wahrscheinlich spyeye!
Hallo,
also markusg, dann stell ich mal meine beiden .txt Dateien ein.
OTL.txt
OTL Logfile: Code:
OTL logfile created on: 26.01.2011 17:36:22 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\stutzi\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 56,00% Paging File free
Paging file location(s): c:\pagefile.sys 512 1024
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 43,09 Gb Free Space | 9,45% Space Free | Partition Type: NTFS
Drive S: | 596,17 Gb Total Space | 36,48 Gb Free Space | 6,12% Space Free | Partition Type: NTFS
Computer Name: STUTZI-PC | User Name: stutzi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\stutzi\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\iZ3D Driver\Win32\S3DCService.exe (iZ3D Inc.)
PRC - C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - C:\Programme\Hotspot Shield\bin\openvpntray.exe ()
PRC - C:\Programme\Hotspot Shield\bin\openvpnas.exe ()
PRC - C:\Programme\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Programme\Motorola\MotoConnectService\MotoConnect.exe (Motorola)
PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe ()
PRC - C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Programme\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\MultiScreen\MultiScreen.exe ()
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe ()
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Seiko Instruments USA Inc\Smart Label Printer 6.6\slpcap.exe (Seiko Instruments USA Inc.)
PRC - C:\Programme\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Programme\MagicTune Premium\MagicTuneEngine.exe ()
PRC - C:\Windows\System32\bgsvcgen.exe (B.H.A Corporation)
PRC - C:\Programme\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Programme\Targa VFD Display\Targa VFD Display.exe (Ing.-Büro Dr. Ruge)
PRC - C:\Programme\MagicTune Premium\GammaTray.exe ()
PRC - C:\Programme\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Programme\DU Meter\DUMeter.exe (Hagel Technologies Ltd)
PRC - C:\Windows\ModLEDKey.exe (Chicony)
PRC - C:\Windows\CNYHKey.exe (Chicony)
PRC - C:\Programme\X-Micro WLAN 11g USB Adapter\ZDWlan.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\stutzi\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (NIS) -- File not found
SRV - (S3DSvc32) S3D Service (Win32) -- C:\Programme\iZ3D Driver\Win32\S3DCService.exe (iZ3D Inc.)
SRV - (HssSrv) -- C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (HssTrayService) -- C:\Programme\Hotspot Shield\bin\HssTrayService.exe ()
SRV - (HotspotShieldService) -- C:\Programme\Hotspot Shield\bin\openvpnas.exe ()
SRV - (HssWd) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MotoConnect Service) -- C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe ()
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (MagicTuneEngine) -- C:\Programme\MagicTune Premium\MagicTuneEngine.exe ()
SRV - (bgsvcgen) -- C:\Windows\System32\bgsvcgen.exe (B.H.A Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (iZ3DInjectionDriver) -- C:\Programme\iZ3D Driver\Win32\S3DInjectionDriver.sys ()
DRV - (HssDrv) -- C:\Windows\System32\drivers\hssdrv.sys (AnchorFree Inc.)
DRV - (motusbdevice) -- C:\Windows\System32\drivers\motusbdevice.sys (Motorola Inc)
DRV - (Motousbnet) -- C:\Windows\System32\drivers\Motousbnet.sys (Motorola)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (motmodem) -- C:\Windows\System32\drivers\motmodem.sys (Motorola)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (JRAID) -- C:\Windows\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV - (SYMTDIv) -- C:\Windows\system32\drivers\NIS\1100000.088\SYMTDIV.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1100000.088\SYMEFA.SYS (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1100000.088\SYMDS.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1100000.088\Ironx86.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\system32\drivers\NIS\1100000.088\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1100000.088\SRTSPX.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1100000.088\ccHPx86.sys (Symantec Corporation)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (motccgp) -- C:\Windows\System32\drivers\motccgp.sys (Motorola)
DRV - (MotDev) -- C:\Windows\System32\drivers\motodrv.sys (Motorola Inc)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (motccgpfl) -- C:\Windows\System32\drivers\motccgpfl.sys (Motorola)
DRV - (BTCFilterService) -- C:\Windows\System32\drivers\motfilt.sys (Motorola Inc)
DRV - (NPF_devolo) NetGroup Packet Filter Driver (devolo) -- C:\Windows\system32\drivers\npf_devolo.sys (CACE Technologies)
DRV - (61883) -- C:\Windows\System32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\Windows\System32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\Windows\System32\drivers\msdv.sys (Microsoft Corporation)
DRV - (FTSER2K) -- C:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (MotoSwitchService) -- C:\Windows\System32\drivers\motswch.sys (Motorola)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (HCW88TSE) -- C:\Windows\System32\drivers\hcw88tse.sys (Hauppauge Computer Works, Inc)
DRV - (HCW88BDA) -- C:\Windows\System32\drivers\hcw88bda.sys (Hauppauge Computer Works, Inc)
DRV - (HCW88AUD) -- C:\Windows\System32\drivers\hcw88aud.sys (Hauppauge Computer Works, Inc)
DRV - (ADIHdAudAddService) -- C:\Windows\System32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (athrusb) -- C:\Windows\System32\drivers\athrusb.sys (Atheros Communications, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (X-Micro WLAN 11g USB Adapter(X-Micro)) X-Micro WLAN 11g USB Adapter Driver(X-Micro) -- C:\Windows\System32\drivers\ZD1211BU.SYS (ZyDAS Technology Corporation)
DRV - (cdrbsdrv) -- C:\Windows\System32\drivers\cdrbsdrv.sys (B.H.A Corporation)
DRV - (JGOGO) -- C:\Windows\system32\DRIVERS\JGOGO.sys (JMicron )
DRV - (QCDonner) Logitech QuickCam Express(PID_0840) -- C:\Windows\System32\drivers\lvcd.sys (Logitech Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Programme\TorrentMan\tbTor2.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.arcor.de
IE - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de/
IE - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Programme\TorrentMan\tbTor2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.arcor.de/"
FF - prefs.js..extensions.enabledItems: {62760FD6-B943-48C9-AB09-F99C6FE96088}:2.1.6
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..keyword.URL: "hxxp://start.facemoods.com/results.php?f=5&a=ddr&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.10 16:01:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.10 16:01:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.12.13 15:26:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2010.11.11 14:21:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stutzi\AppData\Roaming\mozilla\Extensions
[2010.11.11 14:21:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stutzi\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.01.26 17:13:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stutzi\AppData\Roaming\mozilla\Firefox\Profiles\m1mohz8v.default\extensions
[2010.04.28 11:15:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\stutzi\AppData\Roaming\mozilla\Firefox\Profiles\m1mohz8v.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.27 13:08:09 | 000,000,000 | ---D | M] (eBay Sidebar for Firefox) -- C:\Users\stutzi\AppData\Roaming\mozilla\Firefox\Profiles\m1mohz8v.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}
[2010.12.28 20:29:43 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\stutzi\AppData\Roaming\mozilla\Firefox\Profiles\m1mohz8v.default\extensions\ffxtlbr@Facemoods.com
[2010.02.13 18:00:43 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\stutzi\AppData\Roaming\mozilla\Firefox\Profiles\m1mohz8v.default\extensions\moveplayer@movenetworks.com
[2010.04.21 12:40:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2008.12.12 13:05:52 | 000,000,000 | ---D | M] (Firefox Companion for eBay) -- C:\Programme\Mozilla Firefox\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}
[2009.08.06 10:09:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\ebay@partners.mozilla.com
[2009.08.06 10:09:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\inspector@mozilla.org
[2008.08.18 14:03:20 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2010.03.12 19:50:57 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.12 19:50:57 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrchddr.xml
[2010.03.12 19:50:57 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.12 19:50:57 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.12 19:50:57 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.10.02 14:11:34 | 000,005,338 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 65.75.216.6 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.54 www.winmx.com err.winmx.com
O1 - Hosts: 65.75.216.6 cache0.winmx.com test3201.winmx.com test3206.winmx.com
O1 - Hosts: 65.75.216.7 cache1.winmx.com test3202.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.229.238 cache2.winmx.com test3203.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.1 cache3.winmx.com test3204.winmx.com
O1 - Hosts: 205.238.40.2 cache4.winmx.com test3205.winmx.com
O1 - Hosts: 65.75.216.6 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 14 more lines...
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - Reg Error: Value error. File not found
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Programme\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - Reg Error: Value error. File not found
O2 - BHO: (Bitlord Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Programme\TorrentMan\tbTor2.dll (Conduit Ltd.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Programme\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (Bitlord Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Programme\TorrentMan\tbTor2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Programme\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\..\Toolbar\WebBrowser: (Bitlord Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Programme\TorrentMan\tbTor2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BVRPLiveUpdate] File not found
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DU Meter] C:\Programme\DU Meter\DUMeter.exe (Hagel Technologies Ltd)
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [ledpointer] C:\Windows\CNYHKey.exe (Chicony)
O4 - HKLM..\Run: [MoLed] C:\Windows\ModLEDKey.exe (Chicony)
O4 - HKLM..\Run: [MultiScreen] C:\Programme\MultiScreen\MultiScreen.exe ()
O4 - HKLM..\Run: [mumservice] C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003..\Run: [portwexexe.exe] C:\portwexexe\portwexexe.exe ()
O4 - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O7 - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O7 - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2965953352-1890760225-2496969144-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Kawasaki 500 H3.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Kawasaki 500 H3.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - State: "bootini" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.ac3acm - C:\Windows\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\Windows\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.divxa32 - C:\Windows\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: msacm.scg726 - C:\Windows\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\Windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS hxxp://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.voxacm160 - C:\Windows\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\Windows\System32\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.wmv3 - C:\Windows\System32\WMV9VCM.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: wave1 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.01.23 17:16:09 | 000,000,000 | ---D | C] -- C:\Users\stutzi\meine Lesezeichen
[2011.01.23 16:47:24 | 000,000,000 | ---D | C] -- C:\Users\stutzi\AppData\Roaming\Opera
[2011.01.23 16:47:24 | 000,000,000 | ---D | C] -- C:\Users\stutzi\AppData\Local\Opera
[2011.01.23 16:47:22 | 000,000,000 | ---D | C] -- C:\Programme\Opera
[2011.01.15 20:15:22 | 000,000,000 | ---D | C] -- C:\Users\stutzi\AppData\Roaming\Publish Providers
[2011.01.15 20:14:58 | 000,000,000 | ---D | C] -- C:\Users\stutzi\Documents\Vegas Movie Studio PE 9.0 Projekte
[2011.01.15 20:14:58 | 000,000,000 | ---D | C] -- C:\Users\stutzi\AppData\Roaming\Sony
[2011.01.15 20:14:58 | 000,000,000 | ---D | C] -- C:\Users\stutzi\AppData\Local\Sony
[2011.01.15 20:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2011.01.15 19:59:49 | 000,000,000 | ---D | C] -- C:\Programme\Vstplugins
[2011.01.15 19:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2011.01.15 19:58:50 | 000,000,000 | ---D | C] -- C:\Programme\Sony
[2011.01.15 19:56:24 | 000,000,000 | ---D | C] -- C:\Programme\Sony Setup
[2011.01.12 11:56:29 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.01.12 11:56:26 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011.01.03 17:19:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011.01.03 17:19:14 | 000,000,000 | ---D | C] -- C:\Programme\Adobe Media Player
[2011.01.03 17:17:14 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe AIR
[2010.12.28 21:13:27 | 000,000,000 | ---D | C] -- C:\Users\stutzi\AppData\Roaming\WinRAR
[2010.12.28 20:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader
[2010.12.28 20:29:42 | 000,000,000 | ---D | C] -- C:\Programme\facemoods.com
[2010.12.28 20:29:17 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2009.03.15 17:27:53 | 006,844,094 | ---- | C] (EAST Technologies ) -- C:\Programme\eteraser.exe
[2007.08.15 12:19:22 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\stutzi\AppData\Roaming\pcouffin.sys
[2007.07.07 19:24:45 | 000,010,752 | ---- | C] (Arcor Online GmbH) -- C:\Users\stutzi\AppData\Local\cmdial32.dll
[6 C:\Users\stutzi\Documents\*.tmp files -> C:\Users\stutzi\Documents\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.01.26 17:34:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.26 17:33:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2965953352-1890760225-2496969144-1003UA.job
[2011.01.26 16:55:00 | 000,638,510 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.01.26 16:55:00 | 000,604,126 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.01.26 16:55:00 | 000,130,462 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.01.26 16:55:00 | 000,107,562 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.01.26 16:49:24 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.26 16:49:16 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.26 16:49:16 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.26 16:49:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.26 16:49:07 | 2682,687,488 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.26 16:27:27 | 000,031,672 | ---- | M] () -- C:\Users\stutzi\AppData\Roaming\wklnhst.dat
[2011.01.26 16:27:25 | 000,372,736 | ---- | M] () -- C:\Users\stutzi\Documents\abcd.doc
[2011.01.26 12:33:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2965953352-1890760225-2496969144-1003Core.job
[2011.01.24 17:53:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.01.23 17:14:16 | 000,292,125 | ---- | M] () -- C:\Users\stutzi\Documents\bookmarks-2011-01-23.json
[2011.01.23 16:47:23 | 000,001,661 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.01.19 19:39:36 | 000,299,362 | ---- | M] () -- C:\Users\stutzi\Documents\Simprop Fling Anleitung.pdf
[2011.01.16 03:28:37 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2011.01.15 20:00:10 | 000,002,039 | ---- | M] () -- C:\Users\stutzi\Desktop\Vegas Movie Studio Platinum 9.0.lnk
[2011.01.15 13:38:37 | 000,024,576 | ---- | M] () -- C:\Users\stutzi\Documents\Kaufrücktritt.doc
[2011.01.15 13:33:37 | 000,002,086 | ---- | M] () -- C:\Users\stutzi\Desktop\Google Chrome.lnk
[2011.01.06 17:58:44 | 000,993,280 | ---- | M] () -- C:\Users\stutzi\Documents\Smart Roadster Aktuator einstellenn.pdf
[2011.01.06 17:54:50 | 000,024,576 | ---- | M] () -- C:\Users\stutzi\Documents\Smart Roadster - Kupplung einstellen.doc
[2011.01.04 13:35:02 | 003,713,936 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.29 14:07:35 | 000,000,992 | ---- | M] () -- C:\Users\stutzi\Desktop\JDownloader.lnk
[2010.12.28 20:30:43 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.12.28 16:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010.12.28 14:54:42 | 000,032,256 | ---- | M] () -- C:\Users\stutzi\Documents\Bespannflies.doc
[6 C:\Users\stutzi\Documents\*.tmp files -> C:\Users\stutzi\Documents\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.01.23 17:14:15 | 000,292,125 | ---- | C] () -- C:\Users\stutzi\Documents\bookmarks-2011-01-23.json
[2011.01.23 16:47:23 | 000,001,673 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011.01.23 16:47:23 | 000,001,661 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.01.19 19:39:36 | 000,299,362 | ---- | C] () -- C:\Users\stutzi\Documents\Simprop Fling Anleitung.pdf
[2011.01.16 18:20:57 | 2682,687,488 | -HS- | C] () -- C:\hiberfil.sys
[2011.01.15 20:00:10 | 000,002,039 | ---- | C] () -- C:\Users\stutzi\Desktop\Vegas Movie Studio Platinum 9.0.lnk
[2011.01.15 13:38:36 | 000,024,576 | ---- | C] () -- C:\Users\stutzi\Documents\Kaufrücktritt.doc
[2011.01.06 17:58:44 | 000,993,280 | ---- | C] () -- C:\Users\stutzi\Documents\Smart Roadster Aktuator einstellenn.pdf
[2011.01.06 17:54:49 | 000,024,576 | ---- | C] () -- C:\Users\stutzi\Documents\Smart Roadster - Kupplung einstellen.doc
[2011.01.03 17:22:52 | 000,001,047 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2011.01.03 17:21:45 | 000,001,009 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2011.01.03 17:21:12 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2011.01.03 17:18:41 | 000,001,193 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2011.01.03 17:18:28 | 000,001,355 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2011.01.03 17:17:18 | 000,000,921 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2010.12.29 14:07:35 | 000,000,992 | ---- | C] () -- C:\Users\stutzi\Desktop\JDownloader.lnk
[2010.12.28 20:30:43 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.12.28 14:43:18 | 000,032,256 | ---- | C] () -- C:\Users\stutzi\Documents\Bespannflies.doc
[2010.12.02 15:08:28 | 000,000,094 | ---- | C] () -- C:\Users\stutzi\AppData\Local\fusioncache.dat
[2010.12.02 15:05:21 | 000,190,464 | ---- | C] () -- C:\Windows\System32\PCGW32.DLL
[2010.04.17 15:31:37 | 000,000,000 | RH-- | C] () -- C:\Users\stutzi\AppData\Roaming\eaa98e943fdeb9dc340f4a70686db941
[2009.12.27 20:42:30 | 000,032,768 | ---- | C] () -- C:\Windows\System32\MWLPS.dll
[2009.12.17 17:59:47 | 000,004,932 | ---- | C] () -- C:\ProgramData\kbkwknay.ayh
[2009.12.17 17:59:17 | 000,000,036 | ---- | C] () -- C:\Windows\IniFile1.ini
[2009.09.11 00:52:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.03 10:15:21 | 000,000,112 | ---- | C] () -- C:\Users\stutzi\AppData\Local\PathsToScan.txt
[2009.05.14 12:06:41 | 000,000,671 | ---- | C] () -- C:\Users\stutzi\AppData\Roaming\vso_ts_preview.xml
[2009.01.23 16:09:43 | 000,001,164 | ---- | C] () -- C:\Users\stutzi\AppData\Local\9A5FF4EA.il
[2009.01.23 16:09:43 | 000,000,280 | ---- | C] () -- C:\Users\stutzi\AppData\Local\IndexIE_9A5FF4EA.il
[2009.01.13 16:55:22 | 000,000,160 | ---- | C] () -- C:\Users\stutzi\AppData\Roaming\default.rss
[2009.01.11 13:23:27 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.01.04 18:31:00 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2008.11.23 13:52:23 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2008.11.02 14:34:02 | 000,000,133 | ---- | C] () -- C:\Windows\awshkwv.ini
[2008.10.20 12:44:09 | 000,000,732 | ---- | C] () -- C:\Users\stutzi\AppData\Roaming\DriveCalculator Preferences
[2008.09.26 17:38:17 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008.09.18 13:36:05 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2008.09.18 11:20:57 | 000,000,928 | ---- | C] () -- C:\Windows\System32\hpsj1695.dll
[2008.09.18 11:20:54 | 000,306,688 | ---- | C] () -- C:\Windows\System32\Lffpx7.dll
[2008.09.18 11:20:54 | 000,095,232 | ---- | C] () -- C:\Windows\System32\Lfkodak.dll
[2008.09.11 16:28:54 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008.06.22 12:09:23 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.06.12 12:07:04 | 000,000,110 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2008.03.06 18:41:39 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008.01.12 15:57:46 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008.01.12 15:53:22 | 000,047,262 | ---- | C] () -- C:\ProgramData\Photoshop Elements 6.0 Read Me.html
[2008.01.10 15:28:16 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2008.01.10 15:28:16 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2008.01.10 15:28:16 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2008.01.10 15:28:16 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2007.12.29 14:51:35 | 000,034,308 | ---- | C] () -- C:\Windows\System32\Chip.dll
[2007.12.03 08:40:55 | 000,000,609 | ---- | C] () -- C:\Windows\System32\ftdiun2k.ini
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.08.15 12:20:13 | 000,000,034 | ---- | C] () -- C:\Users\stutzi\AppData\Roaming\pcouffin.log
[2007.08.15 12:19:22 | 000,087,608 | ---- | C] () -- C:\Users\stutzi\AppData\Roaming\inst.exe
[2007.08.15 12:19:22 | 000,007,887 | ---- | C] () -- C:\Users\stutzi\AppData\Roaming\pcouffin.cat
[2007.08.15 12:19:22 | 000,001,144 | ---- | C] () -- C:\Users\stutzi\AppData\Roaming\pcouffin.inf
[2007.07.20 18:18:24 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini
[2007.07.12 17:40:06 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2007.07.12 17:22:10 | 000,000,022 | ---- | C] () -- C:\Users\stutzi\AppData\Local\cmdial32.ini
[2007.07.10 16:52:14 | 000,001,356 | ---- | C] () -- C:\Users\stutzi\AppData\Local\d3d9caps.dat
[2007.07.08 20:08:12 | 000,000,009 | ---- | C] () -- C:\Users\stutzi\AppData\Roaming\mdb.bin
[2007.07.08 13:20:50 | 000,031,672 | ---- | C] () -- C:\Users\stutzi\AppData\Roaming\wklnhst.dat
[2007.07.06 17:46:11 | 000,220,160 | ---- | C] () -- C:\Users\stutzi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.06.03 19:31:28 | 000,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007.03.29 22:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2007.02.08 14:18:58 | 000,000,438 | ---- | C] () -- C:\Windows\WINCMD.INI
[2007.02.06 01:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007.02.02 21:14:47 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007.01.31 15:54:51 | 000,005,120 | ---- | C] () -- C:\Windows\HKCYDLL.dll
[2007.01.31 15:54:50 | 000,049,152 | ---- | C] () -- C:\Windows\CNYUSB.dll
[2007.01.31 15:54:50 | 000,000,360 | ---- | C] () -- C:\Windows\CNYHKey.ini
[2007.01.30 09:40:36 | 000,040,960 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2007.01.30 09:05:36 | 000,001,008 | ---- | C] () -- C:\Windows\WISO.INI
[2007.01.29 18:40:19 | 000,000,518 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.01.29 18:20:13 | 000,028,672 | ---- | C] () -- C:\Windows\System32\InsDrvZD.dll
[2007.01.29 18:20:13 | 000,016,384 | ---- | C] () -- C:\Windows\System32\InsDrvZD64.DLL
[2007.01.29 15:06:57 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.09.20 07:34:10 | 000,000,266 | ---- | C] () -- C:\Windows\Buhl.ini
[2006.02.25 19:12:34 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2006.02.25 19:09:38 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2006.02.18 09:16:04 | 000,036,864 | ---- | C] () -- C:\Windows\System32\SlpApi42.dll
[2004.03.26 08:56:40 | 000,017,191 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2003.10.18 17:06:42 | 000,135,168 | ---- | C] () -- C:\Windows\System32\ZipDLL.dll
[2003.07.15 14:32:30 | 000,122,368 | ---- | C] () -- C:\Windows\System32\UNZDLL.dll
[2000.07.28 01:15:00 | 000,000,001 | ---- | C] () -- C:\Windows\System32\uuddc32.dll
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.01.08 16:54:27 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\abgx360
[2011.01.03 17:22:36 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Adobe
[2007.10.18 21:39:06 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Ahead
[2010.04.10 14:24:14 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\ALK Technologies
[2009.12.29 20:47:44 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Apple Computer
[2009.03.15 17:38:37 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\ASCOMP Software
[2009.08.09 12:30:15 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\ATI
[2009.08.02 18:10:21 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Avanquest
[2010.07.26 18:09:17 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\avidemux
[2010.08.17 15:33:53 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\AVS4YOU
[2009.10.17 13:24:08 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\BOM
[2008.09.03 14:01:08 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Buhl Data Service
[2010.01.30 19:01:43 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Canon
[2008.12.15 15:14:24 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\COMPUTERBILD-Spionage-Stopper
[2009.08.06 10:10:00 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\concept design
[2008.11.02 14:34:00 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\ContentLauncher
[2009.08.06 10:10:00 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\CyberLink
[2009.01.14 16:47:32 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Download Manager
[2011.01.19 14:31:20 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\dvdcss
[2009.08.06 10:10:00 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\FTPRush
[2011.01.02 17:33:51 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Gaqyde
[2010.04.01 16:14:08 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\GHISLER
[2008.08.12 12:32:48 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Google
[2010.12.23 14:25:28 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\gtk-2.0
[2009.08.06 10:10:00 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Identities
[2009.09.19 18:47:51 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\ImgBurn
[2009.09.14 16:51:41 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\InstallShield
[2010.09.07 16:24:30 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\iVolHangar
[2010.12.02 15:05:20 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\iZ3D Driver
[2009.08.06 10:10:00 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Kabel Deutschland
[2009.08.06 10:10:00 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\klickTel
[2009.05.15 15:30:22 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Leadertech
[2009.01.04 17:55:24 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Macromedia
[2010.01.30 19:10:12 | 000,000,000 | --SD | M] -- C:\Users\stutzi\AppData\Roaming\Microsoft
[2009.08.06 10:10:00 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\mIRC
[2010.07.27 16:06:49 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\mkvtoolnix
[2008.12.12 13:05:59 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Mozilla
[2010.08.20 15:00:34 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Mumble
[2009.01.05 12:30:44 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Nero
[2010.01.02 14:28:27 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Nokia
[2011.01.23 16:47:24 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Opera
[2010.03.18 17:12:13 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Panasonic
[2007.07.25 19:00:52 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\PC Suite
[2011.01.15 20:15:22 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Publish Providers
[2009.12.20 19:24:03 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Real
[2010.04.21 12:48:50 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Samsung
[2010.02.06 17:36:13 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\SecondLife
[2008.12.24 15:05:36 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Simply Super Software
[2010.09.16 12:27:15 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Skype
[2010.09.16 12:25:58 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\skypePM
[2009.05.15 15:34:34 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Smart Label Printer
[2011.01.15 20:17:30 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Sony
[2009.10.20 12:47:11 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Symantec
[2009.11.21 13:37:03 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Talkback
[2008.01.29 18:11:13 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\TeamViewer
[2010.03.12 13:52:05 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Template
[2010.11.11 14:21:54 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Thunderbird
[2009.10.27 20:36:16 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Tific
[2009.12.20 14:50:32 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Uniblue
[2010.12.30 14:18:15 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\uTorrent
[2011.01.26 15:56:36 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\vlc
[2010.08.20 15:00:04 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\Vso
[2010.12.28 21:13:27 | 000,000,000 | ---D | M] -- C:\Users\stutzi\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2007.08.15 12:19:22 | 000,087,608 | ---- | M] () -- C:\Users\stutzi\AppData\Roaming\inst.exe
[2010.03.18 21:01:24 | 000,087,182 | R--- | M] () -- C:\Users\stutzi\AppData\Roaming\Microsoft\Installer\{08562160-8047-4E07-9CCE-87925797E357}\_6FEFF9B68218417F98F549.exe
[2010.03.18 21:01:25 | 000,087,182 | R--- | M] () -- C:\Users\stutzi\AppData\Roaming\Microsoft\Installer\{08562160-8047-4E07-9CCE-87925797E357}\_AB0D68BD7D372BBFEA2B89.exe
[2010.03.18 21:01:24 | 000,087,182 | R--- | M] () -- C:\Users\stutzi\AppData\Roaming\Microsoft\Installer\{08562160-8047-4E07-9CCE-87925797E357}\_B617C82D7A407C5F5F7CCA.exe
[2010.03.18 21:01:24 | 000,009,662 | R--- | M] () -- C:\Users\stutzi\AppData\Roaming\Microsoft\Installer\{08562160-8047-4E07-9CCE-87925797E357}\_CBC4319609FDDE12B29E81.exe
[2009.11.04 16:10:16 | 000,010,134 | R--- | M] () -- C:\Users\stutzi\AppData\Roaming\Microsoft\Installer\{37EC24B2-2E75-0AEB-F8A1-12A0C7EB5EED}\ARPPRODUCTICON.exe
[2010.08.21 13:51:55 | 000,028,672 | R--- | M] () -- C:\Users\stutzi\AppData\Roaming\Microsoft\Installer\{63898E1C-0BDC-4FDC-91FC-AB3D3432FB02}\_FCEAE524F0D0_44AF_A79F_D37333D0FE54.exe
[2010.08.05 15:52:41 | 000,000,766 | R--- | M] () -- C:\Users\stutzi\AppData\Roaming\Microsoft\Installer\{6B06C8A7-0BDC-4623-BA43-F2F208D8A17F}\ARPPRODUCTICON.exe
[2010.08.05 15:52:41 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\stutzi\AppData\Roaming\Microsoft\Installer\{6B06C8A7-0BDC-4623-BA43-F2F208D8A17F}\NewShortcut1_36D8EA20EAE54F0C831FFAAC93C49F1F.exe
[2010.08.05 15:52:41 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\stutzi\AppData\Roaming\Microsoft\Installer\{6B06C8A7-0BDC-4623-BA43-F2F208D8A17F}\NewShortcut3_320FE8FC6AA24214AE34B1D5EBE447BA.exe
[2010.08.05 15:52:41 | 000,004,286 | R--- | M] () -- C:\Users\stutzi\AppData\Roaming\Microsoft\Installer\{6B06C8A7-0BDC-4623-BA43-F2F208D8A17F}\NewShortcut4_7189801C17194944BEA9508B409C3CDC.exe
[2010.08.05 15:52:41 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\stutzi\AppData\Roaming\Microsoft\Installer\{6B06C8A7-0BDC-4623-BA43-F2F208D8A17F}\NewShortcut5_CCFB2208ECFD4925A2FA192E89F9939E.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: AHCIX86S.SYS >
[2006.12.29 00:51:56 | 000,110,592 | ---- | M] (ATI Technologies Inc.) MD5=67740F91B47434CC6173A35667A4BA66 -- C:\ATI\SUPPORT\7-7_vista32_dd_ccc_wdm_enu_49713\Driver\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\stutzi\Documents\DriverGenius\Backup\Driver Backup 11-3-2009-182424\IDE-Kanal#1\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\stutzi\Documents\DriverGenius\Backup\Driver Backup 11-3-2009-182424\IDE-Kanal\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\stutzi\Documents\DriverGenius\Backup\Driver Backup 11-3-2009-182424\Standard-Zweikanal-PCI-IDE-Controller\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EVENTLOG.DLL >
[2009.06.02 10:35:36 | 000,032,768 | ---- | M] (Panasonic Corporation) MD5=564FC50A602E5EB2392977E8DEBB26C0 -- C:\Programme\Panasonic\HD Writer AE 1.5\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007.11.29 12:41:09 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007.11.29 12:41:08 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTORV.SYS >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2007.01.05 20:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\drivers\nvstor.sys
[2007.01.05 20:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\DriverStore\FileRepository\nvstor.inf_f48b8337\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: NVSTOR32.SYS >
[2009.08.04 17:44:14 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=269DE658DEAF032564E8B6430B5BD170 -- C:\NVIDIA\nForceWinVista\15.51\English\IDE\Win7\sataraid\nvstor32.sys
[2009.08.04 17:44:14 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=269DE658DEAF032564E8B6430B5BD170 -- C:\NVIDIA\nForceWinVista\15.51\English\IDE\WinVista\sataraid\nvstor32.sys
[2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\NVIDIA\nForceWinVista\15.51\English\IDE\Win7\sata_ide\nvstor32.sys
[2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\NVIDIA\nForceWinVista\15.51\English\IDE\WinVista\sata_ide\nvstor32.sys
[2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_dcdb2e54\nvstor32.sys
[2007.08.09 17:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Users\stutzi\Documents\DriverGenius\Backup\Driver Backup 11-3-2009-182424\NVIDIA nForce Serial ATA Controller#1\nvstor32.sys
[2007.08.09 17:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Users\stutzi\Documents\DriverGenius\Backup\Driver Backup 11-3-2009-182424\NVIDIA nForce Serial ATA Controller\nvstor32.sys
[2007.08.09 17:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_99d8b088\nvstor32.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2007.07.07 21:34:00 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2007.07.07 21:34:00 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.21 16:44:36 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009.04.11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< End of report >
--- --- ---
extras.txt
OTL Logfile: Code:
OTL Extras logfile created on: 26.01.2011 17:36:22 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\stutzi\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 56,00% Paging File free
Paging file location(s): c:\pagefile.sys 512 1024
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 43,09 Gb Free Space | 9,45% Space Free | Partition Type: NTFS
Drive S: | 596,17 Gb Total Space | 36,48 Gb Free Space | 6,12% Space Free | Partition Type: NTFS
Computer Name: STUTZI-PC | User Name: stutzi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11A31AA4-7C8F-48C9-8A15-796F6D249AF8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{12647610-C226-4EA7-A4B6-E53CC76AC031}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{16A8CA74-FA23-4287-9DC9-29BCFC6210B6}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1E661F4B-01E0-4BAD-B6FC-423E3239A23D}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{22834909-E18F-4E71-BC9B-E530BAD8D8EA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{26CEDAC2-2F1A-4EF2-B78C-3B117F0417B0}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{27E4924D-1423-45B3-8DF0-1D5C4A12C9A9}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{35750E96-C63E-482A-99FE-B6FAAA86F3C3}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{3B129F11-4643-4017-83D5-6D2EC0C3C0C9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4C86DB72-E49B-4D68-86BA-1B16F54FCD3B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4E65BF04-0791-4D8F-9F16-C14B3BBC1083}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{542C42F8-816C-465A-BAA5-2C8B8BD01108}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{55A826A4-0529-43D1-B318-5D3C917E36CE}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{56DEEDA5-9A0B-46B7-8F44-0D2EBF9A80E0}" = lport=10300 | protocol=6 | dir=in | app=c:\program files\devolo\informer\devinf.exe |
"{65A6A030-3E28-4851-905B-0D13F768A04C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6C3BD873-20A3-49E4-93AA-650873291D92}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6FD459F5-FC3C-4BB5-93CB-002551E4771D}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{876999A2-2387-41B7-800F-56028947C957}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8B5201C9-F2D8-4807-BC08-B52E6875B164}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8BC10B5B-4D21-4DF1-B1D7-25ECB9AD37A8}" = lport=10301 | protocol=17 | dir=in | app=c:\program files\devolo\informer\devinf.exe |
"{8E2D4910-DE56-4CA6-AA54-BD37B5217F98}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9766DC40-138C-41CC-811C-181C293C32E3}" = lport=8080 | protocol=6 | dir=in | name=kathie |
"{989472E8-B7C6-4C45-B8FF-8A641C40B471}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{A2330E0A-77E1-484C-B6B6-49684ABD40CC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A3047DEE-99D7-43CC-A920-CBA77322E2BE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A5A03326-7CCF-484F-BF5C-7F225CA9370D}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{A87A210A-EEFA-4AF0-B51D-30A6BF0977F4}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B5F035E0-E274-42B6-AF70-B159DF94AB2C}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{BE0742B5-6701-4018-BDC2-0A7BC4A9098B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C3B1E433-9B74-46E0-8E3E-B6C39687D766}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C4D81720-26BB-44B3-BC06-58BB3FC27025}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{CEA9BAE0-4484-4D4B-B895-61AA161FDD9A}" = rport=2869 | protocol=6 | dir=out | app=system |
"{D82342CC-2DF3-471B-A011-4B9B0EF0A371}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D8530CA1-DD67-42C1-AF71-F457E917CA58}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E9715679-7F1C-4955-9ADD-85AA55DC99EA}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F1AD6A94-F0B2-44D4-ABCE-8313F0D9AD63}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{F1F43E0E-F3CC-4FDC-B157-D9488D255892}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F5EE7D16-BABF-42F9-B49F-3A61FEBA321E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{005212C0-1D38-4F45-A071-E022AF6B6B51}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{03B93C0B-9BD5-4E1D-AADC-5204B180EC17}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{05844ADB-05E1-460D-8207-24B25870F094}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0699018C-5A9D-42AB-80A2-5DE29AF66A0F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0AEBA7CE-58F5-41D6-8576-B23885C5EFF2}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0BC772A9-899A-4BA3-8A31-435106F9DBBD}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1263DC76-9C77-4027-8B9E-47ECEACDB6CA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{14B32E43-C87F-4E0C-85EF-72167FF18E84}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
"{14D1D9A2-ADBB-4851-A632-6A5CA5696756}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{16FAC4D2-F514-4202-BA75-10D70F4B5FAA}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{19782CA5-F0D6-46B4-9419-051115674A22}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1C747702-2244-461F-ABFC-258D16891671}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1FED10E8-9D30-40EF-B699-ACCBFCC347FB}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2280AF91-46F0-48FD-9B5F-49C1832BD79A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{23822776-4713-4A8E-8D72-3D5E6EE1F391}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2486547D-B51B-486A-A7FC-A3142215955E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{248A5521-18A3-491C-91E2-1DC9749E3168}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2896CB9F-C7B9-4A7B-B725-1C058C0207E5}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{29F1940C-25B3-44F7-A0F0-6BC051996F37}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{2AA1F38E-313C-423B-BDC0-EEC82F402FE8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B883A0F-E802-447C-A786-EA9603025D6D}" = protocol=17 | dir=in | app=c:\program files\ftprush\ftprush.exe |
"{2B923506-4270-4875-A645-B03A096E5B5A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2F37562F-4FCA-4D07-A154-99E58EF16D37}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2FEEBE28-0A3A-48A9-BF43-5A9D26C33182}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{3101797B-F2E2-49AC-B1C1-2DE99723038C}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{311A63AA-D272-40CA-9B41-516EB2A75253}" = protocol=17 | dir=in | app=c:\windows\temp\kd_installer.exe |
"{32E4BEED-0C64-40A5-B4F4-24F7D26B9363}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{32E4CF8E-D5A5-42CB-ABB0-D74A1A931811}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{3AFED1C3-3D0E-4DF5-B0DA-E4395F10677F}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{40FE2E55-A791-4700-8F30-21F174B01C3F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{556F2042-E3DD-45B1-ADF3-9B58975F409B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{560CA0C7-153C-49D5-BA54-CCBC6B5B94BF}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{57CA66D9-334C-406E-B2D9-46CBFE217A33}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5B795132-BA6C-467B-8EFB-60B7982FA1F3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5CD78313-9316-4839-B45F-A51F0348DB6E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D8AFEFB-D0CA-4A9E-AC05-B4C616FF7668}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5F091766-5C2E-4D36-BF4C-31CA2AB69C6E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{66F3F8A1-763E-4CE1-8741-BC25432A4A08}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{680B64E2-B34F-496A-A31C-3A626F790095}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6A68C287-FEF5-4C31-BE0D-A8A4DC6BDE5C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{6F8DF00C-AD51-415C-A238-7C49C0E64A73}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{709E0871-3F6E-479C-B351-AB5AB640CAE7}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7141467A-959D-40E3-9B41-6292636443EC}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{73612F5A-D9CE-4CFD-A668-39A150BAC9B2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7383D51E-0CF2-40B5-BB8F-BD337483B885}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{739ED880-998B-4594-A287-A6F2C919F13D}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{75D8142A-1E9E-4733-8D66-026CD32F50E8}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7A5056C6-961D-4003-9B7B-5B86ADC53EE5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7BB5FD1A-8D92-42CD-B25C-2EAD8486A993}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7D0BE409-9AC1-4D46-BCF0-2348E7006BD4}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{805FE252-BE1E-4EB3-8549-4BEC6F31C658}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{82785B56-65BD-4C37-92F0-98C4F1EB4FE7}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{84D768B8-649B-41E2-8951-7CD0207E0085}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8615D48E-7AF1-4785-BF6D-D05FF5E101E0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{869BF3B5-EF07-4C4F-BB10-3F6C51BBC4A2}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{879AFD49-690D-44DE-923D-AAC78317B4EB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{884BA108-EE23-4C93-9BE7-3A859BAAA76E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{892D0B4E-7C53-462F-B3B3-9DDC52F0AFC1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{89D69B24-4824-4931-941A-FE7D055D07DE}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8C11DDAC-5121-4DEF-B0BF-E06171442F86}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{90B3AD2A-FB83-48BF-8226-C21186722E1C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9246A1A4-DBA8-49BF-94FA-3674E0D237B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9C1E2F4F-F05B-4767-A3DE-7549707D5549}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9E6F4627-1B48-4F71-BBBF-6C6E0CDACD6E}" = protocol=6 | dir=in | app=c:\windows\temp\kd_installer.exe |
"{A09099D7-1BC0-4EEB-831A-66B13C4765B4}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{A323ACFC-7873-403A-BBB4-5359D7C7F6FC}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AA77983A-F01A-48AB-A3E5-9C371D705D28}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{ACC5DCBD-E1C3-4EB3-B42F-3D9A0A4C9F89}" = protocol=6 | dir=out | app=system |
"{AD99BBAE-1CB3-41B1-9940-43B5A0EB8FC3}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{ADC57A56-5A96-42F3-9155-873F0820FBCB}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{B1A4397F-F55D-48EF-8D89-CC0ECA147150}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B33529B7-B21E-407F-B130-08679A13C6A0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B46089D7-EA14-4D3F-B238-BFB5B6BA3ACA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B7947622-9361-4A09-9B8E-1F1696C8B9E5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BB6C33F6-90E1-44EA-8797-385E97E25E96}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BD22DAFA-E9B3-4C33-969E-16AA996F6542}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BD2EBA74-1545-4B6B-A861-DB89E0800D28}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C1B47AE7-4879-4FE9-8C48-6924663E0F32}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C1CF1CEA-3B97-46D1-868E-69F3CD794B7C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C3129D8A-81F5-44A0-9835-7A201DDD0659}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C32E039C-71D8-47F8-B54A-7E5F45AFB0BE}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C453194C-6250-4601-8E73-60B2D50A2952}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C4E18CAE-58BB-43CD-AC0F-36DFAC6D5531}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{C7A147AC-6104-4039-80A7-2B549D3E45E2}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C8AB2423-8FA2-490E-A1BB-90378F77055F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C9768145-E61D-4B12-816F-C0447CA4DF78}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CA0FD5D0-8872-487E-BB94-3B59E29FDE56}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CB0223A9-EA5A-44BA-B325-F9C796D3E7E5}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CB983A37-8226-4FC1-A370-64468FE2D5A1}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{CC2FDD9C-7EA8-4F62-9706-4D9907B1B045}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CEE2977A-1E17-4205-A1EA-ED6A9F841F8C}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D1B58E27-6DC6-4288-8F12-AFA19EDD3E88}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D23D5891-9E33-4D11-82C0-31C92EDED671}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{D61D3D04-3AD6-4102-8160-87755F1A99B6}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{D84B603A-67F7-4205-94FD-1DF51A68CD99}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E23D8D01-1B7E-4C3B-A3A4-9CEE85512D9F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E34AC80F-3FDA-47D6-BE30-0AB0140F5AE5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E5CF85AC-7690-41DF-A2D7-CD7EC951CCF0}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E65CD396-16C4-452F-8B7F-0F8942E2E16F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E6966A62-DBC8-4217-8210-A5360FD30A77}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EAA00297-4A1C-4C14-B42F-E47FCF918CC5}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EB38D94C-8DBA-4D79-AC40-732258D22D25}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EB84B550-63DF-4A23-BC07-51148EEE2D0F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ED3E54CD-0750-4A92-84F8-6C3D8E57E87D}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
"{F071D6DB-3C05-4BC4-8398-72B550F271B0}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F3700F4B-FCBC-4340-A41C-FB4FF58E2AB5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{F3AF1509-3592-41FA-8DF6-62044201EC4D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F761CFF3-1419-4F6A-B487-A27660073C9B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F798A94F-BBB7-4142-BE88-AAC5CF405A09}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F9D3309C-2A58-49B4-92AA-6A1EF40BA34D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FE1020E6-7E3B-42C9-97B0-ADC1BE58E9C6}" = protocol=6 | dir=in | app=c:\program files\ftprush\ftprush.exe |
"{FE2C0635-2C57-45CD-89F5-9545B0CD7E32}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{FF41F16F-FFA6-45A7-AE63-FF4EDC6885E7}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"TCP Query User{01637B5C-62E1-4CE9-8460-C8814122FD4C}C:\program files\common files\ahead\nero web\setupx.exe" = protocol=6 | dir=in | app=c:\program files\common files\ahead\nero web\setupx.exe |
"TCP Query User{020092D9-9407-469E-90DB-7018D01AA0D1}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{06A3053D-5C2D-43B5-95EC-04B591435F5A}C:\program files\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe |
"TCP Query User{083925A1-128C-41A2-98DB-DC3A29FCFCF9}C:\program files\bit lord 1.1\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bit lord 1.1\bitlord.exe |
"TCP Query User{08E3541E-0F53-470E-9AA6-3FBD3CA52CF4}C:\program files\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe |
"TCP Query User{0AD10CE6-78BD-46C1-ACDA-1CAAB99F4BC1}C:\program files\motorola\software update\msu.exe" = protocol=6 | dir=in | app=c:\program files\motorola\software update\msu.exe |
"TCP Query User{0E86B5A1-C830-4CD2-9768-C22D0F4C97F5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{19C470E9-BA8D-4B92-AA86-AEC8AFEE9297}C:\program files\java\jre1.6.0_07\launch4j-tmp\jdownloader.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_07\launch4j-tmp\jdownloader.exe |
"TCP Query User{2650D26C-C0F1-4F4E-9642-755A948A221F}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe |
"TCP Query User{29DD03FE-4D94-4C0A-BC7B-B11722BA09DB}C:\program files\samsung\samsung new pc studio\npsmediamanager.exe" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsmediamanager.exe |
"TCP Query User{3125577A-036C-43E6-8013-1994A39EADF3}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{3876404C-26E7-447F-BB7E-8C2874280852}C:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"TCP Query User{39365696-53A2-4BEA-B629-AB26F3456A37}C:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"TCP Query User{42E286C6-FFB8-4C77-A842-B7644CCA68CB}C:\users\stutzi\downloads\vlc-easy-streaming-assistent.exe" = protocol=6 | dir=in | app=c:\users\stutzi\downloads\vlc-easy-streaming-assistent.exe |
"TCP Query User{4A68A9A5-9F2D-423E-8434-6FC0FCBEF1ED}D:\d-link.exe" = protocol=6 | dir=in | app=d:\d-link.exe |
"TCP Query User{5B99D9EE-E4D2-424C-974B-AD88539A3533}C:\program files\reflex\simulator\reflex.exe" = protocol=6 | dir=in | app=c:\program files\reflex\simulator\reflex.exe |
"TCP Query User{5D68E431-2031-486C-A6D7-679CD763945C}C:\program files\java\jre1.6.0_07\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\java.exe |
"TCP Query User{5DB1CE83-7AB2-4E54-AA56-DADD6BB0D885}C:\heli-x\java\jre1.6.0_07\bin\java.exe" = protocol=6 | dir=in | app=c:\heli-x\java\jre1.6.0_07\bin\java.exe |
"TCP Query User{6636D236-651E-4BE5-8776-688E577732E8}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{6CD519E7-33FF-4E76-9EDE-BFAA1EA522A2}E:\d-link.exe" = protocol=6 | dir=in | app=e:\d-link.exe |
"TCP Query User{6D49FF47-4475-465A-8764-A1EAC23D47A7}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{885C3894-7DDF-4D4F-A69F-BF4E14A51485}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{91D46816-DF60-4608-AB3F-65E44456095B}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{9DA466D7-97B2-4534-B93D-9CDE57847CB1}C:\program files\secondlifeviewer2\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlifeviewer2\slvoice.exe |
"TCP Query User{A7DE6DE6-1545-47AD-AB82-0188A2D1D883}C:\users\stutzi\downloads\vlc-easy-streaming-assistent.exe" = protocol=6 | dir=in | app=c:\users\stutzi\downloads\vlc-easy-streaming-assistent.exe |
"TCP Query User{ABDF45D5-668E-4414-8177-A9089B7B1946}C:\program files\bit lord 1.1\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bit lord 1.1\bitlord.exe |
"TCP Query User{AEE03987-5B42-4A92-B24C-7D9470252421}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{B1BD6B00-ADD0-4FD8-B907-3A7EE160B0FD}C:\users\stutzi\temp\dyngate\dyngate.exe" = protocol=6 | dir=in | app=c:\users\stutzi\temp\dyngate\dyngate.exe |
"TCP Query User{C1205AE8-13EA-4319-A0B6-F2B184FFCED7}C:\winmx\winmx354beta4\winmx.exe" = protocol=6 | dir=in | app=c:\winmx\winmx354beta4\winmx.exe |
"TCP Query User{C32466D2-FB06-4DEE-A202-11EFF791E1E1}C:\program files\java\jre1.6.0_07\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\javaw.exe |
"TCP Query User{D12426BF-FB4B-4F80-AD01-6CC9C31129D2}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{D846C5D5-108F-443F-AAE2-D0785B8EE941}C:\program files\samsung\samsung new pc studio\npsmediamanager.exe" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsmediamanager.exe |
"TCP Query User{DC106ADD-A848-4128-9065-2EC3355F5FD9}C:\program files\motorola\software update\msu.exe" = protocol=6 | dir=in | app=c:\program files\motorola\software update\msu.exe |
"TCP Query User{DED4629A-C9DC-4BA8-998B-515F75B1DE89}C:\winmx\winmx354beta4\winmx.exe" = protocol=6 | dir=in | app=c:\winmx\winmx354beta4\winmx.exe |
"TCP Query User{DFA6E4A4-CC24-4363-A4DB-7B6E67BE43D2}C:\program files\devolo\informer\devinf.exe" = protocol=6 | dir=in | app=c:\program files\devolo\informer\devinf.exe |
"TCP Query User{E1D9CF26-7012-45CE-BD20-65E9251228B2}C:\program files\secondlife\secondlife.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\secondlife.exe |
"TCP Query User{ED584026-F53F-4F07-8F64-D6D1F7ACC582}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{F7F61D71-6058-4F25-9C30-D6073AA841CD}E:\d-link.exe" = protocol=6 | dir=in | app=e:\d-link.exe |
"TCP Query User{FB089A13-7992-4714-8A60-E09CC5F18E6F}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{043DE8A3-DEBE-476C-B2B6-67B3E0AF9E51}C:\users\stutzi\temp\dyngate\dyngate.exe" = protocol=17 | dir=in | app=c:\users\stutzi\temp\dyngate\dyngate.exe |
"UDP Query User{0E4D51EE-2818-4EEC-9E77-C90C8AECD3B2}C:\heli-x\java\jre1.6.0_07\bin\java.exe" = protocol=17 | dir=in | app=c:\heli-x\java\jre1.6.0_07\bin\java.exe |
"UDP Query User{11117E8B-F250-4E19-BD93-51B98D332189}C:\program files\motorola\software update\msu.exe" = protocol=17 | dir=in | app=c:\program files\motorola\software update\msu.exe |
"UDP Query User{13930794-7F23-4D3C-8C1A-7F71F4A5390A}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{2DE43D6B-FC3A-417E-A8DD-B8C2EEABB37E}C:\program files\motorola\software update\msu.exe" = protocol=17 | dir=in | app=c:\program files\motorola\software update\msu.exe |
"UDP Query User{30206676-9E08-45F1-8AD6-BD1AFF5FEAA6}C:\program files\bit lord 1.1\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bit lord 1.1\bitlord.exe |
"UDP Query User{3D02165E-C6FA-4434-B4A2-7E26099148E1}C:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"UDP Query User{43CB4A1A-94D9-4DF5-90C8-9864974DFB16}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe |
"UDP Query User{4E2B6133-49DE-4595-93E8-D075E3D4FDFD}C:\program files\java\jre1.6.0_07\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\java.exe |
"UDP Query User{52F28461-D8DC-4A6F-BC3B-864DBBB23295}C:\program files\secondlifeviewer2\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlifeviewer2\slvoice.exe |
"UDP Query User{55F1CB9A-BA54-48C9-ABF9-5F7F7CDDFB87}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{5AF1A861-576D-4614-880F-248A542A4877}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{61807DC3-92F2-4242-8844-4877EC478F96}D:\d-link.exe" = protocol=17 | dir=in | app=d:\d-link.exe |
"UDP Query User{67D05986-40E8-401E-BE3D-40033A19F085}C:\winmx\winmx354beta4\winmx.exe" = protocol=17 | dir=in | app=c:\winmx\winmx354beta4\winmx.exe |
"UDP Query User{6A1ACD74-52EB-48CB-B7F5-01C07AAC3B28}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"UDP Query User{6EE4D858-2D30-4ECD-A61A-197AB68E0E00}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{719BE2A6-C02A-4F79-80B4-F83C9A2F9904}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{750A343A-8308-49C3-B663-60AE7AD898FF}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{7DA8E957-FA1B-4B98-B250-881821BAB3E5}C:\program files\common files\ahead\nero web\setupx.exe" = protocol=17 | dir=in | app=c:\program files\common files\ahead\nero web\setupx.exe |
"UDP Query User{9866AC79-1AA3-4010-AF96-5C1FF7540752}C:\users\stutzi\downloads\vlc-easy-streaming-assistent.exe" = protocol=17 | dir=in | app=c:\users\stutzi\downloads\vlc-easy-streaming-assistent.exe |
"UDP Query User{998ABFC7-66A4-400F-87E0-D7C1C9C54932}C:\program files\java\jre1.6.0_07\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\javaw.exe |
"UDP Query User{A5111358-65BF-4B4C-ABCB-5CE61C119801}C:\program files\devolo\informer\devinf.exe" = protocol=17 | dir=in | app=c:\program files\devolo\informer\devinf.exe |
"UDP Query User{A598824F-F02B-4433-9A32-B2B3C493C252}C:\program files\reflex\simulator\reflex.exe" = protocol=17 | dir=in | app=c:\program files\reflex\simulator\reflex.exe |
"UDP Query User{A9A1608A-8D26-4F66-81DF-59D089EBB197}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{AAD9033F-EE76-4189-950C-76FEB2F63E9B}E:\d-link.exe" = protocol=17 | dir=in | app=e:\d-link.exe |
"UDP Query User{ADCEAE5E-322C-4CF2-B4E0-DC6717E5D47B}C:\program files\secondlife\secondlife.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\secondlife.exe |
"UDP Query User{BB0A721D-1494-44F5-92CD-1E542810F474}C:\program files\samsung\samsung new pc studio\npsmediamanager.exe" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsmediamanager.exe |
"UDP Query User{BCDB77D2-AB85-49F7-93A8-DEC34857C3F7}C:\program files\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe |
"UDP Query User{C4D2453F-74A1-4204-BB6D-78178D996D05}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{CE10330C-C681-4E40-980A-0D96B8D6BCC6}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D2571E91-335B-42ED-BCD6-4521B94D68A2}C:\users\stutzi\downloads\vlc-easy-streaming-assistent.exe" = protocol=17 | dir=in | app=c:\users\stutzi\downloads\vlc-easy-streaming-assistent.exe |
"UDP Query User{D492A1C8-F665-468B-B02C-BA4F7436CB6F}C:\program files\java\jre1.6.0_07\launch4j-tmp\jdownloader.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_07\launch4j-tmp\jdownloader.exe |
"UDP Query User{DB537587-6947-46A6-9C05-FB4AACCE3AEA}C:\winmx\winmx354beta4\winmx.exe" = protocol=17 | dir=in | app=c:\winmx\winmx354beta4\winmx.exe |
"UDP Query User{DC2005EE-3E87-4AC6-BA36-D863AE4A9F05}C:\program files\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe |
"UDP Query User{E249025A-4036-41F5-ACDD-F61D14C9AE1D}C:\program files\bit lord 1.1\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bit lord 1.1\bitlord.exe |
"UDP Query User{EF108CCE-3694-4998-8AF7-1392925C9BCB}C:\program files\samsung\samsung new pc studio\npsmediamanager.exe" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsmediamanager.exe |
"UDP Query User{F6B80031-7F97-4198-AB60-36CA3067052D}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{F7F5DBA2-9F62-4B1D-9C8A-61B64D63E3EE}E:\d-link.exe" = protocol=17 | dir=in | app=e:\d-link.exe |
"UDP Query User{FADACB4D-9E20-429D-8A0C-9431A4C51AF4}C:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\slvoice.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06100048-3E21-46D6-9A91-D927BA08F41D}" = Microsoft Encarta 2006 Enzyklopädie Standard
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07E4F3CE-A34E-4667-8DE9-147249FAE468}" = Mein Geld Professional
"{08562160-8047-4E07-9CCE-87925797E357}" = Splash Lite
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0AFC55D4-9CDF-B140-2E4F-0B818B9B8C0E}" = CCC Help Italian
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DE39AB6-D1BF-535C-F342-2F9986801936}" = CCC Help Japanese
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19B2FBFE-27D2-458C-9C75-5280C831E49C}" = CoPilot Central 2.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2240d99e-6c03-43c5-b067-47d44fa82101}" = Nero Move it Trial
"{226EA3C9-0EAF-9546-46C4-F2FF55F7A6F1}" = CCC Help Dutch
"{22980C46-EBB6-C22C-016A-E0CFAC15118B}" = CCC Help Czech
"{22E28BCE-56FE-403B-A378-D5A86B401293}" = h2200 SDIO GER
"{248E4799-DB04-4B1A-902C-194669F995CE}" = Nero Move it
"{250755EE-312C-3B38-1BAF-501A71A3851D}" = CCC Help Turkish
"{262DA23B-4BAB-463F-B1DC-9B5287CAB5CA}}_is1" = Deinstallation der Arcor Online Software
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2D6ED011-055B-4041-B198-BB903827EBFB}" = Safari
"{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1" = iZ3D Driver Remove
"{30D71FC9-E909-330C-57F9-C649C8837AA5}" = CCC Help Greek
"{3154CFC9-2E4F-B839-2944-2A27200B4D64}" = CCC Help Swedish
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{345AE244-BCF5-439E-B301-15E339BEC536}" = Smart Label Printer 6.6
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{361D8754-326D-B7CC-8DC7-95966DD01ED4}" = Catalyst Control Center Graphics Previews Common
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{36E89A40-DD04-239B-A69E-532A27547089}" = CCC Help English
"{37EC24B2-2E75-0AEB-F8A1-12A0C7EB5EED}" = Catalyst Control Center InstallProxy
"{37FD8D84-7B88-6B5A-376A-34E2B7C28816}" = ccc-core-static
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E73E80C-2C31-3CCB-735F-D611C3230893}" = ccc-utility
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{435A92C3-2D70-4CE2-9027-CBC8EA6052FC}" = Motorola Software Update
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{44C05309-60F4-410B-BC32-31733CFF1A46}" = Microsoft Foto 2006 Standard Edition Editor
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Sparbuch 2010
"{4807FDA4-7AF3-66CA-C167-779A333D6FFC}" = Catalyst Control Center Localization All
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CC04CB8-422A-4940-A5C9-90F233690509}_is1" = SRWare Iron 3.0.197.0
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4D92FD47-5138-48D2-B68B-9D0CCFA21CD7}" = Movavi Video Converter 9
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4FB66B14-DB8D-770D-D66F-5243AB27B604}" = Catalyst Control Center Graphics Previews Vista
"{4FE542EB-FF0B-4739-94DD-25C8AE0AB252}" = Microsoft Foto 2006 Standard Edition Bibliothek
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{581CE7EA-A30D-0000-A215-088635773309}" = Atheros AR5007 Wireless LAN - USB
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5A154586-7AEB-4305-3B12-D73F0886B839}" = Catalyst Control Center HydraVision Full
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5DF79887-598B-DE65-9755-4B7D8C3D87BE}" = CCC Help Chinese Standard
"{61A0F92B-89A0-F7AD-4CA2-97991862EB10}" = CCC Help Hungarian
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{635EDAAB-BF20-414D-A87A-3D43BFA3EDB9}" = Targa VFD Display
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63898E1C-0BDC-4FDC-91FC-AB3D3432FB02}" = Tom's RC Download Manager for FMS Models and Landscapes
"{687E8557-CBF3-A7FF-33EC-00BE6266BFAA}" = CCC Help Russian
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A44A28A-5D79-8100-7BDF-FB637E62715B}" = CCC Help Polish
"{6B06C8A7-0BDC-4623-BA43-F2F208D8A17F}" = REFLEX Modellflugsimulator
"{6CC30A7A-A74F-4961-A7C9-E7BB2646BEB1}" = ChargeProfessional
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72FA4B28-3A99-1533-0E7C-94E6D20CD1A8}" = CCC Help Chinese Traditional
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.5.1.135
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7AEF3482-B7B7-4B94-AF63-B249B9BA9D7F}_is1" = HELI-X 1.0 Demo
"{7CA26B08-BEFD-D4D2-52E1-24E730284594}" = Catalyst Control Center Graphics Light
"{816EA7C2-9B8D-48CA-A424-3DE3C80A5033}" = Motorola Driver Installation 4.2.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83ED1E80-A1B7-4236-BCF1-AC4A88151A6B}" = Microsoft AutoRoute 2006
"{864823E0-D48F-4795-B02B-48C8AF1FC36F}_is1" = Wilmaa v.3.0
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab 3.0.7.2
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8CCA961A-E8D1-495B-B01C-BF9B66E535A6}" = X-Micro WLAN 11g USB Adapter
"{8E5CDC9B-CB0A-6E78-5BBE-C3D3F67B50E3}" = CCC Help Norwegian
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{90F1DDBF-0C56-44B0-A920-72CC90C51565}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{96182386-BC5D-4895-A36E-3C83A4886A9F}" = h2200 SDIO
"{96A8FABC-AADB-F299-0826-AF2246CE012F}" = CCC Help Danish
"{96B361E4-A86E-4335-99FF-6C3604788DAB}" = HD Writer AE 1.5
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B0A8A6F-FC9E-796F-CC5D-290161F8E92A}" = ATI Catalyst Install Manager
"{9D98630B-BD50-3C44-58D2-1571AEA889D3}" = CCC Help Portuguese
"{9E4EFA2A-4344-4C56-F927-7F7C53845BE2}" = CCC Help German
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A20A58C4-6784-4B4B-86CC-94E2E3671031}" = Nero 7 Premium
"{a22966bf-b3df-433b-8fa6-b04f00eec4c6}" = Nero 9 Trial
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A37CA3F0-B0C6-8256-02BA-B06CEE1E5BEB}" = CCC Help Korean
"{A724AEC6-494E-6BD5-C12A-9F51AF6C1123}" = Skins
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.5 - Deutsch
"{AC814121-74BA-A025-358E-B706354ED7F5}" = Catalyst Control Center Graphics Full New
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C6622C1D-A04C-48DF-89FD-3B0ED7018170}" = ChargeProfessional
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC2B3907-3DEA-6E0E-E5A5-C6FCF876ECD5}" = CCC Help French
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE28E6F5-4A03-4DED-B954-D0779B47FFBF}" = Works Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1F9CD55-A15A-846F-B2B1-D73F37C65B3E}" = CCC Help Spanish
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D6044256-A309-43B5-9833-D3FAFE2AD24D}" = MagicTune Premium
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}" = Catalyst Control Center - Branding
"{DA08DB77-8603-96AC-ED7D-399D7304D079}" = Catalyst Control Center Localization German
"{DA507A38-4B2A-40C0-90AC-E30AAA0B757C}" = Vegas Movie Studio Platinum 9.0
"{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}" = Branding
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEAC1EEB-48FD-36A6-B87B-58E365C92EFB}" = Catalyst Control Center Graphics Previews Vista
"{DEFA5390-8533-47B5-81F7-3816916BDC6F}" = Nero Move it Help
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile-Gerätecenter: Treiberupdate
"{E728E952-DD4F-4BCD-A5C8-40FBFEFF91FE}" = OpenOffice.org Installer 1.0
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E9E871B9-4E1D-38D7-7ECF-4DFD3708CC67}" = Catalyst Control Center Core Implementation
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EDC66A92-4603-4D72-B28C-570075B55DF0}" = USB Wireless Keyboard Driver
"{EF7F8782-0E8D-A566-195F-8FF2360CA6C8}" = CCC Help Thai
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F15DDD54-CA1A-6764-2CF4-1C601725E96C}" = Catalyst Control Center Graphics Full Existing
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F6081BF5-B4AB-456A-9694-89F5CB6ED270}" = Motorola Phone Tools
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9A4662C-775D-32CF-4B6B-DEC701FDD516}" = CCC Help Finnish
"{F9A63CBA-FB65-44E2-9BFB-927E7208B3D7}" = Motorola Phone Tools
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FA630728-674D-F321-A9CE-C6DF1ED4EB50}" = CCC Help German
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows-Treiberpaket - Nokia Modem (02/15/2007 3.1)
"100 Vertragsvorlagen und juristische Schreiben_is1" = 100 Vertragsvorlagen und juristische Schreiben
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"4077F884D1BB007055BDB83B621D87220A73F30F" = Windows-Treiberpaket - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
"7-Zip" = 7-Zip 4.61 beta
"ABC Amber Audio Converter" = ABC Amber Audio Converter
"abgx360" = abgx360 v1.0.5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Age of Mythology 1.0" = Age of Mythology
"All ATI Software" = ATI - Software Uninstall Utility
"Avi2Dvd" = Avi2Dvd 0.4.5 beta
"Avidemux 2.5" = Avidemux 2.5
"AviSynth" = AviSynth 2.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows-Treiberpaket - Nokia Modem (02/15/2007 3.1)
"BitLord" = BitLord 1.1
"Canon MP620 series Benutzerregistrierung" = Canon MP620 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"ChargeProfessional" = ChargeProfessional
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CloneCD" = CloneCD
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Codec" = DivX Codec
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"dumeter3_is1" = DU Meter
"Duplicate File Cleaner_is1" = Duplicate File Cleaner v2.5
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.3.2
"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Windows-Treiberpaket - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"facemoods" = facemoods
"FLV Player" = FLV Player 2.0 (build 25)
"FTDICOMM" = eQ-3 USB Serial Converter Drivers
"FTPRush_is1" = FTPRush v1 Unicode
"HotspotShield" = Hotspot Shield 1.52
"HP PrecisionScan" = HP PrecisionScan
"Image Grabber II" = Image Grabber II
"ImgBurn" = ImgBurn
"InstallShield_{19B2FBFE-27D2-458C-9C75-5280C831E49C}" = CoPilot Central 2.0
"InstallShield_{8CCA961A-E8D1-495B-B01C-BF9B66E535A6}" = X-Micro WLAN 11g USB Adapter
"IsoBuster_is1" = IsoBuster 2.2
"JDownloader" = JDownloader
"LetsTrade" = LetsTrade Komponenten
"LIDL Fotoservice_is1" = LIDL Fotoservice
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"mIRC" = mIRC
"MKV Minimum Set (LD-Anime) - MatroskaSplitter & VSFilter_is1" = Matroska Pack - Lazy Man's MKV 0.9.9
"MKVtoolnix" = MKVtoolnix 4.1.1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Mumble" = Mumble and Murmur
"NAVIGON Fresh" = NAVIGON Fresh 3.1.1
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.00.1156" = Opera 11.00
"PFConfig" = PFConfig 1.0.223
"PFPortChecker" = PFPortChecker 1.0.32
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2965953352-1890760225-2496969144-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5e834b1348ad41af" = iVol Hangar
"e0c143f1d5b5e1b8" = RapidShare Manager
"Google Chrome" = Google Chrome
"Gtk+ Runtime Environment" = Gtk+ Runtime Environment 2.12.9-2
"MXpie Patch" = MXpie Patch for WinMX Network/WPNP 3.6.3.6
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
--- --- ---
Gruß Francis |
