| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows wurde blockiertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.02.2012, 17:40
| #1 |
 |  Windows wurde blockiert Hallo, hatte gestern das Problem das viele zur Zeit haben das Windows blockiert wurde wenn ich ins Internet gehe. Habe eine Systemwiederherstellung durchgeführt und danach kam ich wieder ins Internet, aber ich denke mir das wahrscheinlich nicht alles gelöscht wurde und deshalb will ich mal hier um Hilfe nachfragen  Ich habe die Windows Vista 32bit Version drauf und Antivire mit allen möglichen Updates. (Falls ich etwas wichtiges vergessen habe bitte bescheid sagen) Systemwiederherstellung würde ich nur im größten Notfall machen, da ich mit dem PC arbeiten muss und mir sonst bestimmt einiges an Zeit verloren geht. Ich bedanke mich schonmal herzlich für alle Antworten |
|
14.02.2012, 17:55
| #2 |
  | Windows wurde blockiert Hi,
__________________OTL Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
und Malwarebytes Antimalware (MAM) Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen: http://filepony.de/download-chameleon/ Danach bitte update der Signaturdateien (Reiter "Aktualisierungen" -> Suche nach Aktualisierungen") Fullscan und alles bereinigen lassen! Log posten. chris
__________________ |
|
14.02.2012, 19:56
| #3 |
| | Windows wurde blockiert Hier schonmal die OTL logs, Malwarebytes Antimalware läuft noch.
__________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 14.02.2012 19:14:12 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kevin\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 48,27% Memory free 10,98 Gb Paging File | 9,45 Gb Available in Paging File | 86,03% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 195,31 Gb Total Space | 71,01 Gb Free Space | 36,36% Space Free | Partition Type: NTFS Drive D: | 270,45 Gb Total Space | 23,09 Gb Free Space | 8,54% Space Free | Partition Type: NTFS Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Kevin\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Google\Update\1.3.21.99\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group) PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - D:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\Programme\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation) PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios) PRC - C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe (VIA) PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\System32\lxbccoms.exe ( ) PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe () ========== Modules (No Company Name) ========== MOD - C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\pdf.dll () MOD - C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\avutil-51.dll () MOD - C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\avformat-53.dll () MOD - C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\avcodec-53.dll () MOD - C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\gcswf32.dll () MOD - C:\Users\Kevin\AppData\Local\Google\Chrome\APPLIC~1\140835~1.163\gcswf32.dll () MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Programme\VIA\VIAudioi\VDeck\Dts2ApoApi.dll () MOD - C:\Programme\VIA\VIAudioi\VDeck\QsApoApi.dll () MOD - C:\Programme\VIA\VIAudioi\VDeck\VMicApi.dll () MOD - D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe () ========== Win32 Services (SafeList) ========== SRV - (BVWYVEOMKJJ) -- File not found SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (postgresql-8.4) -- C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group) SRV - (postgresql-8.3) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (TunngleService) -- D:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (DAUpdaterSvc) -- D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare) SRV - (RosettaStoneDaemon) -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd.) SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software) SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (lxbc_device) -- C:\Windows\System32\lxbccoms.exe ( ) SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (OpenVPNService) -- C:\Programme\OpenVPN\bin\openvpnserv.exe () ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (PnkBstrK) -- C:\Windows\System32\drivers\PnkBstrK.sys () DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (Lavasoft Kernexplorer) -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys () DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation) DRV - (ss_bserd) -- C:\Windows\System32\drivers\ss_bserd.sys (MCCI Corporation) DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI) DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (truecrypt) -- C:\Windows\System32\drivers\truecrypt.sys (TrueCrypt Foundation) DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () DRV - (tap0801) -- C:\Windows\System32\drivers\tap0801.sys (The OpenVPN Project) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: - SOFTWARE\Classes\CLSID\\LocalServer32 File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = hxxp://google.icq.com/search/search_frame.php IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://google.icq.com/search/search_frame.php IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.wieistmeineip.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: NPDyyno@dyyno.com:1.0.0.24 FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@dyyno.com/vlc;version=0.8.6f.2: C:\Program Files\Dyyno\Dyyno Player\npvlc.dll (Dyyno) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.12.30 19:41:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.30 21:51:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.22 17:14:35 | 000,000,000 | ---D | M] [2009.01.23 17:12:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions [2012.02.13 13:38:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions [2010.03.19 20:36:29 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2011.02.02 19:41:10 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.08.26 18:52:16 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.06.15 14:42:29 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.12.30 19:50:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.04.23 10:42:05 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011.03.03 13:30:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010.02.14 18:45:30 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\moveplayer@movenetworks.com [2009.04.20 14:36:41 | 000,000,000 | ---D | M] (Simple Dyyno Launcher) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\NPDyyno@dyyno.com [2010.10.20 19:48:50 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\vshare@toolbar [2010.01.23 12:35:03 | 000,002,321 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\dictcc.xml [2009.06.15 20:46:47 | 000,002,030 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\myvideo-suche-.xml [2009.07.11 11:04:46 | 000,000,727 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\phpnet.xml [2009.01.23 18:10:53 | 000,002,108 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\youtube-videosuche.xml [2012.02.13 13:38:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.01.29 12:33:36 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.03.16 22:19:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.07.16 13:48:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2009.02.19 09:53:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2009.06.05 15:55:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009.08.23 14:39:09 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2011.03.16 22:19:29 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.07.16 13:48:53 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2010.12.30 19:41:01 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.04.21 00:20:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.04.21 00:20:52 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.04.21 00:20:52 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.04.21 00:20:52 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.04.21 00:20:52 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\pdf.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: getPlusPlus for Adobe 16263 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll CHR - plugin: Dyyno Player Plugin (Enabled) = C:\Program Files\Dyyno\Dyyno Player\npvlc.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: iTunes Application Detector (Enabled) = D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\ O1 HOSTS File: ([2012.02.11 21:16:46 | 000,449,370 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 15445 more lines... O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Kevin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\PrxerNsp.dll ( ) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\PrxerDrv.dll (Initex Software) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\PrxerDrv.dll (Initex Software) O15 - HKCU\..Trusted Domains: everestpoker.com ([account] https in Trusted sites) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DE9F9EF-8DB8-41C2-8A1F-AF77E3B8D7FB}: NameServer = 195.50.140.246 195.50.140.248 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E65DDC-D557-4A3C-93DC-0488FAD00A79}: DhcpNameServer = 92.241.168.201 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5348C871-FA4C-48BA-8047-4C204317B8F4}: DhcpNameServer = 7.254.254.254 O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim - No CLSID value found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{5c2a288e-ee35-11df-a91a-d049f4b62852}\Shell - "" = AutoRun O33 - MountPoints2\{5c2a288e-ee35-11df-a91a-d049f4b62852}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{9c031dfe-e967-11dd-b6cc-002354732f26}\Shell - "" = AutoRun O33 - MountPoints2\{9c031dfe-e967-11dd-b6cc-002354732f26}\Shell\AutoRun\command - "" = H:\steambackup2.EXE O33 - MountPoints2\{bd6b5189-dd92-11de-b351-dcac2bc18593}\Shell\AutoRun\command - "" = krwyrv0d.exe O33 - MountPoints2\{bd6b5189-dd92-11de-b351-dcac2bc18593}\Shell\open\Command - "" = krwyrv0d.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.14 19:12:14 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Malwarebytes [2012.02.14 19:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.02.14 19:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.02.14 19:11:43 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.02.14 19:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.02.14 17:58:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe [2012.02.13 17:59:32 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Avira [2012.02.13 17:58:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.02.13 17:58:05 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.02.13 17:58:04 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2012.02.13 17:58:04 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys [2012.02.13 17:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.02.13 17:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2009.01.29 19:28:27 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\PrxerNsp.dll [2009.01.26 14:40:49 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbcserv.dll [2009.01.26 14:40:49 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxbcusb1.dll [2009.01.26 14:40:49 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbchbn3.dll [2009.01.26 14:40:49 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbccomc.dll [2009.01.26 14:40:49 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbcpmui.dll [2009.01.26 14:40:49 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbclmpm.dll [2009.01.26 14:40:49 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxbccoms.exe [2009.01.26 14:40:49 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbccomm.dll [2009.01.26 14:40:49 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbcinpa.dll [2009.01.26 14:40:49 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbciesc.dll [2009.01.26 14:40:49 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxbcih.exe [2009.01.26 14:40:49 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxbccfg.exe [2009.01.26 14:40:49 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBChcp.dll [2009.01.26 14:40:49 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbcprox.dll [2009.01.26 14:40:49 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbcpplc.dll [7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [4 C:\Users\Kevin\Documents\*.tmp files -> C:\Users\Kevin\Documents\*.tmp -> ] [3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.14 19:11:44 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.02.14 18:54:19 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.14 18:54:18 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.14 18:54:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.14 18:54:09 | 3488,735,232 | -HS- | M] () -- C:\hiberfil.sys [2012.02.14 18:52:56 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2012.02.14 17:58:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe [2012.02.14 13:08:07 | 000,026,650 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\wklnhst.dat [2012.02.14 12:42:58 | 000,002,623 | ---- | M] () -- C:\Users\Kevin\Desktop\Microsoft Word.lnk [2012.02.13 21:58:50 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.02.13 17:58:20 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.02.13 16:27:54 | 000,000,404 | ---- | M] () -- C:\Windows\LEXSTAT.INI [2012.02.12 21:23:24 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat [2012.02.12 21:23:24 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat [2012.02.11 21:16:46 | 000,449,370 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012.02.08 19:32:27 | 000,449,370 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120211-211646.backup [2012.02.07 14:30:18 | 000,449,210 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120208-193227.backup [2012.02.05 18:52:43 | 000,449,210 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120207-143018.backup [2012.02.01 14:50:51 | 000,449,210 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120205-185243.backup [2012.01.29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2012.01.26 19:09:46 | 000,699,116 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.01.26 19:09:46 | 000,655,278 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.01.26 19:09:46 | 000,156,440 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.01.26 19:09:46 | 000,128,292 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.01.26 19:09:25 | 000,154,624 | ---- | M] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.25 19:39:51 | 000,449,124 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120201-145051.backup [2012.01.25 12:12:05 | 000,448,311 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120125-193951.backup [2012.01.20 12:17:25 | 000,448,311 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120125-121205.backup [2012.01.20 11:01:22 | 000,448,311 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120120-121725.backup [2012.01.19 12:15:24 | 000,448,311 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120120-110122.backup [7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [4 C:\Users\Kevin\Documents\*.tmp files -> C:\Users\Kevin\Documents\*.tmp -> ] [3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.02.14 19:11:44 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.02.13 17:58:20 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.02.13 16:57:59 | 3488,735,232 | -HS- | C] () -- C:\hiberfil.sys [2011.12.15 05:39:42 | 000,042,392 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011.08.01 18:35:03 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2011.06.12 22:20:17 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI [2011.06.01 13:45:52 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011.06.01 13:45:52 | 000,042,112 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011.05.26 20:17:33 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat [2011.05.26 20:17:33 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat [2011.05.12 20:46:08 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe [2011.01.13 18:18:15 | 000,000,365 | ---- | C] () -- C:\Users\Kevin\AppData\Local\postgresinstall.bat [2011.01.04 15:10:58 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011.01.04 15:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2011.01.04 15:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2011.01.04 15:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2011.01.04 15:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2010.12.06 14:58:56 | 002,496,715 | ---- | C] () -- C:\Windows\System32\abgx360.exe [2010.05.26 19:37:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2010.04.28 20:31:06 | 000,000,068 | ---- | C] () -- C:\Windows\cdplayer.ini [2010.04.02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.03.05 18:47:36 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe [2010.02.27 13:08:29 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2010.02.23 16:13:27 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll [2010.01.27 20:46:45 | 000,138,384 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.12.29 12:32:12 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2009.12.23 20:40:51 | 000,000,762 | ---- | C] () -- C:\Windows\Edofma.INI [2009.08.28 13:25:32 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib [2009.07.23 19:20:43 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2009.05.29 17:36:24 | 000,086,250 | ---- | C] () -- C:\Windows\wininit.ini [2009.05.27 17:23:04 | 000,000,600 | ---- | C] () -- C:\Users\Kevin\AppData\Local\PUTTY.RND [2009.05.12 12:32:34 | 000,014,848 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2009.03.22 21:18:35 | 000,134,989 | ---- | C] () -- C:\Windows\War3Unin.dat [2009.03.15 19:22:50 | 000,000,535 | ---- | C] () -- C:\Windows\ODBCINST.INI [2009.01.29 20:02:15 | 000,000,093 | ---- | C] () -- C:\Users\Kevin\AppData\Local\fusioncache.dat [2009.01.29 19:28:29 | 000,000,386 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\Current.prx [2009.01.26 14:40:49 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbcutil.dll [2009.01.26 14:40:49 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBCinst.dll [2009.01.26 11:19:30 | 000,026,650 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\wklnhst.dat [2009.01.26 11:15:43 | 000,001,187 | ---- | C] () -- C:\Windows\ODBC.INI [2009.01.26 10:43:49 | 000,000,404 | ---- | C] () -- C:\Windows\LEXSTAT.INI [2009.01.25 18:14:10 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009.01.25 18:14:08 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009.01.23 17:21:26 | 000,154,624 | ---- | C] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.01.23 17:10:00 | 000,138,056 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\PnkBstrK.sys [2009.01.23 17:09:45 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2009.01.23 17:09:43 | 000,682,280 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2009.01.23 17:09:43 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2009.01.23 15:28:26 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.01.23 15:28:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.01.23 15:04:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys [2009.01.23 15:04:23 | 000,026,082 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009.01.23 15:03:13 | 000,000,680 | ---- | C] () -- C:\Users\Kevin\AppData\Local\d3d9caps.dat [2008.01.21 08:15:58 | 000,699,116 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.01.21 08:15:58 | 000,156,440 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.12.28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS [2007.02.22 18:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbccoin.dll [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,296,152 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,655,278 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,128,292 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005.10.25 14:51:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbcvs.dll [1999.01.22 21:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL [1998.06.10 00:00:00 | 000,015,120 | ---- | C] () -- C:\Windows\System32\REPUTIL.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 72 bytes -> C:\Windows:437DA1922D9BCD1B @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:A7D1EA69 @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A064CECC @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:41ADDB8A @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:05EE1EEF < End of report > |
|
14.02.2012, 19:57
| #4 |
| | Windows wurde blockiert OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 14.02.2012 19:14:12 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kevin\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 48,27% Memory free
10,98 Gb Paging File | 9,45 Gb Available in Paging File | 86,03% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,31 Gb Total Space | 71,01 Gb Free Space | 36,36% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 23,09 Gb Free Space | 8,54% Space Free | Partition Type: NTFS
Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1BC15B64-C369-496B-A7D8-CFFFC4738F54}" = lport=2869 | protocol=6 | dir=in | app=system |
"{93D28C7D-657A-4A6C-9A39-E8811B331A93}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9B414A25-7921-4077-8A59-B68AA7302B3D}" = lport=6112 | protocol=6 | dir=in | name=6112 |
"{A380219C-62BF-43B3-A6B1-09D5BDF70280}" = lport=1338 | protocol=6 | dir=in | name=1338 |
"{AC91602A-E785-452B-8567-15E5539F3047}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{C6D9711C-F8FC-4968-B369-15E51F4CA809}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{C84A652A-8EBA-4CB9-99A5-A971B83D8A81}" = lport=6112 | protocol=17 | dir=in | name=6112 |
"{DFEAD0CC-CDB7-455C-9249-93B9580096CA}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{FDFCFF18-B31E-40CD-BD14-B5E380366C3A}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02260DC9-E8BB-4709-AE40-AC121E1B75C4}" = protocol=6 | dir=in | app=d:\program files\tunngle\tunngle.exe |
"{050717F2-A386-453C-9E2F-3E820C983899}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{0B15D919-5D5E-44A1-87D3-A138A09B8863}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\rosettastoneltdservices.exe |
"{0CE501C0-FDCF-4D73-B12C-314C4B52CC81}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{102B6718-FC6C-417E-9224-A7EB457B3B58}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{10FAA7ED-BF56-49A0-9FE0-9B82B277744C}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\rosettastonedaemon.exe |
"{13EDE2F6-A665-4156-AF37-9447DE82A910}" = protocol=6 | dir=in | app=d:\program files\dragon age\bin_ship\daorigins.exe |
"{1711F7DC-8DB9-4F7A-8479-F04A13225919}" = protocol=6 | dir=in | app=d:\program files\microsoft games\age of empires iii\age3.exe |
"{1B2A3F2F-1146-4727-97EA-2CCF7BD51B64}" = protocol=17 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe |
"{2292A04C-B868-459D-B9FC-C131350CA1ED}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{23CEBD8A-3C1D-4B0E-882C-A4FCF90AB311}" = protocol=17 | dir=in | app=d:\program files\origin games\fifa 12\game\fifa.exe |
"{2424D9BB-DF60-4D8F-AE13-BC1FCB900C72}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2B8C018F-B057-4F7A-85A4-3ECF943216F9}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{3235C9BD-E643-4991-A705-710F9EA4A2D1}" = protocol=6 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe |
"{3518C955-624F-496D-B0BA-B30391ADAA38}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbcpswx.exe |
"{3630A9D1-6A51-4B39-BEC9-4D15CCD4DDC0}" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{36C40B64-DA14-4D51-8CCC-9BBDCAFA559D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{39E71065-55BB-4394-BA3A-EF8F1A446F4A}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{3A483245-06E6-43D5-8775-CE3D6B3036F7}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\empire total war\empire.exe |
"{3DA9F65D-0F1B-4AC4-93FF-931F8E04C48C}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{3E262613-34F5-40BC-9945-DD865C30B995}" = protocol=17 | dir=in | app=d:\program files\guild wars\gw.exe |
"{3EC05ED4-1271-4608-A9C0-5553C6A9AFD5}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fear.exe |
"{435BA85B-268F-4C94-9075-CEF504A1F201}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4A6297F7-5AAB-451F-AB63-6DCDC1EBEE4A}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{4C9FDD42-5D44-4FC3-8E72-410A9266A9A5}" = protocol=17 | dir=in | app=d:\program files\rvg software\holdem manager\holdemmanager.exe |
"{4E48D4A7-54F5-4CB8-BCE4-D3D267E2B647}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{538A5A86-8353-45C0-ACAC-0C5A64CDE326}" = protocol=17 | dir=in | app=c:\windows\system32\lxbccoms.exe |
"{563115A1-0AB3-403A-A358-8CC8169C7C92}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{64526B2B-07FE-4CB9-995A-EC99BD56CEC4}" = protocol=6 | dir=in | app=d:\program files\origin games\fifa 12\game\fifa.exe |
"{67992397-B7F7-48C9-AFB8-4D2413AED5C2}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{68D0A40B-8F8C-450C-AFB0-108EFC58CA95}" = protocol=17 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{690B9E13-F0F1-4C73-BE7F-F9D7DE3AB7D9}" = protocol=6 | dir=in | app=d:\program files\itunes\itunes.exe |
"{6A07AFBB-4BCF-4EA3-B508-52A3610868DC}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{6B061DED-E945-4814-B47A-FC9F738527B4}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{6D04846C-3871-404E-8733-DD022C80F67F}" = protocol=17 | dir=in | app=d:\program files\tunngle\tunngle.exe |
"{723E5170-3CBE-40B8-8F55-7AD9AC5820A3}" = protocol=17 | dir=in | app=d:\program files\rockstar games\eflc\launcheflc.exe |
"{72B0DB13-159F-4B56-BE61-0FAC797EB6FF}" = protocol=6 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe |
"{750974CD-2435-4972-ADF3-F528CBC8235B}" = protocol=17 | dir=in | app=d:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{76DAFFCF-C701-4127-A0F9-BB5BA3FD1BB1}" = protocol=17 | dir=in | app=d:\program files\jdownloader\jdownloader.exe |
"{790146CC-0E13-491D-B8B4-BBB41C56F905}" = protocol=17 | dir=in | app=d:\program files\dragon age\daoriginslauncher.exe |
"{816D2944-2DDC-4CA2-82B1-FD5A19CBECB7}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{82D89747-9AB8-4AE0-9EF0-BC90C1F3AD2B}" = protocol=6 | dir=in | app=d:\program files\rockstar games\eflc\launcheflc.exe |
"{8395DC00-59CF-451E-98B3-AA3B56F4BFE8}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{84ECAE31-FC9E-4C68-8E94-D26484B812F5}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{878CF526-CDEE-4F0B-9B48-3A33B6456523}" = dir=in | app=c:\program files\rosettastoneltdservices\rosettastoneltdservices.exe |
"{88779E37-82FB-4FF0-B070-B60C5C67BB61}" = protocol=6 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{89D5CA6B-C59E-421F-B29A-C3139E64C405}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{8D9080F5-CBB9-4D78-9741-EB29E4137EC8}" = protocol=17 | dir=in | app=d:\program files\tunngle\tnglctrl.exe |
"{8DD8DE8D-5C60-431F-94A2-2085321DF1A0}" = protocol=6 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{8E10E4F2-102D-4313-A0C2-49FC0F8A9780}" = protocol=6 | dir=in | app=c:\windows\system32\lxbccoms.exe |
"{8F352AF1-718E-478D-A562-B315AF975D36}" = protocol=6 | dir=in | app=d:\program files\rvg software\holdem manager\dbcontrolpanel.exe |
"{9066254F-CA05-4EAD-A4F2-C51E4E680FB5}" = protocol=17 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe |
"{90EE8DC0-423B-4889-8746-4EAA937158D5}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fearxp\fearxp.exe |
"{91371408-6EF0-4D66-BA1A-CE2273A4C934}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{954EADF2-6428-4413-BDAA-9B642E192696}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{98A92B9B-2335-41B4-95F7-07262B5991EF}" = protocol=6 | dir=in | app=d:\program files\rvg software\holdem manager\holdemmanager.exe |
"{9C32CA59-2829-4D89-9165-B97478D864BF}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{A2A87C3B-F9F4-4756-AD7E-E9AF4FC1330B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{A3D2E1C9-2EEE-4A9C-AA5F-070D9DF59537}" = dir=in | app=c:\program files\rosettastoneltdservices\rosettastonedaemon.exe |
"{B10D5103-085B-4117-9133-F70B2C643F75}" = protocol=6 | dir=in | app=d:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{B2DF138E-9D08-481D-A35C-3DF328E167AD}" = protocol=17 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{B2E8F5FC-C809-4468-89C7-7BC5F4A98AEE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B3740786-CCE7-4F72-94A8-2144178CE1DC}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fear.exe |
"{B5F30A51-1A31-4C51-BA5B-81D57F176B3A}" = protocol=17 | dir=in | app=d:\program files\microsoft games\age of empires iii\age3.exe |
"{B9BA56B4-9973-4FCE-BB3F-FE3BA14D123E}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{C2C7D9BA-F032-4721-BE08-FC5CC192779B}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{C3FCFC0F-6786-4BCD-8E90-7FAC5F771B8E}" = protocol=6 | dir=in | app=d:\program files\dragon age\daoriginslauncher.exe |
"{C6EE227B-D4C8-447A-9839-F4180B9B47B8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C9227D88-0738-4AAF-8B83-FC1EC143C487}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{CC4BBF49-1B60-442E-89A9-B06A529E79EF}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fearxp\fearxp.exe |
"{CF275D39-5B34-4F54-9AAC-E67D11014EF2}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{D0A342DE-47F0-40E5-9DDC-26A00D484ADE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D0FF87E1-C68C-4DD2-B2D0-94E4CFC3FF1C}" = protocol=17 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{D155E9CF-FB09-493B-A41C-49B03EC8F8DB}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{D7C61099-0E88-4FC1-A2A7-BBD4B33A57D9}" = protocol=6 | dir=in | app=d:\program files\tunngle\tnglctrl.exe |
"{DA2244EA-B8AF-4632-9ED7-17EDC40614BC}" = protocol=6 | dir=in | app=d:\program files\jdownloader\jdownloader.exe |
"{DEF5CCD5-D345-4C7B-9B5E-7204566625EC}" = protocol=6 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{E013AFFF-F7CB-4D5B-AFDC-7A867571087C}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\empire total war\empire.exe |
"{E07CD312-6F7C-45E7-BA3B-DCCF6DDC235E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E0C4163B-AFA6-4B91-A36D-BA5A74848E85}" = protocol=17 | dir=in | app=d:\program files\dragon age\bin_ship\daorigins.exe |
"{E1694F0D-443C-4AF3-B632-53A516E6E2D6}" = protocol=6 | dir=in | app=d:\program files\rvg software\holdem manager\hmhud.exe |
"{E2A90B3E-2D2F-4451-98BD-3965C1E50BE7}" = protocol=17 | dir=in | app=d:\program files\rvg software\holdem manager\dbcontrolpanel.exe |
"{E2D38A28-619B-4834-AF19-44745E421847}" = protocol=6 | dir=in | app=d:\program files\guild wars\gw.exe |
"{E3419925-96B7-4252-8A83-793EC1FC6CCF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbcpswx.exe |
"{E9B24E58-D222-416D-9A21-7000279F0571}" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{EE8BC520-C3F9-4AD8-B582-718CB0F6D022}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{F322ECEA-F096-411A-949E-5C828DD2E3E5}" = protocol=17 | dir=in | app=d:\program files\rvg software\holdem manager\hmhud.exe |
"{F32BC7EA-EE55-451E-83BA-2390596BCF5D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{F59FDB2E-6B16-4D9E-9E79-BAE045C89F89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FA037785-B456-43D8-B5C1-23B33479A2CF}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{FA640713-D0A0-48F1-965A-F8C400DE261C}" = protocol=6 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{FBB8494F-3FBD-49A7-97CA-179BDB9729D2}" = protocol=17 | dir=in | app=d:\program files\itunes\itunes.exe |
"{FC00CB47-D4D8-400F-9E57-D4446BD637A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FCD0F2B3-1DDD-4755-96DF-1356DAE8E10C}" = protocol=17 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{FD842E24-0121-4040-9F34-B835AF063345}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{FE49D6DF-5DF5-4677-81B4-9CD40252F8C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{049D0E66-0298-4E8B-9358-D47E8FDB0C3F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{04F344EC-5E4D-43F6-AFCE-22EE95F7FB50}D:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=6 | dir=in | app=d:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe |
"TCP Query User{08174836-18B6-4FAA-A655-2571C7877725}D:\program files\rockstar games\eflc\eflc.exe" = protocol=6 | dir=in | app=d:\program files\rockstar games\eflc\eflc.exe |
"TCP Query User{0C126593-312B-4AD3-863D-8400420B58B9}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{0C1461D8-90F6-4C35-AFAC-24D5E8C44CA4}C:\program files\activision\empires dawn of the modern world\empires_dmw.exe" = protocol=6 | dir=in | app=c:\program files\activision\empires dawn of the modern world\empires_dmw.exe |
"TCP Query User{0CE0CFA6-E3A7-4CD4-B0DE-3B57D98C23EB}D:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe |
"TCP Query User{124E94B1-4E62-42E7-99E3-CC7BF683C40E}D:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=d:\program files\intervideo\dvd8\windvd.exe |
"TCP Query User{1416E868-8826-47F9-BDD3-F75ED2C5181B}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{14308610-31A2-4E31-AC07-0DDBA6690333}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{1B7FE7CC-DBF3-458A-80D3-5FEA509CCE67}D:\program files\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\program files\world of warcraft\launcher.exe |
"TCP Query User{1D2E2B02-D8A0-42C1-8466-0A36F0902BC9}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{3C0AB35C-276B-414D-A213-E54BBBB838DF}D:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe |
"TCP Query User{49D913CB-E95A-4154-88F6-C93E1752763F}D:\program files\winhttrack\winhttrack.exe" = protocol=6 | dir=in | app=d:\program files\winhttrack\winhttrack.exe |
"TCP Query User{4FE52CA6-24AA-40ED-BDFA-005BF946FC2A}D:\program files\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=d:\program files\valve\portal 2\portal2.exe |
"TCP Query User{6AF44318-D101-489A-9755-24201C6661E6}D:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{6B07766E-D96C-49E9-9A06-8DA31F794839}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{6E85616E-0AC0-4DBB-A33C-812E9E52B214}C:\program files\graffiti studio 2.0\graffiti studio.exe" = protocol=6 | dir=in | app=c:\program files\graffiti studio 2.0\graffiti studio.exe |
"TCP Query User{74F4E9B8-5458-4F9F-98D5-44928363DB1E}D:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\program files\sopcast\sopcast.exe |
"TCP Query User{836C65D3-9920-4A7B-9412-98DB2ED728E8}D:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{90414F95-AB68-4239-BCB5-B36E9C41F391}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"TCP Query User{94F32068-74E9-43E9-99DF-E6ADAE1FC09C}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{96097F71-1DAA-461B-829A-AB480AE296D1}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{96C6F46D-7F7E-4E33-ACEB-C16A1FE2F753}D:\program files\ubisoft\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"TCP Query User{9ABA2525-3565-4259-A03E-24ADEF7EABE3}D:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe" = protocol=6 | dir=in | app=d:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe |
"TCP Query User{9B5354C6-39D5-4310-BC11-D6CE303EB780}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{A3890824-D3F6-4F4F-ADF3-D4E2F7ACFED5}C:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe" = protocol=6 | dir=in | app=c:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe |
"TCP Query User{AFFDAD41-1AF0-4AA9-A89B-BF912C6520A3}D:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"TCP Query User{B9B481CC-80B5-410D-9E1D-3A38ADEE3F58}D:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{C3276851-E358-4B72-9A07-ED0D8BF93299}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{E0831070-2F42-4BA3-95CC-25B22F88277D}C:\program files\x-chat 2\xchat.exe" = protocol=6 | dir=in | app=c:\program files\x-chat 2\xchat.exe |
"TCP Query User{E4782409-E453-45AA-8C55-6FB1B41B9E28}C:\program files\openvpn\bin\openvpn.exe" = protocol=6 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe |
"TCP Query User{E89CBB6F-3FDC-4543-B1F3-49D067CCD41C}C:\users\kevin\temp\teamviewer\version4\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\kevin\temp\teamviewer\version4\teamviewer.exe |
"TCP Query User{F8783AAA-F8E2-4820-884A-9E8C25DBD531}D:\program files\ubisoft\related designs\anno 1404\addon.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\addon.exe |
"UDP Query User{02993BB8-1AEE-451D-8FEB-F9B2BC730D15}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{0378D491-90D0-47E8-9F5F-B5BD4BA7D2D7}D:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=17 | dir=in | app=d:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe |
"UDP Query User{0576D843-2AB9-4805-800C-F65355E2553E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{0FBE7B06-3488-4C92-ABBF-813488D24215}D:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\program files\sopcast\sopcast.exe |
"UDP Query User{126CC74A-8A3C-42DD-AA55-32C1862A9A4A}C:\program files\activision\empires dawn of the modern world\empires_dmw.exe" = protocol=17 | dir=in | app=c:\program files\activision\empires dawn of the modern world\empires_dmw.exe |
"UDP Query User{2135D95F-6179-48A4-AB5F-23E6A6683DDE}D:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{22DC7004-F415-4A63-A3AB-CEA9D14A2A4D}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{24CF0632-9E3A-427B-9A89-6CFA95A0CF0F}D:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{2B0C7EDD-9757-4908-839E-CE60AD3AAB94}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{2ED5D616-E6CA-40E5-8295-2F8260D4C2D2}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{33234148-933E-406B-867E-4F6FE70750C6}D:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe" = protocol=17 | dir=in | app=d:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe |
"UDP Query User{397800EC-ADF1-4E68-97E7-623353BC6BBB}C:\program files\openvpn\bin\openvpn.exe" = protocol=17 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe |
"UDP Query User{39876B57-9949-4193-B7BB-62965B7CA361}C:\program files\x-chat 2\xchat.exe" = protocol=17 | dir=in | app=c:\program files\x-chat 2\xchat.exe |
"UDP Query User{3CEC3EB6-213D-4754-AAA0-F70A7DF77DB9}D:\program files\winhttrack\winhttrack.exe" = protocol=17 | dir=in | app=d:\program files\winhttrack\winhttrack.exe |
"UDP Query User{48C2ECB9-17B2-48C5-87DB-F9B1317EB174}D:\program files\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=d:\program files\valve\portal 2\portal2.exe |
"UDP Query User{48FBD34E-91B9-43EB-935F-3A037D8934F1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{4BF507AB-6E70-46A7-AE59-4B242C49FF87}D:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"UDP Query User{4EB37FA1-7A9F-448A-A0B2-49D36334763F}C:\program files\graffiti studio 2.0\graffiti studio.exe" = protocol=17 | dir=in | app=c:\program files\graffiti studio 2.0\graffiti studio.exe |
"UDP Query User{520A5AFE-1914-4276-82DE-EFF1AB4C6528}D:\program files\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\program files\world of warcraft\launcher.exe |
"UDP Query User{61C080E2-1D35-4A75-AFB4-9EE03D9486F4}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{638DCCE4-D8A3-40C7-8C48-D3CF6D496BF8}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{6396DB85-D5BB-485F-87B7-A29190E1D724}D:\program files\ubisoft\related designs\anno 1404\addon.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\addon.exe |
"UDP Query User{73909B1C-8977-416E-B65E-0E7D64AB199D}D:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe |
"UDP Query User{7EA54910-C7E0-40AB-85D4-8C00AC544246}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{810E8CAE-E004-4F84-A689-8D452C9459AB}C:\users\kevin\temp\teamviewer\version4\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\kevin\temp\teamviewer\version4\teamviewer.exe |
"UDP Query User{84787A75-BB9D-481F-88E0-DFEAFDB53536}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{8946B41A-3B34-4FD8-B8DB-25A8A8690BC0}D:\program files\ubisoft\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"UDP Query User{8FAF48EF-3C10-452B-AEF0-BCECCD682355}C:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe" = protocol=17 | dir=in | app=c:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe |
"UDP Query User{A0FB9F23-81DB-4467-A9D0-96B933FC272A}D:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe |
"UDP Query User{BE02FC87-B499-4FAA-BE33-B9E5700844E5}D:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=d:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{C0D295DE-8E05-4585-843E-93FC298484EA}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"UDP Query User{F473267A-E72F-4133-B22F-74F39EAC164F}D:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{F4B67866-96DB-4695-84A5-484A19FA9DA8}D:\program files\rockstar games\eflc\eflc.exe" = protocol=17 | dir=in | app=d:\program files\rockstar games\eflc\eflc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{04440044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Enzyklopädie 2004
"{045A9539-37B6-464D-94F9-E4ADFA856903}" = PokerStrategy.com Equilator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D994CC5-819F-4657-84DD-397B8FE1EA80}" = Star Wars Jedi Knight Jedi Academy
"{0E9389C0-0E8A-4174-A430-CFAFF29CC3A7}" = PokerStrategy.com Equilab
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{1459C671-45F3-4A58-8EA6-3B675460E51A}" = DO Kopfrechnen
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars(TM): Knights of the Old Republic (TM)
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{2F8BE683-EF69-4D18-9974-DB0C1832A516}" = ICM Trainer Light
"{3230518C-2953-4FB9-8485-B3CDFCC36A70}" = Rosetta Stone Ltd Services
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{39930321-4C58-4B8B-BCBF-342698C9801D}" = Max Payne
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE2032D-B1DA-4057-9D1E-4120F8B64367}" = DSLaufzeit
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{45B4FF51-D048-46A1-AE2C-3786F2221F47}" = DSRechner
"{47EA4DDF-FD99-46B3-846C-9F3F315268AD}" = ICM Trainer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B680750-760B-49E4-81E7-21B2B337F9F7}" = Microsoft Works
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{628C3D50-F524-4C49-A958-672CE7953756}" = Der Herr der Ringe® - Die Eroberung™
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7AF9D464-6627-4FB9-AEF9-15D6C972CA84}_is1" = Minecraft Beta Version 1.7.3
"{7C3D8108-8D99-427F-A1C2-D8E0D25A469C}" = Tom Clancy's EndWar
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{909BBDB7-BABE-434C-9124-863A9F8D1CF8}" = FEAR Extraction Point
"{90DA7F39-B9D4-4FB1-93A0-6B10F83E35E2}" = Wer wird Millionär - Party-Edition
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD 4
"{99889189-C739-4A46-BA02-3B271A118957}" = F.E.A.R. Mission Perseus
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = Die Siedler 7
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A1416622-0DDE-45B5-B06C-DFC3ED94C53B}" = Der Pate® II
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A53BEB85-A538-4F93-BF0C-2D9770532D10}" = Lost Horizon
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BB47D7EA-7EF1-475C-9C14-AF5B8FCA45E2}" = Condemned - Criminal Origins
"{BE9A67F1-BDD3-4259-9F5C-2EFCE6B3A6C5}" = Clive Barker's Jericho
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C2F8468F-85AB-4D08-A68E-01D328E7B261}" = PokerStrategy.com Elephant
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CAD1691A-FA24-4B95-9009-3257B8440ECC}" = Tom Clancy's Splinter Cell Double Agent
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1D632A2-E249-466D-A094-B1B934D37645}_is1" = Stronghold Kingdoms
"{D2ECAEB9-1ACD-4DA2-B3F6-4A94A429FC8C}" = Legendary
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: The Complete Saga
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DC158DF7-6B36-4C6F-BC91-109014297994}" = FIFA 11 Demo
"{DEED33EE-4357-4907-8F20-C1A50CC68A5A}" = USB Joystick
"{E184BB79-61A3-4B0A-86D1-12A56C0A7270}" = Painkiller Resurrection
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E71AC707-179D-458D-A1E8-F52977CAEAB4}" = M.U.D. TV
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{F027C8E3-6DBD-492A-9959-7B36B1DE0D65}" = Ad-Aware
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F73D18C1-F4DA-4B9F-9C46-5185F5D3DB7C}" = F.E.A.R. 2 SP Demo
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FB32F52B-0D1C-4214-91A6-5B2DA15A5238}" = Ad-Aware
"{FD025150-EEA0-4CAC-BED1-B9837783FCC8}" = ActivePerl 5.10.0 Build 1005
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"abgx360" = abgx360 v1.0.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"APP-Codejock.SuitePro.ActiveX.v12.0.1_is1" = Xtreme SuitePro ActiveX v12.0.1
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"Ask Toolbar_is1" = Ask Toolbar
"Aspell German Dictionary_is1" = Aspell German Dictionary-0.50-2
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.8 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"bet365poker" = Poker at bet365
"Black Mirror 2_is1" = Black Mirror 2
"Black Mirror III_is1" = Black Mirror III
"Brain Workshop_is1" = Brain Workshop 4.4
"Call of Duty Black Ops GERMAN Uncut 1.00" = Call of Duty Black Ops GERMAN Uncut 1.00
"CCleaner" = CCleaner (remove only)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dues Ex Human Revolution_is1" = Dues Ex Human Revolution
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"DyynoPlayer" = DyynoPlayer 0.8.6f.2
"EFCL SecuLauncher Error Fix v1.1 by TokZic 1.1" = EFCL SecuLauncher Error Fix v1.1 by TokZic 1.1
"Empires Dawn of the Modern World" = Empires Dawn of the Modern World
"Eraser" = Eraser
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"F.E.A.R. 3_is1" = F.E.A.R. 3
"F.E.A.R.2 Reborn_is1" = F.E.A.R.2 Reborn
"FeedReader_is1" = FeedReader
"FileZilla Client" = FileZilla Client 3.3.4.1
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Billiards 2008_is1" = Free Billiards 2008
"Free YouTube Download_is1" = Free YouTube Download 2.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Game Booster_is1" = Game Booster
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"GFWL_{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"GNU Aspell_is1" = GNU Aspell 0.50-3
"Google Updater" = Google Updater
"Graffiti Studio 2.0_is1" = Graffiti Studio 2.0
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen)
"Guild Wars" = GUILD WARS
"HijackThis" = HijackThis 2.0.2
"HoldemManager" = Holdem Manager
"ICQToolbar" = ICQ Toolbar
"ImgBurn" = ImgBurn
"InstallShield_{045A9539-37B6-464D-94F9-E4ADFA856903}" = PokerStrategy.com Equilator
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"InstallShield_{D2ECAEB9-1ACD-4DA2-B3F6-4A94A429FC8C}" = Legendary
"InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: Die Komplette Saga
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"JDownloader" = JDownloader
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Lexmark 510 Series" = Lexmark 510 Series
"Lexmark Z500-Z600 Series" = Lexmark Z500-Z600 Series
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mikogo" = Mikogo
"MobMap_is1" = MobMap 3.55
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"MyMDb_0" = MyMDb 3.6
"Nero - Burning Rom!UninstallKey" = Ahead Nero OEM
"NeroVision!UninstallKey" = Ahead NeroVision Express
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OpenVPN" = OpenVPN 2.0.9-gui-1.0.3
"Origin" = Origin
"PartyPoker" = PartyPoker
"Pidgin" = Pidgin
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"Postal 2_is1" = Portal 2
"PostgreSQL 8.3" = PostgreSQL 8.3
"PostgreSQL 8.4" = PostgreSQL 8.4
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Proxifier_is1" = Proxifier version 2.7
"PunkBusterSvc" = PunkBuster Services
"Quick Memory Editor_is1" = Quick Memory Editor 5.5
"QuickPar" = QuickPar 0.9
"RealPlayer 12.0" = RealPlayer
"Schlag den Raab_is1" = Schlag den Raab
"Shockwave" = Shockwave
"SitNGoWizard" = SitNGo Wizard
"SMPlayer_is1" = SMPlayer 0.6.6
"SopCast" = SopCast 3.2.4
"Steam App 10500" = Empire: Total War
"Steam App 240" = Counter-Strike: Source
"Steam App 400" = Portal
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 500" = Left 4 Dead
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"TeamViewer 6" = TeamViewer 6
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"TrueCrypt" = TrueCrypt
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.7
"UseNeXT_is1" = UseNeXT
"VirusTotalUploader" = VirusTotal Uploader
"VirusTotalUploader2.0" = VirusTotal Uploader 2.0
"Visual Basic 6.0 Professional Edition (deu)" = Microsoft Visual Basic 6.0 Professional Edition (Deutsch)
"VLC media player" = VLC media player 0.9.8a
"Warcraft III" = Warcraft III
"WebMoney Agent" = WebMoney Agent
"Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.5
"WebPost" = Microsoft Web Publishing Wizard 1.53
"Wecker 2.2" = Wecker 2.2 2.2
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9
"WinPatrol" = WinPatrol 2008
"WinRAR archiver" = WinRAR
"Works2004Setup" = Setup-Start von Microsoft Works 2004
"World of Warcraft" = World of Warcraft
"xampp" = XAMPP 1.7.1
"X-Chat 2_is1" = X-Chat 2.8.6-2
"Xfire" = Xfire (remove only)
"XnView_is1" = XnView 1.96.5
"xp-AntiSpy" = xp-AntiSpy 3.97
"Zygor Guides" = Zygor Guides
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"360WAVESPATCHERCLT" = 360WavesPatcher (Client setup)
"BrainGame" = Dr Kawashima
"Google Chrome" = Google Chrome
"Runic Games Torchlight" = Torchlight
"sc10-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Universal Replayer" = Universal Replayer
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 14.02.2012 13:55:30 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-14 18:55:30 CETFATAL: role "SYSTEM" does not exist
Error - 14.02.2012 13:55:31 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-14 18:55:31 CETFATAL: role "SYSTEM" does not exist
Error - 14.02.2012 13:55:32 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-14 18:55:32 CETFATAL: role "SYSTEM" does not exist
Error - 14.02.2012 13:55:33 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-14 18:55:33 CETFATAL: role "SYSTEM" does not exist
Error - 14.02.2012 13:55:34 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-14 18:55:34 CETFATAL: role "SYSTEM" does not exist
Error - 14.02.2012 13:55:35 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-14 18:55:35 CETFATAL: role "SYSTEM" does not exist
Error - 14.02.2012 13:55:36 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-14 18:55:36 CETFATAL: role "SYSTEM" does not exist
Error - 14.02.2012 13:55:37 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-14 18:55:37 CETFATAL: role "SYSTEM" does not exist
Error - 14.02.2012 13:55:38 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-14 18:55:38 CETFATAL: role "SYSTEM" does not exist
Error - 14.02.2012 13:55:39 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-14 18:55:39 CETFATAL: role "SYSTEM" does not exist
[ SitNGoWizard Events ]
Error - 18.10.2011 13:22:40 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 26.12.2011 13:44:20 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
Error - 26.12.2011 13:44:21 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 26.12.2011 13:44:30 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
Error - 26.12.2011 13:44:30 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 26.12.2011 13:44:40 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
Error - 26.12.2011 13:44:40 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 12.01.2012 16:45:46 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
Error - 12.01.2012 16:45:47 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 05.02.2012 17:31:48 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
[ System Events ]
Error - 13.02.2012 12:15:12 | Computer Name = Kevin-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0023C359FE3A zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 13.02.2012 12:15:21 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 13.02.2012 12:15:41 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 13.02.2012 12:21:07 | Computer Name = Kevin-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0023C359FE3A zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 13.02.2012 12:56:01 | Computer Name = Kevin-PC | Source = HTTP | ID = 15016
Description =
Error - 13.02.2012 12:57:29 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 14.02.2012 05:13:25 | Computer Name = Kevin-PC | Source = HTTP | ID = 15016
Description =
Error - 14.02.2012 05:14:49 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 14.02.2012 13:54:17 | Computer Name = Kevin-PC | Source = HTTP | ID = 15016
Description =
Error - 14.02.2012 13:55:41 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description =
[ TuneUp Events ]
Error - 17.09.2011 17:57:15 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-09-17 23:57:15', '\device\harddiskvolume2\program
files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe','3892',0)
Error - 18.09.2011 09:03:35 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-09-18 15:03:35', '\device\harddiskvolume2\program
files\ubisoft\tom clancy's splinter cell double agent\scdalauncher.exe','5564',0)
Error - 18.09.2011 09:03:50 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-09-18 15:03:50', '\device\harddiskvolume2\program
files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe','5080',0)
Error - 20.09.2011 16:15:45 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-09-20 22:15:45', '\device\harddiskvolume2\program
files\ubisoft\tom clancy's splinter cell double agent\scdalauncher.exe','6644',0)
Error - 20.09.2011 16:15:55 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-09-20 22:15:55', '\device\harddiskvolume2\program
files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe','6740',0)
Error - 21.09.2011 02:43:41 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-09-21 08:43:41', '\device\harddiskvolume2\program
files\ubisoft\tom clancy's splinter cell double agent\scdalauncher.exe','4696',0)
Error - 21.09.2011 02:52:11 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-09-21 08:52:11', '\device\harddiskvolume2\program
files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe','4572',0)
Error - 14.02.2012 14:12:18 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-14 19:12:18', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','5992',0)
Error - 14.02.2012 14:12:33 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-14 19:12:33', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','6052',0)
Error - 14.02.2012 14:12:48 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-14 19:12:48', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','4452',0)
< End of report >
|
|
14.02.2012, 20:38
| #5 |
| | Windows wurde blockiert Hi, ich denke ich habe ihn.... O33 - MountPoints2\{bd6b5189-dd92-11de-b351-dcac2bc18593}\Shell\AutoRun\command - "" = krwyrv0d.exe O33 - MountPoints2\{bd6b5189-dd92-11de-b351-dcac2bc18593}\Shell\open\Command - "" = krwyrv0d.exe Wenn MAM ihn nicht killt machen wir es per hand... chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) |
|
14.02.2012, 20:53
| #6 |
| | Windows wurde blockiert Danke für deine schnelle Antwort. Bin leider was das ganze angeht etwas schwerfällig, wie genau mache ich das jetzt? Also das löschen der Fehler? Was meinst du mit MAM? Sorry für meine Dummheit was das angeht  |
|
14.02.2012, 21:29
| #7 |
| | Windows wurde blockiert Hi, ist Antimalwarebytes (MAM) durch, dann poste bitte das log... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
14.02.2012, 22:37
| #8 |
| | Windows wurde blockiertCode:
ATTFilter Malwarebytes Anti-Malware (Test) 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.02.14.05 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 7.0.6001.18000 Kevin :: KEVIN-PC [Administrator] Schutz: Deaktiviert 14.02.2012 19:24:58 mbam-log-2012-02-14 (22-23-27).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 540498 Laufzeit: 2 Stunde(n), 57 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bet365poker (PUP.Casino) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 6 C:\Users\Kevin\Downloads\unlocker1.8.7.exe (Adware.Clicker) -> Keine Aktion durchgeführt. C:\Users\Kevin\Downloads\SetupPoker_68e0(2).exe (PUP.Casino) -> Keine Aktion durchgeführt. C:\Users\Kevin\Downloads\SetupPoker_68e0.exe (PUP.Casino) -> Keine Aktion durchgeführt. D:\Program Files\bet365 Poker\Poker at bet365\_SetupPoker_68e0.exe (PUP.Casino) -> Keine Aktion durchgeführt. D:\Program Files\Unlocker\eBay_shortcuts_1016.exe (Adware.Clicker) -> Keine Aktion durchgeführt. C:\Windows\System32\hosts (Trojan.Agent) -> Keine Aktion durchgeführt. (Ende) |
|
14.02.2012, 22:44
| #9 |
| | Windows wurde blockiert Hi, alles löschen lassen...
 Code:
ATTFilter :OTL
O33 - MountPoints2\{bd6b5189-dd92-11de-b351-dcac2bc18593}\Shell\AutoRun\command - "" = krwyrv0d.exe
O33 - MountPoints2\{bd6b5189-dd92-11de-b351-dcac2bc18593}\Shell\open\Command - "" = krwyrv0d.exe
:Commands
[purity]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
15.02.2012, 20:19
| #10 |
| | Windows wurde blockiertCode:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd6b5189-dd92-11de-b351-dcac2bc18593}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bd6b5189-dd92-11de-b351-dcac2bc18593}\ not found.
File krwyrv0d.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd6b5189-dd92-11de-b351-dcac2bc18593}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bd6b5189-dd92-11de-b351-dcac2bc18593}\ not found.
File krwyrv0d.exe not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Kevin
->Temp folder emptied: 393512 bytes
->Temporary Internet Files folder emptied: 73870904 bytes
->Java cache emptied: 40741110 bytes
->FireFox cache emptied: 46226487 bytes
->Google Chrome cache emptied: 104321094 bytes
->Flash cache emptied: 2946218 bytes
User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41 bytes
User: Public
User: xx
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1224704 bytes
%systemroot%\System32 .tmp files removed: 2012262 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 72617 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 259,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 02152012_201209
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
|
|
15.02.2012, 20:32
| #11 |
| | Windows wurde blockiert Hi, so, jetzt bitte MAM updaten und dann nochmal einen Fullscan... Wie verhält sich der Rechner (Umleitungen im Internet etc.)? Zur Sicherheit noch TDSS-Killer Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft? Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)! Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe. Stelle den Killer wir folgt ein:  Dann den Scan starten durch (Start Scan). Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
18.02.2012, 21:00
| #12 |
| | Windows wurde blockiert Sorry das ich erst so spät antworte. Hier der MAM Log: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.02.18.03 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 7.0.6001.18000 Kevin :: KEVIN-PC [Administrator] Schutz: Deaktiviert 18.02.2012 17:06:59 mbam-log-2012-02-18 (17-06-59).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 535014 Laufzeit: 3 Stunde(n), 5 Minute(n), 53 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) tdsskiller log: Code:
ATTFilter 20:50:42.0349 5616 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
20:50:42.0483 5616 ============================================================
20:50:42.0483 5616 Current date / time: 2012/02/18 20:50:42.0483
20:50:42.0483 5616 SystemInfo:
20:50:42.0483 5616
20:50:42.0483 5616 OS Version: 6.0.6001 ServicePack: 1.0
20:50:42.0483 5616 Product type: Workstation
20:50:42.0483 5616 ComputerName: KEVIN-PC
20:50:42.0483 5616 UserName: Kevin
20:50:42.0483 5616 Windows directory: C:\Windows
20:50:42.0483 5616 System windows directory: C:\Windows
20:50:42.0483 5616 Processor architecture: Intel x86
20:50:42.0483 5616 Number of processors: 4
20:50:42.0483 5616 Page size: 0x1000
20:50:42.0483 5616 Boot type: Normal boot
20:50:42.0483 5616 ============================================================
20:50:43.0304 5616 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:50:43.0306 5616 \Device\Harddisk0\DR0:
20:50:43.0313 5616 MBR used
20:50:43.0313 5616 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x186A0000
20:50:43.0313 5616 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x186A0800, BlocksNum 0x21CE5000
20:50:43.0395 5616 Initialize success
20:50:43.0395 5616 ============================================================
20:51:02.0928 5140 ============================================================
20:51:02.0928 5140 Scan started
20:51:02.0928 5140 Mode: Manual; SigCheck; TDLFS;
20:51:02.0928 5140 ============================================================
20:51:03.0287 5140 acedrv11 (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys
20:51:03.0425 5140 acedrv11 - ok
20:51:03.0460 5140 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
20:51:03.0470 5140 ACPI - ok
20:51:03.0499 5140 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
20:51:03.0520 5140 adp94xx - ok
20:51:03.0542 5140 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
20:51:03.0557 5140 adpahci - ok
20:51:03.0578 5140 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
20:51:03.0604 5140 adpu160m - ok
20:51:03.0620 5140 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
20:51:03.0629 5140 adpu320 - ok
20:51:03.0647 5140 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
20:51:03.0689 5140 AFD - ok
20:51:03.0708 5140 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
20:51:03.0719 5140 agp440 - ok
20:51:03.0739 5140 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:51:03.0747 5140 aic78xx - ok
20:51:03.0769 5140 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
20:51:03.0778 5140 aliide - ok
20:51:03.0799 5140 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
20:51:03.0806 5140 amdagp - ok
20:51:03.0826 5140 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
20:51:03.0846 5140 amdide - ok
20:51:03.0861 5140 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
20:51:03.0898 5140 AmdK7 - ok
20:51:03.0917 5140 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
20:51:03.0937 5140 AmdK8 - ok
20:51:03.0995 5140 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
20:51:04.0007 5140 arc - ok
20:51:04.0023 5140 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
20:51:04.0036 5140 arcsas - ok
20:51:04.0049 5140 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:51:04.0076 5140 AsyncMac - ok
20:51:04.0099 5140 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
20:51:04.0107 5140 atapi - ok
20:51:04.0141 5140 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
20:51:04.0154 5140 atksgt - ok
20:51:04.0186 5140 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
20:51:04.0195 5140 avgntflt - ok
20:51:04.0230 5140 avipbb (475fbb85956534720858ae72010c0a43) C:\Windows\system32\DRIVERS\avipbb.sys
20:51:04.0238 5140 avipbb - ok
20:51:04.0248 5140 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
20:51:04.0255 5140 avkmgr - ok
20:51:04.0283 5140 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:51:04.0327 5140 Beep - ok
20:51:04.0351 5140 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
20:51:04.0414 5140 blbdrive - ok
20:51:04.0424 5140 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
20:51:04.0455 5140 bowser - ok
20:51:04.0473 5140 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:51:04.0505 5140 BrFiltLo - ok
20:51:04.0519 5140 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:51:04.0549 5140 BrFiltUp - ok
20:51:04.0574 5140 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:51:04.0716 5140 Brserid - ok
20:51:04.0741 5140 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:51:04.0799 5140 BrSerWdm - ok
20:51:04.0827 5140 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:51:04.0906 5140 BrUsbMdm - ok
20:51:04.0936 5140 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:51:04.0989 5140 BrUsbSer - ok
20:51:05.0010 5140 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:51:05.0067 5140 BTHMODEM - ok
20:51:05.0084 5140 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:51:05.0117 5140 cdfs - ok
20:51:05.0130 5140 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
20:51:05.0165 5140 cdrom - ok
20:51:05.0185 5140 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
20:51:05.0224 5140 circlass - ok
20:51:05.0253 5140 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
20:51:05.0267 5140 CLFS - ok
20:51:05.0287 5140 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
20:51:05.0296 5140 cmdide - ok
20:51:05.0314 5140 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
20:51:05.0322 5140 Compbatt - ok
20:51:05.0344 5140 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
20:51:05.0356 5140 crcdisk - ok
20:51:05.0375 5140 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
20:51:05.0399 5140 Crusoe - ok
20:51:05.0423 5140 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
20:51:05.0451 5140 DfsC - ok
20:51:05.0462 5140 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
20:51:05.0470 5140 disk - ok
20:51:05.0505 5140 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:51:05.0540 5140 drmkaud - ok
20:51:05.0579 5140 dtsoftbus01 (c0c7ceccb6c85994c2bc92d58e52d3f2) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:51:05.0608 5140 dtsoftbus01 - ok
20:51:05.0639 5140 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
20:51:05.0698 5140 DXGKrnl - ok
20:51:05.0738 5140 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:51:05.0776 5140 E1G60 - ok
20:51:05.0819 5140 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
20:51:05.0828 5140 Ecache - ok
20:51:05.0854 5140 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
20:51:05.0865 5140 ElbyCDFL - ok
20:51:05.0887 5140 ElbyCDIO (178cc9403816c082d22a1d47fa1f9c85) C:\Windows\system32\Drivers\ElbyCDIO.sys
20:51:05.0895 5140 ElbyCDIO - ok
20:51:05.0936 5140 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
20:51:05.0957 5140 elxstor - ok
20:51:05.0977 5140 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
20:51:06.0010 5140 ErrDev - ok
20:51:06.0040 5140 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
20:51:06.0085 5140 exfat - ok
20:51:06.0104 5140 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
20:51:06.0145 5140 fastfat - ok
20:51:06.0164 5140 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
20:51:06.0192 5140 fdc - ok
20:51:06.0214 5140 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:51:06.0223 5140 FileInfo - ok
20:51:06.0246 5140 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:51:06.0282 5140 Filetrace - ok
20:51:06.0294 5140 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
20:51:06.0317 5140 flpydisk - ok
20:51:06.0334 5140 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
20:51:06.0345 5140 FltMgr - ok
20:51:06.0405 5140 FsUsbExDisk (10398b515653442a5b89fdf6a1d06180) C:\Windows\system32\FsUsbExDisk.SYS
20:51:06.0413 5140 FsUsbExDisk - ok
20:51:06.0443 5140 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:51:06.0479 5140 Fs_Rec - ok
20:51:06.0501 5140 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
20:51:06.0514 5140 gagp30kx - ok
20:51:06.0537 5140 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:51:06.0544 5140 GEARAspiWDM - ok
20:51:06.0576 5140 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
20:51:06.0583 5140 hamachi - ok
20:51:06.0616 5140 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
20:51:06.0680 5140 HdAudAddService - ok
20:51:06.0697 5140 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:51:06.0729 5140 HDAudBus - ok
20:51:06.0745 5140 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:51:06.0793 5140 HidBth - ok
20:51:06.0810 5140 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:51:06.0870 5140 HidIr - ok
20:51:06.0910 5140 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
20:51:06.0946 5140 HidUsb - ok
20:51:06.0966 5140 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
20:51:06.0997 5140 HpCISSs - ok
20:51:07.0031 5140 HTTP (406c027c18e98a396faa1963dad5ff70) C:\Windows\system32\drivers\HTTP.sys
20:51:07.0090 5140 HTTP - ok
20:51:07.0118 5140 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
20:51:07.0137 5140 i2omp - ok
20:51:07.0145 5140 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:51:07.0177 5140 i8042prt - ok
20:51:07.0197 5140 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
20:51:07.0210 5140 iaStorV - ok
20:51:07.0230 5140 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:51:07.0242 5140 iirsp - ok
20:51:07.0256 5140 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
20:51:07.0265 5140 intelide - ok
20:51:07.0289 5140 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:51:07.0326 5140 intelppm - ok
20:51:07.0345 5140 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:51:07.0380 5140 IpFilterDriver - ok
20:51:07.0388 5140 IpInIp - ok
20:51:07.0414 5140 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
20:51:07.0470 5140 IPMIDRV - ok
20:51:07.0490 5140 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:51:07.0519 5140 IPNAT - ok
20:51:07.0540 5140 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:51:07.0575 5140 IRENUM - ok
20:51:07.0597 5140 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
20:51:07.0610 5140 isapnp - ok
20:51:07.0629 5140 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
20:51:07.0648 5140 iScsiPrt - ok
20:51:07.0667 5140 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:51:07.0693 5140 iteatapi - ok
20:51:07.0718 5140 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:51:07.0730 5140 iteraid - ok
20:51:07.0753 5140 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:51:07.0766 5140 kbdclass - ok
20:51:07.0784 5140 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
20:51:07.0807 5140 kbdhid - ok
20:51:07.0832 5140 KSecDD (5367dc846cae9639b899bfd13b97a8c9) C:\Windows\system32\Drivers\ksecdd.sys
20:51:07.0851 5140 KSecDD - ok
20:51:07.0942 5140 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
20:51:07.0948 5140 Lavasoft Kernexplorer - ok
20:51:07.0971 5140 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys
20:51:07.0977 5140 Lbd - ok
20:51:08.0003 5140 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
20:51:08.0013 5140 lirsgt - ok
20:51:08.0026 5140 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:51:08.0081 5140 lltdio - ok
20:51:08.0111 5140 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
20:51:08.0121 5140 LSI_FC - ok
20:51:08.0136 5140 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
20:51:08.0150 5140 LSI_SAS - ok
20:51:08.0172 5140 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
20:51:08.0186 5140 LSI_SCSI - ok
20:51:08.0193 5140 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:51:08.0228 5140 luafv - ok
20:51:08.0271 5140 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
20:51:08.0282 5140 MBAMProtector - ok
20:51:08.0302 5140 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
20:51:08.0310 5140 megasas - ok
20:51:08.0334 5140 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
20:51:08.0370 5140 MegaSR - ok
20:51:08.0390 5140 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:51:08.0412 5140 Modem - ok
20:51:08.0451 5140 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:51:08.0479 5140 monitor - ok
20:51:08.0492 5140 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:51:08.0505 5140 mouclass - ok
20:51:08.0528 5140 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
20:51:08.0599 5140 mouhid - ok
20:51:08.0611 5140 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:51:08.0622 5140 MountMgr - ok
20:51:08.0649 5140 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
20:51:08.0662 5140 mpio - ok
20:51:08.0684 5140 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:51:08.0701 5140 mpsdrv - ok
20:51:08.0719 5140 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:51:08.0726 5140 Mraid35x - ok
20:51:08.0733 5140 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
20:51:08.0761 5140 MRxDAV - ok
20:51:08.0778 5140 mrxsmb (c4ad205530888404e2b5fc8d9319b119) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:51:08.0800 5140 mrxsmb - ok
20:51:08.0830 5140 mrxsmb10 (0a986b34f1678a2697574d7b1664e2dd) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:51:08.0865 5140 mrxsmb10 - ok
20:51:08.0872 5140 mrxsmb20 (3268b8c3fa92bfc086355c39b45e9cc9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:51:08.0892 5140 mrxsmb20 - ok
20:51:08.0914 5140 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
20:51:08.0920 5140 msahci - ok
20:51:08.0942 5140 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
20:51:08.0954 5140 msdsm - ok
20:51:08.0964 5140 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:51:08.0989 5140 Msfs - ok
20:51:08.0995 5140 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:51:09.0001 5140 msisadrv - ok
20:51:09.0021 5140 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:51:09.0052 5140 MSKSSRV - ok
20:51:09.0062 5140 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:51:09.0093 5140 MSPCLOCK - ok
20:51:09.0109 5140 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:51:09.0132 5140 MSPQM - ok
20:51:09.0151 5140 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
20:51:09.0164 5140 MsRPC - ok
20:51:09.0181 5140 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:51:09.0189 5140 mssmbios - ok
20:51:09.0204 5140 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:51:09.0230 5140 MSTEE - ok
20:51:09.0258 5140 MTsensor (dcdaab8697a47894a554050ce18d0b56) C:\Windows\system32\DRIVERS\ASACPI.sys
20:51:09.0283 5140 MTsensor - ok
20:51:09.0306 5140 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
20:51:09.0314 5140 Mup - ok
20:51:09.0347 5140 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
20:51:09.0381 5140 NativeWifiP - ok
20:51:09.0408 5140 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
20:51:09.0425 5140 NDIS - ok
20:51:09.0435 5140 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:51:09.0467 5140 NdisTapi - ok
20:51:09.0492 5140 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:51:09.0531 5140 Ndisuio - ok
20:51:09.0560 5140 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
20:51:09.0585 5140 NdisWan - ok
20:51:09.0602 5140 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:51:09.0637 5140 NDProxy - ok
20:51:09.0652 5140 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:51:09.0687 5140 NetBIOS - ok
20:51:09.0702 5140 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
20:51:09.0736 5140 netbt - ok
20:51:09.0763 5140 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:51:09.0775 5140 nfrd960 - ok
20:51:09.0784 5140 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
20:51:09.0825 5140 Npfs - ok
20:51:09.0844 5140 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:51:09.0871 5140 nsiproxy - ok
20:51:09.0905 5140 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
20:51:09.0959 5140 Ntfs - ok
20:51:09.0977 5140 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:51:10.0036 5140 ntrigdigi - ok
20:51:10.0046 5140 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:51:10.0082 5140 Null - ok
20:51:10.0264 5140 nvlddmkm (0013f8cf1322487fb247eae56ef0ed90) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:51:10.0535 5140 nvlddmkm - ok
20:51:10.0619 5140 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
20:51:10.0628 5140 nvraid - ok
20:51:10.0644 5140 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
20:51:10.0656 5140 nvstor - ok
20:51:10.0684 5140 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
20:51:10.0698 5140 nv_agp - ok
20:51:10.0704 5140 NwlnkFlt - ok
20:51:10.0712 5140 NwlnkFwd - ok
20:51:10.0724 5140 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
20:51:10.0782 5140 ohci1394 - ok
20:51:10.0805 5140 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:51:10.0858 5140 Parport - ok
20:51:10.0871 5140 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
20:51:10.0878 5140 partmgr - ok
20:51:10.0897 5140 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:51:10.0955 5140 Parvdm - ok
20:51:10.0972 5140 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
20:51:10.0982 5140 pci - ok
20:51:10.0993 5140 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
20:51:11.0000 5140 pciide - ok
20:51:11.0021 5140 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:51:11.0031 5140 pcmcia - ok
20:51:11.0067 5140 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:51:11.0124 5140 PEAUTH - ok
20:51:11.0174 5140 PnkBstrK (db7f8840c92865ca6f3d2db063a5b999) C:\Windows\system32\drivers\PnkBstrK.sys
20:51:11.0201 5140 PnkBstrK - ok
20:51:11.0232 5140 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:51:11.0261 5140 PptpMiniport - ok
20:51:11.0283 5140 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
20:51:11.0326 5140 Processor - ok
20:51:11.0362 5140 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
20:51:11.0395 5140 PSched - ok
20:51:11.0432 5140 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
20:51:11.0468 5140 ql2300 - ok
20:51:11.0492 5140 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:51:11.0502 5140 ql40xx - ok
20:51:11.0520 5140 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:51:11.0548 5140 QWAVEdrv - ok
20:51:11.0565 5140 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:51:11.0588 5140 RasAcd - ok
20:51:11.0620 5140 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:51:11.0647 5140 Rasl2tp - ok
20:51:11.0665 5140 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
20:51:11.0698 5140 RasPppoe - ok
20:51:11.0717 5140 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
20:51:11.0760 5140 RasSstp - ok
20:51:11.0784 5140 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
20:51:11.0809 5140 rdbss - ok
20:51:11.0817 5140 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:51:11.0842 5140 RDPCDD - ok
20:51:11.0868 5140 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
20:51:11.0894 5140 rdpdr - ok
20:51:11.0902 5140 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:51:11.0962 5140 RDPENCDD - ok
20:51:11.0986 5140 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
20:51:12.0017 5140 RDPWD - ok
20:51:12.0049 5140 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:51:12.0073 5140 rspndr - ok
20:51:12.0099 5140 RTL8169 (174b9514cd1a0c33ce4bbc02a3c81a62) C:\Windows\system32\DRIVERS\Rtlh86.sys
20:51:12.0145 5140 RTL8169 - ok
20:51:12.0167 5140 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:51:12.0176 5140 sbp2port - ok
20:51:12.0202 5140 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:51:12.0263 5140 secdrv - ok
20:51:12.0274 5140 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
20:51:12.0301 5140 Serenum - ok
20:51:12.0309 5140 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
20:51:12.0332 5140 Serial - ok
20:51:12.0352 5140 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:51:12.0388 5140 sermouse - ok
20:51:12.0411 5140 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
20:51:12.0436 5140 sffdisk - ok
20:51:12.0456 5140 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
20:51:12.0482 5140 sffp_mmc - ok
20:51:12.0501 5140 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
20:51:12.0546 5140 sffp_sd - ok
20:51:12.0567 5140 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:51:12.0628 5140 sfloppy - ok
20:51:12.0665 5140 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
20:51:12.0678 5140 sisagp - ok
20:51:12.0700 5140 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
20:51:12.0709 5140 SiSRaid2 - ok
20:51:12.0729 5140 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
20:51:12.0743 5140 SiSRaid4 - ok
20:51:12.0763 5140 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
20:51:12.0787 5140 Smb - ok
20:51:12.0809 5140 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:51:12.0821 5140 spldr - ok
20:51:12.0829 5140 sptd - ok
20:51:12.0859 5140 srv (73dddbeec61e78568082916a27aadaee) C:\Windows\system32\DRIVERS\srv.sys
20:51:12.0898 5140 srv - ok
20:51:12.0906 5140 srv2 (805fac010405ad3f82ef8df0bb035d81) C:\Windows\system32\DRIVERS\srv2.sys
20:51:12.0934 5140 srv2 - ok
20:51:12.0943 5140 srvnet (f63a0a58aafe34d7a1a0a74abccdd9c0) C:\Windows\system32\DRIVERS\srvnet.sys
20:51:12.0981 5140 srvnet - ok
20:51:13.0006 5140 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
20:51:13.0014 5140 ssmdrv - ok
20:51:13.0054 5140 ss_bbus (3f0164fbc0bd1adbd02df9759181451a) C:\Windows\system32\DRIVERS\ss_bbus.sys
20:51:13.0067 5140 ss_bbus - ok
20:51:13.0101 5140 ss_bmdfl (b89d62206034e5fe573c80a24dd55675) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
20:51:13.0107 5140 ss_bmdfl - ok
20:51:13.0129 5140 ss_bmdm (1ed0fcea586fe2a416ee15196e5631dd) C:\Windows\system32\DRIVERS\ss_bmdm.sys
20:51:13.0142 5140 ss_bmdm - ok
20:51:13.0168 5140 ss_bserd (994d2e5378cc337ec7dd73c1e04fcaa4) C:\Windows\system32\DRIVERS\ss_bserd.sys
20:51:13.0180 5140 ss_bserd - ok
20:51:13.0201 5140 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:51:13.0209 5140 swenum - ok
20:51:13.0232 5140 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:51:13.0241 5140 Symc8xx - ok
20:51:13.0256 5140 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:51:13.0267 5140 Sym_hi - ok
20:51:13.0288 5140 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:51:13.0300 5140 Sym_u3 - ok
20:51:13.0335 5140 tap0801 (0c82061920a2de35d33c2c2bb83b1e98) C:\Windows\system32\DRIVERS\tap0801.sys
20:51:13.0361 5140 tap0801 ( UnsignedFile.Multi.Generic ) - warning
20:51:13.0361 5140 tap0801 - detected UnsignedFile.Multi.Generic (1)
20:51:13.0391 5140 tap0901t (b7aee68d2e867cbf69b649b18fcedbbb) C:\Windows\system32\DRIVERS\tap0901t.sys
20:51:13.0441 5140 tap0901t ( UnsignedFile.Multi.Generic ) - warning
20:51:13.0441 5140 tap0901t - detected UnsignedFile.Multi.Generic (1)
20:51:13.0488 5140 Tcpip (82e266bee5f0167e41c6ecfdd2a79c02) C:\Windows\system32\drivers\tcpip.sys
20:51:13.0533 5140 Tcpip - ok
20:51:13.0571 5140 Tcpip6 (82e266bee5f0167e41c6ecfdd2a79c02) C:\Windows\system32\DRIVERS\tcpip.sys
20:51:13.0596 5140 Tcpip6 - ok
20:51:13.0618 5140 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
20:51:13.0649 5140 tcpipreg - ok
20:51:13.0666 5140 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:51:13.0701 5140 TDPIPE - ok
20:51:13.0722 5140 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:51:13.0747 5140 TDTCP - ok
20:51:13.0771 5140 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
20:51:13.0833 5140 tdx - ok
20:51:13.0849 5140 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
20:51:13.0862 5140 TermDD - ok
20:51:13.0898 5140 truecrypt (aceb4f4f83b895e15c8c1a2f55009783) C:\Windows\system32\drivers\truecrypt.sys
20:51:13.0917 5140 truecrypt - ok
20:51:13.0946 5140 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:51:13.0978 5140 tssecsrv - ok
20:51:13.0996 5140 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:51:14.0026 5140 tunmp - ok
20:51:14.0033 5140 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
20:51:14.0065 5140 tunnel - ok
20:51:14.0084 5140 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
20:51:14.0093 5140 uagp35 - ok
20:51:14.0114 5140 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
20:51:14.0139 5140 udfs - ok
20:51:14.0162 5140 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
20:51:14.0172 5140 uliagpkx - ok
20:51:14.0197 5140 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
20:51:14.0214 5140 uliahci - ok
20:51:14.0230 5140 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:51:14.0240 5140 UlSata - ok
20:51:14.0261 5140 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:51:14.0277 5140 ulsata2 - ok
20:51:14.0285 5140 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:51:14.0321 5140 umbus - ok
20:51:14.0389 5140 UnlockerDriver5 (4847639d852763ee39415c929470f672) D:\Program Files\Unlocker\UnlockerDriver5.sys
20:51:14.0413 5140 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
20:51:14.0413 5140 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
20:51:14.0446 5140 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys
20:51:14.0504 5140 usbccgp - ok
20:51:14.0529 5140 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:51:14.0589 5140 usbcir - ok
20:51:14.0613 5140 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
20:51:14.0639 5140 usbehci - ok
20:51:14.0648 5140 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
20:51:14.0673 5140 usbhub - ok
20:51:14.0697 5140 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
20:51:14.0759 5140 usbohci - ok
20:51:14.0782 5140 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:51:14.0807 5140 usbprint - ok
20:51:14.0821 5140 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:51:14.0854 5140 USBSTOR - ok
20:51:14.0871 5140 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
20:51:14.0896 5140 usbuhci - ok
20:51:14.0918 5140 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
20:51:14.0956 5140 vga - ok
20:51:14.0976 5140 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:51:15.0036 5140 VgaSave - ok
20:51:15.0062 5140 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
20:51:15.0076 5140 viaagp - ok
20:51:15.0091 5140 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
20:51:15.0114 5140 ViaC7 - ok
20:51:15.0154 5140 VIAHdAudAddService (dbac5431300999968f01772c4162459b) C:\Windows\system32\drivers\viahduaa.sys
20:51:15.0210 5140 VIAHdAudAddService - ok
20:51:15.0248 5140 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
20:51:15.0260 5140 viaide - ok
20:51:15.0273 5140 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:51:15.0282 5140 volmgr - ok
20:51:15.0299 5140 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
20:51:15.0313 5140 volmgrx - ok
20:51:15.0322 5140 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
20:51:15.0333 5140 volsnap - ok
20:51:15.0357 5140 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
20:51:15.0372 5140 vsmraid - ok
20:51:15.0406 5140 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:51:15.0453 5140 WacomPen - ok
20:51:15.0468 5140 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:51:15.0495 5140 Wanarp - ok
20:51:15.0498 5140 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:51:15.0524 5140 Wanarpv6 - ok
20:51:15.0548 5140 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
20:51:15.0557 5140 Wd - ok
20:51:15.0582 5140 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:51:15.0623 5140 Wdf01000 - ok
20:51:15.0681 5140 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
20:51:15.0701 5140 WmiAcpi - ok
20:51:15.0743 5140 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
20:51:15.0778 5140 WpdUsb - ok
20:51:15.0805 5140 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:51:15.0837 5140 ws2ifsl - ok
20:51:15.0868 5140 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:51:15.0904 5140 WUDFRd - ok
20:51:15.0944 5140 xusb21 (09e5340bd9b2cb730bf4dc6be7721291) C:\Windows\system32\DRIVERS\xusb21.sys
20:51:15.0954 5140 xusb21 - ok
20:51:15.0969 5140 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:51:16.0073 5140 \Device\Harddisk0\DR0 - ok
20:51:16.0076 5140 Boot (0x1200) (3ff2536bbf76f6bf2f12a49c28aeddb5) \Device\Harddisk0\DR0\Partition0
20:51:16.0076 5140 \Device\Harddisk0\DR0\Partition0 - ok
20:51:16.0102 5140 Boot (0x1200) (fc63592dad1cf7caa0aa2295b766e5e7) \Device\Harddisk0\DR0\Partition1
20:51:16.0103 5140 \Device\Harddisk0\DR0\Partition1 - ok
20:51:16.0103 5140 ============================================================
20:51:16.0103 5140 Scan finished
20:51:16.0103 5140 ============================================================
20:51:16.0111 4288 Detected object count: 3
20:51:16.0111 4288 Actual detected object count: 3
20:51:37.0629 4288 tap0801 ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:37.0629 4288 tap0801 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:51:37.0630 4288 tap0901t ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:37.0630 4288 tap0901t ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:51:37.0631 4288 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:37.0631 4288 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
19.02.2012, 17:33
| #13 |
| | Windows wurde blockiert Hi, die von Dir "geskippten" Files sind Dir bekannt (gehören zu OpenVPN)? Poste noch einmal ein neues OTL-Log... Macht der Rechner noch Mucken? chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
21.02.2012, 14:18
| #14 |
| | Windows wurde blockiert Jo, OpenVPN hatte ich mal installiert, aber dachte eigentlich auch wieder deinstalliert, soll ich das Programm nochmal ausführen und die Dateien löschen, oder sind diese harmlos und können da bleiben? Bewusst merke ich eigentlich nichts, dass etwas anders ist wie vor dem Virus. OTL Logfile: Code:
ATTFilter OTL logfile created on: 21.02.2012 14:12:34 - Run 3 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kevin\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 53,30% Memory free 10,99 Gb Paging File | 9,50 Gb Available in Paging File | 86,40% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 195,31 Gb Total Space | 77,63 Gb Free Space | 39,75% Space Free | Partition Type: NTFS Drive D: | 270,45 Gb Total Space | 23,76 Gb Free Space | 8,79% Space Free | Partition Type: NTFS Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Kevin\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Google\Update\1.3.21.99\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group) PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - D:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\Programme\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation) PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios) PRC - C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe (VIA) PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\System32\lxbccoms.exe ( ) PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe () ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Firefox\js3250.dll () MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll () MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Programme\VIA\VIAudioi\VDeck\Dts2ApoApi.dll () MOD - C:\Programme\VIA\VIAudioi\VDeck\QsApoApi.dll () MOD - C:\Programme\VIA\VIAudioi\VDeck\VMicApi.dll () MOD - D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe () ========== Win32 Services (SafeList) ========== SRV - (BVWYVEOMKJJ) -- File not found SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (postgresql-8.4) -- C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group) SRV - (postgresql-8.3) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (TunngleService) -- D:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (DAUpdaterSvc) -- D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare) SRV - (RosettaStoneDaemon) -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd.) SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software) SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (lxbc_device) -- C:\Windows\System32\lxbccoms.exe ( ) SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (OpenVPNService) -- C:\Programme\OpenVPN\bin\openvpnserv.exe () ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (PnkBstrK) -- C:\Windows\System32\drivers\PnkBstrK.sys () DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (Lavasoft Kernexplorer) -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys () DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation) DRV - (ss_bserd) -- C:\Windows\System32\drivers\ss_bserd.sys (MCCI Corporation) DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI) DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (truecrypt) -- C:\Windows\System32\drivers\truecrypt.sys (TrueCrypt Foundation) DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () DRV - (tap0801) -- C:\Windows\System32\drivers\tap0801.sys (The OpenVPN Project) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: - SOFTWARE\Classes\CLSID\\LocalServer32 File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = hxxp://google.icq.com/search/search_frame.php IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://google.icq.com/search/search_frame.php IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "YouTube-Videosuche" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.wieistmeineip.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: NPDyyno@dyyno.com:1.0.0.24 FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@dyyno.com/vlc;version=0.8.6f.2: C:\Program Files\Dyyno\Dyyno Player\npvlc.dll (Dyyno) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.12.30 19:41:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.30 21:51:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.22 17:14:35 | 000,000,000 | ---D | M] [2009.01.23 17:12:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions [2012.02.21 11:27:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions [2010.03.19 20:36:29 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2011.02.02 19:41:10 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.08.26 18:52:16 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.06.15 14:42:29 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.12.30 19:50:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.04.23 10:42:05 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011.03.03 13:30:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010.02.14 18:45:30 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\moveplayer@movenetworks.com [2009.04.20 14:36:41 | 000,000,000 | ---D | M] (Simple Dyyno Launcher) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\NPDyyno@dyyno.com [2010.10.20 19:48:50 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\vshare@toolbar [2010.01.23 12:35:03 | 000,002,321 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\dictcc.xml [2009.06.15 20:46:47 | 000,002,030 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\myvideo-suche-.xml [2009.07.11 11:04:46 | 000,000,727 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\phpnet.xml [2009.01.23 18:10:53 | 000,002,108 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\youtube-videosuche.xml [2012.02.21 11:27:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.01.29 12:33:36 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.03.16 22:19:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.07.16 13:48:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2009.02.19 09:53:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2009.06.05 15:55:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009.08.23 14:39:09 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2011.03.16 22:19:29 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.07.16 13:48:53 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2010.12.30 19:41:01 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.04.21 00:20:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.04.21 00:20:52 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.04.21 00:20:52 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.04.21 00:20:52 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.04.21 00:20:52 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\pdf.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: getPlusPlus for Adobe 16263 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll CHR - plugin: Dyyno Player Plugin (Enabled) = C:\Program Files\Dyyno\Dyyno Player\npvlc.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: iTunes Application Detector (Enabled) = D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\ O1 HOSTS File: ([2012.02.18 14:38:07 | 000,449,370 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 15445 more lines... O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Kevin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\PrxerNsp.dll ( ) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\PrxerDrv.dll (Initex Software) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\PrxerDrv.dll (Initex Software) O15 - HKCU\..Trusted Domains: everestpoker.com ([account] https in Trusted sites) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DE9F9EF-8DB8-41C2-8A1F-AF77E3B8D7FB}: NameServer = 195.50.140.246 195.50.140.248 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E65DDC-D557-4A3C-93DC-0488FAD00A79}: DhcpNameServer = 92.241.168.201 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5348C871-FA4C-48BA-8047-4C204317B8F4}: DhcpNameServer = 7.254.254.254 O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim - No CLSID value found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{5c2a288e-ee35-11df-a91a-d049f4b62852}\Shell - "" = AutoRun O33 - MountPoints2\{5c2a288e-ee35-11df-a91a-d049f4b62852}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{9c031dfe-e967-11dd-b6cc-002354732f26}\Shell - "" = AutoRun O33 - MountPoints2\{9c031dfe-e967-11dd-b6cc-002354732f26}\Shell\AutoRun\command - "" = H:\steambackup2.EXE O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.16 19:54:19 | 000,000,000 | ---D | C] -- C:\Program Files\tdsskiller [2012.02.15 20:12:09 | 000,000,000 | ---D | C] -- C:\_OTL [2012.02.14 19:12:14 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Malwarebytes [2012.02.14 19:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.02.14 19:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.02.14 19:11:43 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.02.14 19:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.02.14 17:58:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe [2012.02.13 17:59:32 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Avira [2012.02.13 17:58:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.02.13 17:58:05 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.02.13 17:58:04 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2012.02.13 17:58:04 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys [2012.02.13 17:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.02.13 17:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2009.01.29 19:28:27 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\PrxerNsp.dll [2009.01.26 14:40:49 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbcserv.dll [2009.01.26 14:40:49 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxbcusb1.dll [2009.01.26 14:40:49 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbchbn3.dll [2009.01.26 14:40:49 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbccomc.dll [2009.01.26 14:40:49 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbcpmui.dll [2009.01.26 14:40:49 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbclmpm.dll [2009.01.26 14:40:49 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxbccoms.exe [2009.01.26 14:40:49 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbccomm.dll [2009.01.26 14:40:49 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbcinpa.dll [2009.01.26 14:40:49 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbciesc.dll [2009.01.26 14:40:49 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxbcih.exe [2009.01.26 14:40:49 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxbccfg.exe [2009.01.26 14:40:49 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBChcp.dll [2009.01.26 14:40:49 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbcprox.dll [2009.01.26 14:40:49 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbcpplc.dll [4 C:\Users\Kevin\Documents\*.tmp files -> C:\Users\Kevin\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.21 13:08:11 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.21 13:08:11 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.21 11:19:31 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.02.21 11:08:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.21 11:08:05 | 3488,735,232 | -HS- | M] () -- C:\hiberfil.sys [2012.02.20 23:56:08 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2012.02.19 21:22:12 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat [2012.02.19 21:22:12 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat [2012.02.18 14:38:07 | 000,449,370 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012.02.18 14:37:58 | 000,449,370 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120218-143807.backup [2012.02.16 15:39:21 | 000,026,720 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\wklnhst.dat [2012.02.16 15:39:13 | 000,002,623 | ---- | M] () -- C:\Users\Kevin\Desktop\Microsoft Word.lnk [2012.02.15 13:11:54 | 000,000,404 | ---- | M] () -- C:\Windows\LEXSTAT.INI [2012.02.14 19:11:44 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.02.14 17:58:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe [2012.02.13 17:58:20 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.02.11 21:16:46 | 000,449,370 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120216-200440.backup [2012.02.11 21:16:46 | 000,449,370 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120218-143758.backup [2012.02.11 21:16:46 | 000,449,370 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120218-143711.backup [2012.02.11 21:16:46 | 000,449,370 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120217-085149.backup [2012.02.08 19:32:27 | 000,449,370 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120211-211646.backup [2012.02.07 14:30:18 | 000,449,210 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120208-193227.backup [2012.02.05 18:52:43 | 000,449,210 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120207-143018.backup [2012.02.01 14:50:51 | 000,449,210 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120205-185243.backup [2012.01.29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2012.01.26 19:09:46 | 000,699,116 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.01.26 19:09:46 | 000,655,278 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.01.26 19:09:46 | 000,156,440 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.01.26 19:09:46 | 000,128,292 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.01.26 19:09:25 | 000,154,624 | ---- | M] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.25 19:39:51 | 000,449,124 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120201-145051.backup [2012.01.25 12:12:05 | 000,448,311 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120125-193951.backup [4 C:\Users\Kevin\Documents\*.tmp files -> C:\Users\Kevin\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.02.14 19:11:44 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.02.13 17:58:20 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.02.13 16:57:59 | 3488,735,232 | -HS- | C] () -- C:\hiberfil.sys [2011.12.15 05:39:42 | 000,042,392 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011.08.01 18:35:03 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2011.06.12 22:20:17 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI [2011.06.01 13:45:52 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011.06.01 13:45:52 | 000,042,112 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011.05.26 20:17:33 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat [2011.05.26 20:17:33 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat [2011.05.12 20:46:08 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe [2011.01.13 18:18:15 | 000,000,365 | ---- | C] () -- C:\Users\Kevin\AppData\Local\postgresinstall.bat [2011.01.04 15:10:58 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011.01.04 15:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2011.01.04 15:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2011.01.04 15:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2011.01.04 15:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2010.12.06 14:58:56 | 002,496,715 | ---- | C] () -- C:\Windows\System32\abgx360.exe [2010.05.26 19:37:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2010.04.28 20:31:06 | 000,000,068 | ---- | C] () -- C:\Windows\cdplayer.ini [2010.04.02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.03.05 18:47:36 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe [2010.02.27 13:08:29 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2010.02.23 16:13:27 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll [2010.01.27 20:46:45 | 000,138,384 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.12.29 12:32:12 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2009.12.23 20:40:51 | 000,000,762 | ---- | C] () -- C:\Windows\Edofma.INI [2009.08.28 13:25:32 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib [2009.07.23 19:20:43 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2009.05.29 17:36:24 | 000,086,250 | ---- | C] () -- C:\Windows\wininit.ini [2009.05.27 17:23:04 | 000,000,600 | ---- | C] () -- C:\Users\Kevin\AppData\Local\PUTTY.RND [2009.05.12 12:32:34 | 000,014,848 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2009.03.22 21:18:35 | 000,134,989 | ---- | C] () -- C:\Windows\War3Unin.dat [2009.03.15 19:22:50 | 000,000,535 | ---- | C] () -- C:\Windows\ODBCINST.INI [2009.01.29 20:02:15 | 000,000,093 | ---- | C] () -- C:\Users\Kevin\AppData\Local\fusioncache.dat [2009.01.29 19:28:29 | 000,000,386 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\Current.prx [2009.01.26 14:40:49 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbcutil.dll [2009.01.26 14:40:49 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBCinst.dll [2009.01.26 11:19:30 | 000,026,720 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\wklnhst.dat [2009.01.26 11:15:43 | 000,001,187 | ---- | C] () -- C:\Windows\ODBC.INI [2009.01.26 10:43:49 | 000,000,404 | ---- | C] () -- C:\Windows\LEXSTAT.INI [2009.01.25 18:14:10 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009.01.25 18:14:08 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009.01.23 17:21:26 | 000,154,624 | ---- | C] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.01.23 17:10:00 | 000,138,056 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\PnkBstrK.sys [2009.01.23 17:09:45 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2009.01.23 17:09:43 | 000,682,280 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2009.01.23 17:09:43 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2009.01.23 15:28:26 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.01.23 15:28:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.01.23 15:04:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys [2009.01.23 15:04:23 | 000,026,082 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009.01.23 15:03:13 | 000,000,680 | ---- | C] () -- C:\Users\Kevin\AppData\Local\d3d9caps.dat [2008.01.21 08:15:58 | 000,699,116 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.01.21 08:15:58 | 000,156,440 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.12.28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS [2007.02.22 18:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbccoin.dll [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,296,152 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,655,278 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,128,292 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005.10.25 14:51:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbcvs.dll [1999.01.22 21:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL [1998.06.10 00:00:00 | 000,015,120 | ---- | C] () -- C:\Windows\System32\REPUTIL.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 72 bytes -> C:\Windows:437DA1922D9BCD1B @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:A7D1EA69 @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A064CECC @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:41ADDB8A @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:05EE1EEF < End of report > |
|
21.02.2012, 14:19
| #15 |
| | Windows wurde blockiert OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 21.02.2012 14:12:34 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kevin\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 53,30% Memory free
10,99 Gb Paging File | 9,50 Gb Available in Paging File | 86,40% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,31 Gb Total Space | 77,63 Gb Free Space | 39,75% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 23,76 Gb Free Space | 8,79% Space Free | Partition Type: NTFS
Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1BC15B64-C369-496B-A7D8-CFFFC4738F54}" = lport=2869 | protocol=6 | dir=in | app=system |
"{93D28C7D-657A-4A6C-9A39-E8811B331A93}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9B414A25-7921-4077-8A59-B68AA7302B3D}" = lport=6112 | protocol=6 | dir=in | name=6112 |
"{A380219C-62BF-43B3-A6B1-09D5BDF70280}" = lport=1338 | protocol=6 | dir=in | name=1338 |
"{AC91602A-E785-452B-8567-15E5539F3047}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{C6D9711C-F8FC-4968-B369-15E51F4CA809}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{C84A652A-8EBA-4CB9-99A5-A971B83D8A81}" = lport=6112 | protocol=17 | dir=in | name=6112 |
"{DFEAD0CC-CDB7-455C-9249-93B9580096CA}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{FDFCFF18-B31E-40CD-BD14-B5E380366C3A}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02260DC9-E8BB-4709-AE40-AC121E1B75C4}" = protocol=6 | dir=in | app=d:\program files\tunngle\tunngle.exe |
"{050717F2-A386-453C-9E2F-3E820C983899}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{0B15D919-5D5E-44A1-87D3-A138A09B8863}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\rosettastoneltdservices.exe |
"{0CE501C0-FDCF-4D73-B12C-314C4B52CC81}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{102B6718-FC6C-417E-9224-A7EB457B3B58}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{10FAA7ED-BF56-49A0-9FE0-9B82B277744C}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\rosettastonedaemon.exe |
"{13EDE2F6-A665-4156-AF37-9447DE82A910}" = protocol=6 | dir=in | app=d:\program files\dragon age\bin_ship\daorigins.exe |
"{1711F7DC-8DB9-4F7A-8479-F04A13225919}" = protocol=6 | dir=in | app=d:\program files\microsoft games\age of empires iii\age3.exe |
"{1B2A3F2F-1146-4727-97EA-2CCF7BD51B64}" = protocol=17 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe |
"{2292A04C-B868-459D-B9FC-C131350CA1ED}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{23CEBD8A-3C1D-4B0E-882C-A4FCF90AB311}" = protocol=17 | dir=in | app=d:\program files\origin games\fifa 12\game\fifa.exe |
"{2424D9BB-DF60-4D8F-AE13-BC1FCB900C72}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2B8C018F-B057-4F7A-85A4-3ECF943216F9}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{3235C9BD-E643-4991-A705-710F9EA4A2D1}" = protocol=6 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe |
"{3518C955-624F-496D-B0BA-B30391ADAA38}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbcpswx.exe |
"{3630A9D1-6A51-4B39-BEC9-4D15CCD4DDC0}" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{36C40B64-DA14-4D51-8CCC-9BBDCAFA559D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{39E71065-55BB-4394-BA3A-EF8F1A446F4A}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{3A483245-06E6-43D5-8775-CE3D6B3036F7}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\empire total war\empire.exe |
"{3DA9F65D-0F1B-4AC4-93FF-931F8E04C48C}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{3E262613-34F5-40BC-9945-DD865C30B995}" = protocol=17 | dir=in | app=d:\program files\guild wars\gw.exe |
"{3EC05ED4-1271-4608-A9C0-5553C6A9AFD5}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fear.exe |
"{435BA85B-268F-4C94-9075-CEF504A1F201}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4A6297F7-5AAB-451F-AB63-6DCDC1EBEE4A}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{4C9FDD42-5D44-4FC3-8E72-410A9266A9A5}" = protocol=17 | dir=in | app=d:\program files\rvg software\holdem manager\holdemmanager.exe |
"{4E48D4A7-54F5-4CB8-BCE4-D3D267E2B647}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{538A5A86-8353-45C0-ACAC-0C5A64CDE326}" = protocol=17 | dir=in | app=c:\windows\system32\lxbccoms.exe |
"{563115A1-0AB3-403A-A358-8CC8169C7C92}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{64526B2B-07FE-4CB9-995A-EC99BD56CEC4}" = protocol=6 | dir=in | app=d:\program files\origin games\fifa 12\game\fifa.exe |
"{67992397-B7F7-48C9-AFB8-4D2413AED5C2}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{68D0A40B-8F8C-450C-AFB0-108EFC58CA95}" = protocol=17 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{690B9E13-F0F1-4C73-BE7F-F9D7DE3AB7D9}" = protocol=6 | dir=in | app=d:\program files\itunes\itunes.exe |
"{6A07AFBB-4BCF-4EA3-B508-52A3610868DC}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{6B061DED-E945-4814-B47A-FC9F738527B4}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{6D04846C-3871-404E-8733-DD022C80F67F}" = protocol=17 | dir=in | app=d:\program files\tunngle\tunngle.exe |
"{723E5170-3CBE-40B8-8F55-7AD9AC5820A3}" = protocol=17 | dir=in | app=d:\program files\rockstar games\eflc\launcheflc.exe |
"{72B0DB13-159F-4B56-BE61-0FAC797EB6FF}" = protocol=6 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe |
"{750974CD-2435-4972-ADF3-F528CBC8235B}" = protocol=17 | dir=in | app=d:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{76DAFFCF-C701-4127-A0F9-BB5BA3FD1BB1}" = protocol=17 | dir=in | app=d:\program files\jdownloader\jdownloader.exe |
"{790146CC-0E13-491D-B8B4-BBB41C56F905}" = protocol=17 | dir=in | app=d:\program files\dragon age\daoriginslauncher.exe |
"{816D2944-2DDC-4CA2-82B1-FD5A19CBECB7}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{82D89747-9AB8-4AE0-9EF0-BC90C1F3AD2B}" = protocol=6 | dir=in | app=d:\program files\rockstar games\eflc\launcheflc.exe |
"{8395DC00-59CF-451E-98B3-AA3B56F4BFE8}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{84ECAE31-FC9E-4C68-8E94-D26484B812F5}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{878CF526-CDEE-4F0B-9B48-3A33B6456523}" = dir=in | app=c:\program files\rosettastoneltdservices\rosettastoneltdservices.exe |
"{88779E37-82FB-4FF0-B070-B60C5C67BB61}" = protocol=6 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{89D5CA6B-C59E-421F-B29A-C3139E64C405}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{8D9080F5-CBB9-4D78-9741-EB29E4137EC8}" = protocol=17 | dir=in | app=d:\program files\tunngle\tnglctrl.exe |
"{8DD8DE8D-5C60-431F-94A2-2085321DF1A0}" = protocol=6 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{8E10E4F2-102D-4313-A0C2-49FC0F8A9780}" = protocol=6 | dir=in | app=c:\windows\system32\lxbccoms.exe |
"{8F352AF1-718E-478D-A562-B315AF975D36}" = protocol=6 | dir=in | app=d:\program files\rvg software\holdem manager\dbcontrolpanel.exe |
"{9066254F-CA05-4EAD-A4F2-C51E4E680FB5}" = protocol=17 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe |
"{90EE8DC0-423B-4889-8746-4EAA937158D5}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fearxp\fearxp.exe |
"{91371408-6EF0-4D66-BA1A-CE2273A4C934}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{954EADF2-6428-4413-BDAA-9B642E192696}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{98A92B9B-2335-41B4-95F7-07262B5991EF}" = protocol=6 | dir=in | app=d:\program files\rvg software\holdem manager\holdemmanager.exe |
"{9C32CA59-2829-4D89-9165-B97478D864BF}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{A2A87C3B-F9F4-4756-AD7E-E9AF4FC1330B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{A3D2E1C9-2EEE-4A9C-AA5F-070D9DF59537}" = dir=in | app=c:\program files\rosettastoneltdservices\rosettastonedaemon.exe |
"{B10D5103-085B-4117-9133-F70B2C643F75}" = protocol=6 | dir=in | app=d:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{B2DF138E-9D08-481D-A35C-3DF328E167AD}" = protocol=17 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{B2E8F5FC-C809-4468-89C7-7BC5F4A98AEE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B3740786-CCE7-4F72-94A8-2144178CE1DC}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fear.exe |
"{B5F30A51-1A31-4C51-BA5B-81D57F176B3A}" = protocol=17 | dir=in | app=d:\program files\microsoft games\age of empires iii\age3.exe |
"{B9BA56B4-9973-4FCE-BB3F-FE3BA14D123E}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{C2C7D9BA-F032-4721-BE08-FC5CC192779B}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{C3FCFC0F-6786-4BCD-8E90-7FAC5F771B8E}" = protocol=6 | dir=in | app=d:\program files\dragon age\daoriginslauncher.exe |
"{C6EE227B-D4C8-447A-9839-F4180B9B47B8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C9227D88-0738-4AAF-8B83-FC1EC143C487}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{CC4BBF49-1B60-442E-89A9-B06A529E79EF}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fearxp\fearxp.exe |
"{CF275D39-5B34-4F54-9AAC-E67D11014EF2}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{D0A342DE-47F0-40E5-9DDC-26A00D484ADE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D0FF87E1-C68C-4DD2-B2D0-94E4CFC3FF1C}" = protocol=17 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{D155E9CF-FB09-493B-A41C-49B03EC8F8DB}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{D7C61099-0E88-4FC1-A2A7-BBD4B33A57D9}" = protocol=6 | dir=in | app=d:\program files\tunngle\tnglctrl.exe |
"{DA2244EA-B8AF-4632-9ED7-17EDC40614BC}" = protocol=6 | dir=in | app=d:\program files\jdownloader\jdownloader.exe |
"{DEF5CCD5-D345-4C7B-9B5E-7204566625EC}" = protocol=6 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{E013AFFF-F7CB-4D5B-AFDC-7A867571087C}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\empire total war\empire.exe |
"{E07CD312-6F7C-45E7-BA3B-DCCF6DDC235E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E0C4163B-AFA6-4B91-A36D-BA5A74848E85}" = protocol=17 | dir=in | app=d:\program files\dragon age\bin_ship\daorigins.exe |
"{E1694F0D-443C-4AF3-B632-53A516E6E2D6}" = protocol=6 | dir=in | app=d:\program files\rvg software\holdem manager\hmhud.exe |
"{E2A90B3E-2D2F-4451-98BD-3965C1E50BE7}" = protocol=17 | dir=in | app=d:\program files\rvg software\holdem manager\dbcontrolpanel.exe |
"{E2D38A28-619B-4834-AF19-44745E421847}" = protocol=6 | dir=in | app=d:\program files\guild wars\gw.exe |
"{E3419925-96B7-4252-8A83-793EC1FC6CCF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbcpswx.exe |
"{E9B24E58-D222-416D-9A21-7000279F0571}" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{EE8BC520-C3F9-4AD8-B582-718CB0F6D022}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{F322ECEA-F096-411A-949E-5C828DD2E3E5}" = protocol=17 | dir=in | app=d:\program files\rvg software\holdem manager\hmhud.exe |
"{F32BC7EA-EE55-451E-83BA-2390596BCF5D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{F59FDB2E-6B16-4D9E-9E79-BAE045C89F89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FA037785-B456-43D8-B5C1-23B33479A2CF}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{FA640713-D0A0-48F1-965A-F8C400DE261C}" = protocol=6 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{FBB8494F-3FBD-49A7-97CA-179BDB9729D2}" = protocol=17 | dir=in | app=d:\program files\itunes\itunes.exe |
"{FC00CB47-D4D8-400F-9E57-D4446BD637A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FCD0F2B3-1DDD-4755-96DF-1356DAE8E10C}" = protocol=17 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{FD842E24-0121-4040-9F34-B835AF063345}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{FE49D6DF-5DF5-4677-81B4-9CD40252F8C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{049D0E66-0298-4E8B-9358-D47E8FDB0C3F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{04F344EC-5E4D-43F6-AFCE-22EE95F7FB50}D:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=6 | dir=in | app=d:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe |
"TCP Query User{08174836-18B6-4FAA-A655-2571C7877725}D:\program files\rockstar games\eflc\eflc.exe" = protocol=6 | dir=in | app=d:\program files\rockstar games\eflc\eflc.exe |
"TCP Query User{0C126593-312B-4AD3-863D-8400420B58B9}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{0C1461D8-90F6-4C35-AFAC-24D5E8C44CA4}C:\program files\activision\empires dawn of the modern world\empires_dmw.exe" = protocol=6 | dir=in | app=c:\program files\activision\empires dawn of the modern world\empires_dmw.exe |
"TCP Query User{0CE0CFA6-E3A7-4CD4-B0DE-3B57D98C23EB}D:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe |
"TCP Query User{124E94B1-4E62-42E7-99E3-CC7BF683C40E}D:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=d:\program files\intervideo\dvd8\windvd.exe |
"TCP Query User{1416E868-8826-47F9-BDD3-F75ED2C5181B}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{14308610-31A2-4E31-AC07-0DDBA6690333}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{1B7FE7CC-DBF3-458A-80D3-5FEA509CCE67}D:\program files\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\program files\world of warcraft\launcher.exe |
"TCP Query User{1D2E2B02-D8A0-42C1-8466-0A36F0902BC9}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{3C0AB35C-276B-414D-A213-E54BBBB838DF}D:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe |
"TCP Query User{49D913CB-E95A-4154-88F6-C93E1752763F}D:\program files\winhttrack\winhttrack.exe" = protocol=6 | dir=in | app=d:\program files\winhttrack\winhttrack.exe |
"TCP Query User{4FE52CA6-24AA-40ED-BDFA-005BF946FC2A}D:\program files\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=d:\program files\valve\portal 2\portal2.exe |
"TCP Query User{6AF44318-D101-489A-9755-24201C6661E6}D:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{6B07766E-D96C-49E9-9A06-8DA31F794839}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{6E85616E-0AC0-4DBB-A33C-812E9E52B214}C:\program files\graffiti studio 2.0\graffiti studio.exe" = protocol=6 | dir=in | app=c:\program files\graffiti studio 2.0\graffiti studio.exe |
"TCP Query User{74F4E9B8-5458-4F9F-98D5-44928363DB1E}D:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\program files\sopcast\sopcast.exe |
"TCP Query User{836C65D3-9920-4A7B-9412-98DB2ED728E8}D:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{90414F95-AB68-4239-BCB5-B36E9C41F391}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"TCP Query User{94F32068-74E9-43E9-99DF-E6ADAE1FC09C}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{96097F71-1DAA-461B-829A-AB480AE296D1}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{96C6F46D-7F7E-4E33-ACEB-C16A1FE2F753}D:\program files\ubisoft\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"TCP Query User{9ABA2525-3565-4259-A03E-24ADEF7EABE3}D:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe" = protocol=6 | dir=in | app=d:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe |
"TCP Query User{9B5354C6-39D5-4310-BC11-D6CE303EB780}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{A3890824-D3F6-4F4F-ADF3-D4E2F7ACFED5}C:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe" = protocol=6 | dir=in | app=c:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe |
"TCP Query User{AFFDAD41-1AF0-4AA9-A89B-BF912C6520A3}D:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"TCP Query User{B9B481CC-80B5-410D-9E1D-3A38ADEE3F58}D:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{C3276851-E358-4B72-9A07-ED0D8BF93299}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{E0831070-2F42-4BA3-95CC-25B22F88277D}C:\program files\x-chat 2\xchat.exe" = protocol=6 | dir=in | app=c:\program files\x-chat 2\xchat.exe |
"TCP Query User{E4782409-E453-45AA-8C55-6FB1B41B9E28}C:\program files\openvpn\bin\openvpn.exe" = protocol=6 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe |
"TCP Query User{E89CBB6F-3FDC-4543-B1F3-49D067CCD41C}C:\users\kevin\temp\teamviewer\version4\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\kevin\temp\teamviewer\version4\teamviewer.exe |
"TCP Query User{F8783AAA-F8E2-4820-884A-9E8C25DBD531}D:\program files\ubisoft\related designs\anno 1404\addon.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\addon.exe |
"UDP Query User{02993BB8-1AEE-451D-8FEB-F9B2BC730D15}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{0378D491-90D0-47E8-9F5F-B5BD4BA7D2D7}D:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=17 | dir=in | app=d:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe |
"UDP Query User{0576D843-2AB9-4805-800C-F65355E2553E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{0FBE7B06-3488-4C92-ABBF-813488D24215}D:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\program files\sopcast\sopcast.exe |
"UDP Query User{126CC74A-8A3C-42DD-AA55-32C1862A9A4A}C:\program files\activision\empires dawn of the modern world\empires_dmw.exe" = protocol=17 | dir=in | app=c:\program files\activision\empires dawn of the modern world\empires_dmw.exe |
"UDP Query User{2135D95F-6179-48A4-AB5F-23E6A6683DDE}D:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{22DC7004-F415-4A63-A3AB-CEA9D14A2A4D}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{24CF0632-9E3A-427B-9A89-6CFA95A0CF0F}D:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{2B0C7EDD-9757-4908-839E-CE60AD3AAB94}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{2ED5D616-E6CA-40E5-8295-2F8260D4C2D2}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{33234148-933E-406B-867E-4F6FE70750C6}D:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe" = protocol=17 | dir=in | app=d:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe |
"UDP Query User{397800EC-ADF1-4E68-97E7-623353BC6BBB}C:\program files\openvpn\bin\openvpn.exe" = protocol=17 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe |
"UDP Query User{39876B57-9949-4193-B7BB-62965B7CA361}C:\program files\x-chat 2\xchat.exe" = protocol=17 | dir=in | app=c:\program files\x-chat 2\xchat.exe |
"UDP Query User{3CEC3EB6-213D-4754-AAA0-F70A7DF77DB9}D:\program files\winhttrack\winhttrack.exe" = protocol=17 | dir=in | app=d:\program files\winhttrack\winhttrack.exe |
"UDP Query User{48C2ECB9-17B2-48C5-87DB-F9B1317EB174}D:\program files\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=d:\program files\valve\portal 2\portal2.exe |
"UDP Query User{48FBD34E-91B9-43EB-935F-3A037D8934F1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{4BF507AB-6E70-46A7-AE59-4B242C49FF87}D:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"UDP Query User{4EB37FA1-7A9F-448A-A0B2-49D36334763F}C:\program files\graffiti studio 2.0\graffiti studio.exe" = protocol=17 | dir=in | app=c:\program files\graffiti studio 2.0\graffiti studio.exe |
"UDP Query User{520A5AFE-1914-4276-82DE-EFF1AB4C6528}D:\program files\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\program files\world of warcraft\launcher.exe |
"UDP Query User{61C080E2-1D35-4A75-AFB4-9EE03D9486F4}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{638DCCE4-D8A3-40C7-8C48-D3CF6D496BF8}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{6396DB85-D5BB-485F-87B7-A29190E1D724}D:\program files\ubisoft\related designs\anno 1404\addon.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\addon.exe |
"UDP Query User{73909B1C-8977-416E-B65E-0E7D64AB199D}D:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe |
"UDP Query User{7EA54910-C7E0-40AB-85D4-8C00AC544246}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{810E8CAE-E004-4F84-A689-8D452C9459AB}C:\users\kevin\temp\teamviewer\version4\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\kevin\temp\teamviewer\version4\teamviewer.exe |
"UDP Query User{84787A75-BB9D-481F-88E0-DFEAFDB53536}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{8946B41A-3B34-4FD8-B8DB-25A8A8690BC0}D:\program files\ubisoft\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"UDP Query User{8FAF48EF-3C10-452B-AEF0-BCECCD682355}C:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe" = protocol=17 | dir=in | app=c:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe |
"UDP Query User{A0FB9F23-81DB-4467-A9D0-96B933FC272A}D:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe |
"UDP Query User{BE02FC87-B499-4FAA-BE33-B9E5700844E5}D:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=d:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{C0D295DE-8E05-4585-843E-93FC298484EA}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"UDP Query User{F473267A-E72F-4133-B22F-74F39EAC164F}D:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{F4B67866-96DB-4695-84A5-484A19FA9DA8}D:\program files\rockstar games\eflc\eflc.exe" = protocol=17 | dir=in | app=d:\program files\rockstar games\eflc\eflc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{04440044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Enzyklopädie 2004
"{045A9539-37B6-464D-94F9-E4ADFA856903}" = PokerStrategy.com Equilator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D994CC5-819F-4657-84DD-397B8FE1EA80}" = Star Wars Jedi Knight Jedi Academy
"{0E9389C0-0E8A-4174-A430-CFAFF29CC3A7}" = PokerStrategy.com Equilab
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{1459C671-45F3-4A58-8EA6-3B675460E51A}" = DO Kopfrechnen
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars(TM): Knights of the Old Republic (TM)
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{2F8BE683-EF69-4D18-9974-DB0C1832A516}" = ICM Trainer Light
"{3230518C-2953-4FB9-8485-B3CDFCC36A70}" = Rosetta Stone Ltd Services
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{39930321-4C58-4B8B-BCBF-342698C9801D}" = Max Payne
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE2032D-B1DA-4057-9D1E-4120F8B64367}" = DSLaufzeit
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{45B4FF51-D048-46A1-AE2C-3786F2221F47}" = DSRechner
"{47EA4DDF-FD99-46B3-846C-9F3F315268AD}" = ICM Trainer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B680750-760B-49E4-81E7-21B2B337F9F7}" = Microsoft Works
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{628C3D50-F524-4C49-A958-672CE7953756}" = Der Herr der Ringe® - Die Eroberung™
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7AF9D464-6627-4FB9-AEF9-15D6C972CA84}_is1" = Minecraft Beta Version 1.7.3
"{7C3D8108-8D99-427F-A1C2-D8E0D25A469C}" = Tom Clancy's EndWar
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{909BBDB7-BABE-434C-9124-863A9F8D1CF8}" = FEAR Extraction Point
"{90DA7F39-B9D4-4FB1-93A0-6B10F83E35E2}" = Wer wird Millionär - Party-Edition
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD 4
"{99889189-C739-4A46-BA02-3B271A118957}" = F.E.A.R. Mission Perseus
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = Die Siedler 7
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A1416622-0DDE-45B5-B06C-DFC3ED94C53B}" = Der Pate® II
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A53BEB85-A538-4F93-BF0C-2D9770532D10}" = Lost Horizon
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BB47D7EA-7EF1-475C-9C14-AF5B8FCA45E2}" = Condemned - Criminal Origins
"{BE9A67F1-BDD3-4259-9F5C-2EFCE6B3A6C5}" = Clive Barker's Jericho
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C2F8468F-85AB-4D08-A68E-01D328E7B261}" = PokerStrategy.com Elephant
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CAD1691A-FA24-4B95-9009-3257B8440ECC}" = Tom Clancy's Splinter Cell Double Agent
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1D632A2-E249-466D-A094-B1B934D37645}_is1" = Stronghold Kingdoms
"{D2ECAEB9-1ACD-4DA2-B3F6-4A94A429FC8C}" = Legendary
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: The Complete Saga
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DC158DF7-6B36-4C6F-BC91-109014297994}" = FIFA 11 Demo
"{DEED33EE-4357-4907-8F20-C1A50CC68A5A}" = USB Joystick
"{E184BB79-61A3-4B0A-86D1-12A56C0A7270}" = Painkiller Resurrection
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E71AC707-179D-458D-A1E8-F52977CAEAB4}" = M.U.D. TV
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{F027C8E3-6DBD-492A-9959-7B36B1DE0D65}" = Ad-Aware
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F73D18C1-F4DA-4B9F-9C46-5185F5D3DB7C}" = F.E.A.R. 2 SP Demo
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FB32F52B-0D1C-4214-91A6-5B2DA15A5238}" = Ad-Aware
"{FD025150-EEA0-4CAC-BED1-B9837783FCC8}" = ActivePerl 5.10.0 Build 1005
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"abgx360" = abgx360 v1.0.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"APP-Codejock.SuitePro.ActiveX.v12.0.1_is1" = Xtreme SuitePro ActiveX v12.0.1
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"Ask Toolbar_is1" = Ask Toolbar
"Aspell German Dictionary_is1" = Aspell German Dictionary-0.50-2
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.8 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Black Mirror 2_is1" = Black Mirror 2
"Black Mirror III_is1" = Black Mirror III
"Brain Workshop_is1" = Brain Workshop 4.4
"Call of Duty Black Ops GERMAN Uncut 1.00" = Call of Duty Black Ops GERMAN Uncut 1.00
"CCleaner" = CCleaner (remove only)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dues Ex Human Revolution_is1" = Dues Ex Human Revolution
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"DyynoPlayer" = DyynoPlayer 0.8.6f.2
"EFCL SecuLauncher Error Fix v1.1 by TokZic 1.1" = EFCL SecuLauncher Error Fix v1.1 by TokZic 1.1
"Empires Dawn of the Modern World" = Empires Dawn of the Modern World
"Eraser" = Eraser
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"F.E.A.R. 3_is1" = F.E.A.R. 3
"F.E.A.R.2 Reborn_is1" = F.E.A.R.2 Reborn
"FeedReader_is1" = FeedReader
"FileZilla Client" = FileZilla Client 3.3.4.1
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Billiards 2008_is1" = Free Billiards 2008
"Free YouTube Download_is1" = Free YouTube Download 2.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Game Booster_is1" = Game Booster
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"GFWL_{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"GNU Aspell_is1" = GNU Aspell 0.50-3
"Google Updater" = Google Updater
"Graffiti Studio 2.0_is1" = Graffiti Studio 2.0
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen)
"Guild Wars" = GUILD WARS
"HijackThis" = HijackThis 2.0.2
"HoldemManager" = Holdem Manager
"ICQToolbar" = ICQ Toolbar
"ImgBurn" = ImgBurn
"InstallShield_{045A9539-37B6-464D-94F9-E4ADFA856903}" = PokerStrategy.com Equilator
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"InstallShield_{D2ECAEB9-1ACD-4DA2-B3F6-4A94A429FC8C}" = Legendary
"InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: Die Komplette Saga
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"JDownloader" = JDownloader
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Lexmark 510 Series" = Lexmark 510 Series
"Lexmark Z500-Z600 Series" = Lexmark Z500-Z600 Series
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mikogo" = Mikogo
"MobMap_is1" = MobMap 3.55
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"MyMDb_0" = MyMDb 3.6
"Nero - Burning Rom!UninstallKey" = Ahead Nero OEM
"NeroVision!UninstallKey" = Ahead NeroVision Express
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OpenVPN" = OpenVPN 2.0.9-gui-1.0.3
"Origin" = Origin
"PartyPoker" = PartyPoker
"Pidgin" = Pidgin
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"Postal 2_is1" = Portal 2
"PostgreSQL 8.3" = PostgreSQL 8.3
"PostgreSQL 8.4" = PostgreSQL 8.4
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Proxifier_is1" = Proxifier version 2.7
"PunkBusterSvc" = PunkBuster Services
"Quick Memory Editor_is1" = Quick Memory Editor 5.5
"QuickPar" = QuickPar 0.9
"RealPlayer 12.0" = RealPlayer
"Schlag den Raab_is1" = Schlag den Raab
"Shockwave" = Shockwave
"SitNGoWizard" = SitNGo Wizard
"SMPlayer_is1" = SMPlayer 0.6.6
"SopCast" = SopCast 3.2.4
"Steam App 10500" = Empire: Total War
"Steam App 240" = Counter-Strike: Source
"Steam App 400" = Portal
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 500" = Left 4 Dead
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"TeamViewer 6" = TeamViewer 6
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"TrueCrypt" = TrueCrypt
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.7
"UseNeXT_is1" = UseNeXT
"VirusTotalUploader" = VirusTotal Uploader
"VirusTotalUploader2.0" = VirusTotal Uploader 2.0
"Visual Basic 6.0 Professional Edition (deu)" = Microsoft Visual Basic 6.0 Professional Edition (Deutsch)
"VLC media player" = VLC media player 0.9.8a
"Warcraft III" = Warcraft III
"WebMoney Agent" = WebMoney Agent
"Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.5
"WebPost" = Microsoft Web Publishing Wizard 1.53
"Wecker 2.2" = Wecker 2.2 2.2
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9
"WinPatrol" = WinPatrol 2008
"WinRAR archiver" = WinRAR
"Works2004Setup" = Setup-Start von Microsoft Works 2004
"World of Warcraft" = World of Warcraft
"xampp" = XAMPP 1.7.1
"X-Chat 2_is1" = X-Chat 2.8.6-2
"Xfire" = Xfire (remove only)
"XnView_is1" = XnView 1.96.5
"xp-AntiSpy" = xp-AntiSpy 3.97
"Zygor Guides" = Zygor Guides
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"360WAVESPATCHERCLT" = 360WavesPatcher (Client setup)
"BrainGame" = Dr Kawashima
"Google Chrome" = Google Chrome
"Runic Games Torchlight" = Torchlight
"sc10-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Universal Replayer" = Universal Replayer
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.02.2012 08:16:05 | Computer Name = Kevin-PC | Source = Application Hang | ID = 1002
Description = Programm RealPlay.exe, Version 12.0.1.609 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
das Problem zu suchen. Prozess-ID: bd0 Anfangszeit: 01ccf091ad0fab51 Zeitpunkt der
Beendigung: 1171
Error - 21.02.2012 08:17:03 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.02.2012 08:17:24 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.02.2012 08:17:24 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.02.2012 08:17:42 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.02.2012 08:48:31 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.02.2012 08:48:52 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.02.2012 08:48:52 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.02.2012 08:52:46 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.02.2012 09:03:15 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ SitNGoWizard Events ]
Error - 18.10.2011 13:22:40 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 26.12.2011 13:44:20 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
Error - 26.12.2011 13:44:21 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 26.12.2011 13:44:30 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
Error - 26.12.2011 13:44:30 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 26.12.2011 13:44:40 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
Error - 26.12.2011 13:44:40 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 12.01.2012 16:45:46 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
Error - 12.01.2012 16:45:47 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 05.02.2012 17:31:48 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
[ System Events ]
Error - 19.02.2012 06:05:17 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 19.02.2012 10:27:14 | Computer Name = Kevin-PC | Source = HTTP | ID = 15016
Description =
Error - 19.02.2012 10:28:35 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 20.02.2012 07:08:13 | Computer Name = Kevin-PC | Source = HTTP | ID = 15016
Description =
Error - 20.02.2012 07:09:38 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 20.02.2012 17:22:05 | Computer Name = Kevin-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 20.02.2012 um 22:20:21 unerwartet heruntergefahren.
Error - 20.02.2012 17:22:07 | Computer Name = Kevin-PC | Source = HTTP | ID = 15016
Description =
Error - 20.02.2012 17:23:46 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 21.02.2012 06:08:12 | Computer Name = Kevin-PC | Source = HTTP | ID = 15016
Description =
Error - 21.02.2012 06:09:35 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description =
[ TuneUp Events ]
Error - 16.02.2012 05:06:40 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-16 10:06:40', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','2056',0)
Error - 17.02.2012 03:01:07 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-17 08:01:07', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','1288',0)
Error - 17.02.2012 06:52:31 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-17 11:52:31', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','4216',0)
Error - 18.02.2012 06:30:12 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-18 11:30:12', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','4148',0)
Error - 18.02.2012 08:38:39 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-18 13:38:39', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','1488',0)
Error - 18.02.2012 12:06:27 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-18 17:06:27', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','3780',0)
Error - 19.02.2012 06:07:25 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-19 11:07:25', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','728',0)
Error - 19.02.2012 10:30:41 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-19 15:30:41', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','3208',0)
Error - 20.02.2012 07:11:41 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-20 12:11:41', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','4244',0)
Error - 20.02.2012 17:25:52 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-20 22:25:52', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','4452',0)
< End of report >
[/code] |
|
| Themen zu Windows wurde blockiert |
| 32bit, antworten, arbeiten, blockiert, durchgeführt, gelöscht, gestern, größte, inter, interne, internet, nachfrage, notfall, problem, schonmal, systemwiederherstellung, verloren, version, vista, vista 32bit, wahrscheinlich, windows, windows vista, worte, würde |
Linear-Darstellung
