectDock" = ObjectDock
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"OpenAL" = OpenAL
"PDF Splitter and Merger 3.0" = PDF Splitter and Merger 3.0
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"Rainbow Sentinel Driver" = Sentinel System Driver
"RapidShare Manager" = RapidShare Manager
"RealPlayer 6.0" = RealPlayer
"RolandRDID0021" = EDIROL UA-20 Driver
"SADK" = Die Siedler - Aufbruch der Kulturen
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"SopCast" = SopCast 3.0.3
"Soulseek2" = SoulSeek 157 NS 13c
"StreamTorrent 1.0" = StreamTorrent 1.0
"SystemRequirementsLab" = System Requirements Lab
"Systweak CacheBoost_is1" = Systweak CacheBoost
"TOPSIM - Marketing Participant" = TOPSIM - Marketing Participant
"Trillian" = Trillian
"Tunatic" = Tunatic
"TVAnts 1.0" = TVAnts 1.0
"TweakNow RegCleaner Professional_is1" = TweakNow RegCleaner Professional
"Ultra Video Splitter_is1" = Ultra Video Splitter 5.2.1126
"UltraISO_is1" = UltraISO Premium V9.35
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.18
"VexcastPlayer2.0" = VexcastPlayer2.0
"VLC media player" = VLC media player 1.1.4
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"Vuze" = Vuze
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"WinX HD Video Converter_is1" = WinX Video Converter 4.0
"Xilisoft HD Video Converter" = Xilisoft HD Video Converter
"Xilisoft Video Converter Standard" = Xilisoft Video Converter Standard
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"0699682b1bbef526" = ContainerEx Decrypter
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"tc09-DE_SEVENONE_MAIN" = Big Pizza Mountainbike Challenge 09 (SevenOne)
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.03.2010 23:45:35 | Computer Name = diagnose | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11.03.2010 23:45:35 | Computer Name = diagnose | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12.03.2010 07:00:42 | Computer Name = diagnose | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12.03.2010 07:00:42 | Computer Name = diagnose | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12.03.2010 07:28:54 | Computer Name = diagnose | Source = System Restore | ID = 8193
Description =
Error - 12.03.2010 20:34:56 | Computer Name = diagnose | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12.03.2010 20:34:56 | Computer Name = diagnose | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 13.03.2010 12:59:14 | Computer Name = diagnose | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 13.03.2010 12:59:14 | Computer Name = diagnose | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 13.03.2010 17:09:22 | Computer Name = diagnose | Source = System Restore | ID = 8193
Description =
[ OSession Events ]
Error - 20.07.2009 02:51:52 | Computer Name = diagnose | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6772
seconds with 360 seconds of active time. This session ended with a crash.
Error - 12.10.2009 09:43:48 | Computer Name = diagnose | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5107
seconds with 1980 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 28.11.2010 09:20:06 | Computer Name = diagnose | Source = bowser | ID = 8003
Description =
Error - 28.11.2010 09:20:21 | Computer Name = diagnose | Source = DCOM | ID = 10010
Description =
Error - 28.11.2010 09:21:04 | Computer Name = diagnose | Source = Service Control Manager | ID = 7009
Description =
Error - 28.11.2010 09:33:01 | Computer Name = diagnose | Source = Service Control Manager | ID = 7000
Description =
Error - 28.11.2010 09:33:01 | Computer Name = diagnose | Source = Service Control Manager | ID = 7000
Description =
Error - 28.11.2010 10:36:45 | Computer Name = diagnose | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort2 gefunden.
Error - 28.11.2010 10:36:45 | Computer Name = diagnose | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort2 gefunden.
Error - 28.11.2010 10:38:37 | Computer Name = diagnose | Source = Service Control Manager | ID = 7031
Description =
Error - 28.11.2010 11:52:40 | Computer Name = diagnose | Source = Service Control Manager | ID = 7000
Description =
Error - 28.11.2010 11:52:40 | Computer Name = diagnose | Source = Service Control Manager | ID = 7000
Description =
< End of report >
In einem anderen Thread hab ich nun noch noch gelesen, dass man noch das OTL-Programm mit einigen Befehlszeilen durchlaufen lassen soll. Daher hier noch das OTL-Logfile mit den Benutzerdefinierten Scans / Fixes: Code:
All processes killed
========== OTL ==========
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Dlewasiwitaf not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Yvacudegem not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddabfb1e-bff0-11df-8fda-ead1da458fdb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddabfb1e-bff0-11df-8fda-ead1da458fdb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddabfb1e-bff0-11df-8fda-ead1da458fdb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddabfb1e-bff0-11df-8fda-ead1da458fdb}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddabfb34-bff0-11df-8fda-ead1da458fdb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddabfb34-bff0-11df-8fda-ead1da458fdb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddabfb34-bff0-11df-8fda-ead1da458fdb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddabfb34-bff0-11df-8fda-ead1da458fdb}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddabfb42-bff0-11df-8fda-ead1da458fdb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddabfb42-bff0-11df-8fda-ead1da458fdb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddabfb42-bff0-11df-8fda-ead1da458fdb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddabfb42-bff0-11df-8fda-ead1da458fdb}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddabfb9d-bff0-11df-8fda-916dece71713}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddabfb9d-bff0-11df-8fda-916dece71713}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddabfb9d-bff0-11df-8fda-916dece71713}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddabfb9d-bff0-11df-8fda-916dece71713}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddabfbb1-bff0-11df-8fda-916dece71713}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddabfbb1-bff0-11df-8fda-916dece71713}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddabfbb1-bff0-11df-8fda-916dece71713}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddabfbb1-bff0-11df-8fda-916dece71713}\ not found.
File F:\AutoRun.exe not found.
Folder C:\Users\Fritz\AppData\Local\{70EE213A-F41A-4BA8-9682-2FFDFCC15149}\ not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: ***
->Temp folder emptied: 189300901 bytes
->Temporary Internet Files folder emptied: 249428390 bytes
->Java cache emptied: 33836976 bytes
->FireFox cache emptied: 96995881 bytes
->Flash cache emptied: 728894 bytes
User: Privat
User: Public
User: TEMP(1)
->Temp folder emptied: 32575 bytes
->FireFox cache emptied: 9541280 bytes
->Flash cache emptied: 564 bytes
User: TEMP(64)
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 401408 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 643441524 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 185853 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 320 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1.167,00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 11282010_171949
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Fortsetzung im nächsten Beitrag... |
