Virenschutzprogramm und Firewall deaktivieren sich immer!

Zocker97 · 04.11.2012, 19:26

Hi,
Vor kurzem hat jemand meinen Gmx account "gehackt" und an all meine Kontakte eine E-Mail mit einem verseuchten Link drinn versendet. Ich hab das Passwort geändert und hätte mir gedacht das sei alles. Jetzt jedoch, als ich meinen Pc gestartet habe war meine Firewall, mein Virenschutzprogramm Kasperski Pro und deren Firewall deaktiviert und Kasperski lässt sich jetzt auch nicht mehr einschalten.
Was ist da los? Habe ich Trojaner oder schlimmeres oben?

LG Zocker97

kira · 05.11.2012, 13:51

Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du durch [X] oder Sternchen (*) ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

► Hilfeleistung - geplante Vorgehensweise:

Problemsuche
Problembeseitigung/Systembereinigung
Verwendete Programme deinstallieren/entfernen
Thema abschließen: Tipps zur Computersicherheit

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware Lade Dir Malwarebytes Anti-Malware → von hier herunter

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Mache Häckchen bei LOP- und Purity-Prüfung
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

3.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:

Download den CCleaner herunter
Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw

gruß
kira

Zocker97 · 05.11.2012, 19:26

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 05.11.2012 19:11:04 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Gregor\Programme\Trojaner Board\Oldtimer
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
15,98 Gb Total Physical Memory | 13,37 Gb Available Physical Memory | 83,69% Memory free
31,95 Gb Paging File | 29,23 Gb Available in Paging File | 91,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1811,92 Gb Total Space | 223,77 Gb Free Space | 12,35% Space Free | Partition Type: NTFS
Drive D: | 50,00 Gb Total Space | 30,69 Gb Free Space | 61,39% Space Free | Partition Type: NTFS
 
Computer Name: GREGOR-PC | User Name: Gregor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Gregor\AppData\Local\Temp\is-NTT86.tmp\mbam-setup-1.65.1.1000.tmp ()
PRC - C:\Users\Gregor\AppData\Local\Temp\is-NS1FL.tmp\mbam-setup-1.65.1.1000.tmp ()
PRC - C:\Users\Gregor\Programme\Trojaner Board\ Malwarebytes Anti-Malware \mbam-setup-1.65.1.1000.exe (Malwarebytes Corporation                                    )
PRC - C:\Users\Gregor\Programme\Trojaner Board\Oldtimer\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe ()
PRC - C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe ()
PRC - C:\Program Files (x86)\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Gregor\AppData\Local\Temp\is-NTT86.tmp\mbam-setup-1.65.1.1000.tmp ()
MOD - C:\Users\Gregor\AppData\Local\Temp\is-NS1FL.tmp\mbam-setup-1.65.1.1000.tmp ()
MOD - C:\Users\Gregor\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Gregor\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll ()
MOD - C:\Users\Gregor\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll ()
MOD - C:\Users\Gregor\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll ()
MOD - C:\Users\Gregor\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll ()
MOD - C:\Users\Gregor\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll ()
MOD - C:\Users\Gregor\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0018dd52b56988a833ee41699cf49325\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e7cd67fc34ad0fc611c1e1244cfc6584\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe ()
MOD - C:\Program Files (x86)\Belkin\F7D4101\V1\BelkinwcuiDLL.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV:64bit: - (CoordinatorServiceHost) -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe (Dassault Systèmes SolidWorks Corp.)
SRV:64bit: - (Remote Solver for Flow Simulation 2011) -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe (Mentor Graphics Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (SolidWorks Licensing Service) -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WLANBelkinService) -- C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (BCMH43XX) -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys (Broadcom Corporation)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0A976209-3E95-4404-A9E1-48E037B2A3FB}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_deAT463
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=100888&tt=261211_ctrl&babsrc=SP_ss&mntrId=204c3cc0000000000000c89cdc2e162a
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://de30.grepolis.com/game/index?login=1#"
FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.11
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Gregor\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Gregor\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru [2011.12.24 21:42:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru [2011.12.24 21:42:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru [2011.12.24 21:42:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.05.10 17:42:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 21:37:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.27 21:37:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 21:37:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.27 21:37:02 | 000,000,000 | ---D | M]
 
[2011.12.25 11:17:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gregor\AppData\Roaming\mozilla\Extensions
[2012.11.05 17:10:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gregor\AppData\Roaming\mozilla\Firefox\Profiles\7d92rif7.default\extensions
[2011.12.29 15:49:45 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Gregor\AppData\Roaming\mozilla\Firefox\Profiles\7d92rif7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.11.01 01:06:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Gregor\AppData\Roaming\mozilla\Firefox\Profiles\7d92rif7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.11.05 17:10:07 | 000,530,388 | ---- | M] () (No name found) -- C:\Users\Gregor\AppData\Roaming\mozilla\firefox\profiles\7d92rif7.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.09.08 20:08:06 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Gregor\AppData\Roaming\mozilla\firefox\profiles\7d92rif7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.27 21:37:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.27 21:37:01 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.05.10 17:42:50 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.10.27 21:37:03 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.20 11:21:48 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.29 22:13:18 | 000,002,351 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.09.09 20:16:25 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.20 11:21:48 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.20 11:21:48 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.20 11:21:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.20 11:21:48 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: Grepolis - Das Browsergame in der Antike
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: Grepolis - Das Browsergame in der Antike
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Gregor\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Users\Gregor\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Gregor\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Gregor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Gregor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: DealPly = C:\Users\Gregor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\
CHR - Extension: Skype Click to Call = C:\Users\Gregor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Users\Gregor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Gregor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Gregor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4:64bit: - HKLM..\RunOnce: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Users\Gregor\Desktop\BitComet.exe (BitComet - A free C++ BitTorrent/HTTP/FTP Download Client)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Users\Gregor\Desktop\BitComet.exe (BitComet - A free C++ BitTorrent/HTTP/FTP Download Client)
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Gregor\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Users\Gregor\Desktop\BitComet.exe (BitComet - A free C++ BitTorrent/HTTP/FTP Download Client)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Users\Gregor\Desktop\BitComet.exe (BitComet - A free C++ BitTorrent/HTTP/FTP Download Client)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Gregor\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten österreichischen Shopping-Websites File not found
O9:64bit: - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten österreichischen Shopping-Websites File not found
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten österreichischen Shopping-Websites File not found
O9 - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten österreichischen Shopping-Websites File not found
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B03697CA-FFAE-4C0D-B880-3AC598778647}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BADD782E-35FB-442B-AC54-A30E214AC70C}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab ZAO)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.05 19:09:42 | 000,000,000 | ---D | C] -- C:\Users\Gregor\AppData\Roaming\Malwarebytes
[2012.11.05 19:09:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.05 19:09:21 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.05 19:09:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.02 23:05:24 | 000,000,000 | ---D | C] -- C:\Users\Gregor\Desktop\cod zombie mod
[2012.11.02 17:49:32 | 000,171,008 | ---- | C] (RAD Game Tools, Inc.) -- C:\Users\Gregor\Desktop\binkw32.dll
[2012.11.02 17:49:11 | 000,000,000 | ---D | C] -- C:\Users\Gregor\Desktop\zone
[2012.11.02 17:47:03 | 005,538,306 | ---- | C] (Activision Blizzard, Inc.) -- C:\Users\Gregor\Desktop\CodWaw.exe
[2012.11.02 17:47:03 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Users\Gregor\Desktop\d3dx9_37.dll
[2012.11.02 17:47:03 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Users\Gregor\Desktop\xinput1_3.dll
[2012.11.02 17:47:03 | 000,000,000 | ---D | C] -- C:\Users\Gregor\Desktop\main
[2012.10.30 22:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2013
[2012.10.30 22:43:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Landwirtschafts Simulator 2013
[2012.10.29 21:38:43 | 000,000,000 | ---D | C] -- C:\Users\Gregor\AppData\Roaming\Mp3tag
[2012.10.29 21:38:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3tag
[2012.10.27 21:37:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.27 21:32:56 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2012.10.27 21:32:34 | 000,000,000 | ---D | C] -- C:\Users\Gregor\AppData\Local\Paint.NET
[2012.10.25 15:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Landwirtschafts Simulator 2013 Demo
[2012.10.25 15:55:28 | 000,000,000 | ---D | C] -- C:\Users\Gregor\AppData\Local\Programs
[2012.10.20 16:13:10 | 026,331,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.10.20 16:13:10 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.10.20 16:13:10 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.10.20 16:13:10 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.10.20 16:13:10 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.10.20 16:13:10 | 009,146,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.10.20 16:13:10 | 007,697,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.10.20 16:13:10 | 007,414,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012.10.20 16:13:10 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012.10.20 16:13:10 | 002,747,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.10.20 16:13:10 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.10.20 16:13:10 | 002,218,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.10.20 16:13:10 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.10.20 16:13:10 | 000,831,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012.10.20 16:13:10 | 000,247,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012.10.20 16:13:10 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012.10.13 23:42:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConvertHelper
[2012.10.10 16:34:16 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.10 16:34:15 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.10 16:34:15 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.10 16:34:04 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.10 16:34:04 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.10 16:34:04 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.10 16:34:04 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.10 16:34:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.10 16:34:03 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.10 16:34:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.10 16:34:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.10 16:34:03 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.10 16:34:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.10 16:34:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.10 16:34:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 16:34:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 16:34:03 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 16:34:03 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 16:34:03 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.10 16:34:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 16:34:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 16:34:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 16:34:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 16:34:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 16:34:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 16:34:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 16:34:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 16:34:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 16:34:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 16:34:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 16:34:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 16:34:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 16:34:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 16:34:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 16:34:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 16:34:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.10 16:33:56 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.10 16:33:45 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.10 16:33:44 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.09 19:02:45 | 000,000,000 | ---D | C] -- C:\Users\Gregor\Desktop\Minecraft Bukki Server [64-Bit]
[2012.10.09 14:12:49 | 010,220,472 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.10.07 19:49:08 | 000,000,000 | ---D | C] -- C:\Users\Gregor\AppData\Roaming\fltk.org
[2012.10.07 19:49:08 | 000,000,000 | ---D | C] -- C:\ProgramData\fltk.org
[2012.10.07 15:38:32 | 000,000,000 | ---D | C] -- C:\Users\Gregor\AppData\Local\{609523F9-BF7E-4325-95F2-F8546D9BC04F}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.05 19:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.05 19:09:22 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.05 19:03:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.05 18:48:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-960951304-219825150-4030528828-1001UA.job
[2012.11.05 18:36:26 | 000,017,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.05 18:36:26 | 000,017,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.05 18:32:59 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.05 18:32:59 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.05 18:32:59 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.05 18:32:59 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.05 18:32:59 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.05 18:29:04 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.05 18:28:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.05 18:28:25 | 4276,228,094 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.30 22:45:00 | 000,001,287 | ---- | M] () -- C:\Users\Gregor\Desktop\Landwirtschafts Simulator 2013 .lnk
[2012.10.29 21:38:24 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2012.10.25 15:37:34 | 000,001,628 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[2012.10.20 16:57:22 | 000,002,306 | ---- | M] () -- C:\Users\Gregor\Desktop\Free Video to MP3 Converter.lnk
[2012.10.14 17:34:20 | 000,001,556 | ---- | M] () -- C:\Users\Gregor\Desktop\Minecraft besser.lnk
[2012.10.14 15:57:43 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-960951304-219825150-4030528828-1001Core.job
[2012.10.09 19:02:38 | 010,821,076 | ---- | M] () -- C:\Users\Gregor\Desktop\Minecraft Bukki Server [64-Bit].rar
[2012.10.09 15:12:59 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.09 15:12:59 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.09 15:12:53 | 010,220,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.10.07 21:15:15 | 000,001,482 | ---- | M] () -- C:\Users\Gregor\Desktop\HOMEFRONT.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.05 19:09:22 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.30 22:45:00 | 000,001,287 | ---- | C] () -- C:\Users\Gregor\Desktop\Landwirtschafts Simulator 2013 .lnk
[2012.10.29 21:38:24 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2012.10.27 21:33:15 | 000,001,304 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2012.10.25 15:37:34 | 000,001,628 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[2012.10.20 16:57:22 | 000,002,306 | ---- | C] () -- C:\Users\Gregor\Desktop\Free Video to MP3 Converter.lnk
[2012.10.14 17:34:20 | 000,001,556 | ---- | C] () -- C:\Users\Gregor\Desktop\Minecraft besser.lnk
[2012.10.09 19:01:07 | 010,821,076 | ---- | C] () -- C:\Users\Gregor\Desktop\Minecraft Bukki Server [64-Bit].rar
[2012.10.07 21:15:15 | 000,001,482 | ---- | C] () -- C:\Users\Gregor\Desktop\HOMEFRONT.lnk
[2012.06.19 20:17:27 | 000,007,605 | ---- | C] () -- C:\Users\Gregor\AppData\Local\Resmon.ResmonCfg
[2012.05.12 18:14:20 | 000,025,600 | -H-- | C] () -- C:\Users\Gregor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.09 18:58:32 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.02.05 17:57:42 | 000,000,000 | -HSD | M] -- C:\Users\Gregor\AppData\Roaming\.#
[2012.10.28 19:42:03 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\.minecraft
[2012.06.28 09:23:10 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\.Nitrous
[2011.12.29 22:13:17 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\Babylon
[2011.12.29 19:52:08 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\BitComet
[2012.04.29 20:13:18 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\Blender Foundation
[2012.09.04 12:42:28 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\Blockscape
[2012.02.12 16:02:07 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\DassaultSystemes
[2012.10.20 16:57:21 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\DVDVideoSoft
[2012.09.24 17:57:05 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.10.07 19:49:08 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\fltk.org
[2011.12.29 14:54:55 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\Leadertech
[2012.09.11 16:46:09 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\LolClient
[2012.07.17 10:27:43 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2012.10.31 15:48:50 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\Mp3tag
[2012.10.23 18:40:37 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\Notepad++
[2012.06.20 14:50:04 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\TS3Client
[2011.12.24 21:31:52 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\Ubisoft
[2011.12.25 12:01:42 | 000,000,000 | ---D | M] -- C:\Users\Gregor\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1133 bytes -> C:\Users\Gregor\Documents\Kaspersky Lab D-A-CH - Auftragsbestätigung (Bestellung Nr_ 12500873623).eml:OECustomProperty

< End of report >

--- --- ---

Zocker97 · 05.11.2012, 19:28

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 05.11.2012 19:11:04 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Gregor\Programme\Trojaner Board\Oldtimer
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
15,98 Gb Total Physical Memory | 13,37 Gb Available Physical Memory | 83,69% Memory free
31,95 Gb Paging File | 29,23 Gb Available in Paging File | 91,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1811,92 Gb Total Space | 223,77 Gb Free Space | 12,35% Space Free | Partition Type: NTFS
Drive D: | 50,00 Gb Total Space | 30,69 Gb Free Space | 61,39% Space Free | Partition Type: NTFS
 
Computer Name: GREGOR-PC | User Name: Gregor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00831E7B-F875-4454-B2E6-390AE1DC6489}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0B2752BE-907D-46A6-AEFD-96D20C5DD39C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0C75A7DA-1BC1-4ADD-BDCA-3E0B3B84E464}" = lport=445 | protocol=6 | dir=in | app=system | 
"{110AB8C3-0353-4A42-9CDF-4AEAAC7BB8E5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2012372A-135F-4D53-BD63-453EFD2C15EB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{3F0CB73A-4640-4B7B-A0AC-524E66E23823}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{4EE705D4-A6B7-430A-B1E9-48247078468A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{555A6545-D7B9-4D63-B61E-8AF527025CED}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{56E0F113-A503-49FD-B17B-063FAE23C35F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{572E2D64-C673-40A8-ADE0-A9F47FE12D47}" = lport=138 | protocol=17 | dir=in | app=system | 
"{5F6450CE-866D-4E7B-A273-45CBF1EE1D7A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{68DB3B99-60EE-4850-A9C1-774489E7D07F}" = rport=139 | protocol=6 | dir=out | app=system | 
"{718BFCAC-A17E-451A-8B4C-3F58D3B28F0F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7E551D3A-2868-4E0B-90EF-E77DE14FB4BD}" = lport=139 | protocol=6 | dir=in | app=system | 
"{8685C18E-EA42-43D2-99C5-8E96D86E20AF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{99561312-974D-4026-8453-D930C6C3DAA6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{ABE6BCC4-4105-49D4-A61F-C4CA21A39E42}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D26E8726-B677-4D2C-8B9A-79E5470ABFA3}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{D5C85EE5-3A27-4EB4-95A9-00116AFE5E1F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D63C74F5-9DCE-4F49-A501-D838905BB8A3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{E195CDB3-695E-4203-BB53-B5BA839598E9}" = rport=445 | protocol=6 | dir=out | app=system | 
"{E5D07895-26E8-446A-944C-51C4CF442909}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{F7062A6D-6816-41DF-9E22-7FA3A2501EB9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FEC5CA1A-6180-4BE1-82F6-BF76BF652DC7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0687D200-5A47-488D-B2F9-A5FC1E48FE2A}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe | 
"{0CCE5D5D-7C72-4AAD-919F-9A5F3AE58E6E}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"{0D47A679-A0ED-4C96-8C42-89459ECB4416}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{13C4403B-9875-422B-9F17-9266A7988DF9}" = protocol=17 | dir=in | app=c:\users\gregor\saved games\call of duty\codmp.exe | 
"{14EA58E0-4FBD-497F-BE0E-236BEB8268B6}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe | 
"{166DCC3D-CE7B-489E-AF32-B622724A6916}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"{168CD463-624E-4F3D-8164-24353A0521B8}" = protocol=17 | dir=in | app=c:\program files\solidworks corp\solidworks\photoview\photoview360_cl.exe | 
"{16ADF35E-6F3F-4C6A-B665-9E0DE14B23EC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\hontsch97\garry's mod beta\hl2.exe | 
"{1813BF28-6AC7-4B61-96F7-1F52727B3E49}" = protocol=6 | dir=in | app=c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe | 
"{1F3B0F46-9C94-4B0B-B51D-805A81E3937E}" = protocol=17 | dir=in | app=c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe | 
"{21BDF863-8CB2-422E-A5AC-11F069BB5812}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe | 
"{242B4277-C53E-41F0-9C3F-E8A9E03D3D0D}" = protocol=17 | dir=in | app=c:\users\gregor\saved games\dead island\deadislandgame.exe | 
"{25B5DEDB-B774-4691-A01B-86C1DB5DFC6D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{2D978E73-F7ED-4EC7-9E6D-26DDD41C0A49}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{2F58801D-0C2F-4B3E-A08B-B2F5EDCFBF51}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe | 
"{33067091-9B57-45C2-9FC1-3371BCB7CC8E}" = protocol=6 | dir=in | app=c:\users\gregor\saved games\counter strike source\steamapps\rat-steam\hl2\hl2.exe | 
"{398EAD69-5CCE-4685-B503-876EDFF1C5F4}" = protocol=6 | dir=in | app=c:\users\gregor\saved games\cnc-generals\game.dat | 
"{3B59C4BE-1802-4E55-84BF-6C931F4FE7B0}" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942 secret weapons of wwii demo\bf1942.exe | 
"{3C2D4B43-50D5-4729-A8B6-7440AF08BB7D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{3F98398C-F3DB-43C8-99F4-C6AAA997951F}" = protocol=6 | dir=in | app=c:\program files (x86)\blockscape\blockscape.exe | 
"{442A9481-0E90-4136-9626-FCA159ACDA57}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{45BD1113-9A8E-479F-A8CB-AFF14D72927D}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"{467C1735-ADB1-4F94-9D9E-F2FC038712DA}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{47F5FFCF-F240-4AB8-9DA6-A07C75CE7F71}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{4CFAE5DB-83E6-4DA4-8646-94305F2576EB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{4EF170D8-AA2A-4A98-AC73-BD299A62182F}" = protocol=6 | dir=in | app=c:\program files\solidworks corp\solidworks\photoview\photoview360_cl.exe | 
"{51E943C4-88B2-4CF3-A39B-FA4DD1151817}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\hontsch97\garry's mod beta\hl2.exe | 
"{55DE78D0-796F-4C8D-A2B8-D218C816874C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{565C773A-D972-4613-A963-B117B72B1559}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{57890609-BFB4-42BC-AC4F-9BDE864C6F16}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\hontsch97\garrysmod\hl2.exe | 
"{5D7AC10D-F3D5-4118-A826-0A2DA3ED9D38}" = protocol=17 | dir=in | app=c:\users\gregor\saved games\call of duty black ops mit zombie\blackops1. crack.exe | 
"{638E91D1-12AB-4D70-B437-D20C115D4DEB}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe | 
"{65ED0768-ADCF-44FB-98CD-E38B08647465}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{70A82B54-2B01-4CD1-A370-B733E9178A1B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{70FE8005-35FA-4604-8576-3F97DA62EDF3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{73D2F91C-B75E-41AD-907C-001ECC729089}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{7C143709-8E97-4588-8DCE-0270AEF26BDD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7CA78ED5-A9F2-492F-89FB-F873361C31C1}" = protocol=6 | dir=in | app=c:\users\gregor\saved games\call of duty black ops mit zombie\blackops1. crack.exe | 
"{7CC0053A-64FF-43CE-A726-9B460BAA0E89}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"{82E1B73D-855D-4F4D-B85D-5811E74DE4F6}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"{85832019-5E10-4687-9BE8-ECC6260C4DFB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{872473F4-F65B-453D-A05A-4B13DFF32FED}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{89CD01FC-0282-4D9B-AEAA-A1D9BCD51A51}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{8D1DBC2E-65B1-4FA8-8AA1-9C270E6A9189}" = protocol=17 | dir=in | app=c:\users\gregor\saved games\cnc-generals\game.dat | 
"{8E426A3C-4576-47A3-B5DA-D3350A0653D9}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe | 
"{8FA8B245-F229-4FD0-915B-20FA676406F4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{96D2233E-97F0-462C-8E4C-EB33C25FC353}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\hontsch97\garrysmod\hl2.exe | 
"{979293AF-7AE3-472B-BD75-60EF26289179}" = protocol=6 | dir=in | app=c:\users\gregor\saved games\call of duty\codmp.exe | 
"{9D1DDB5A-4B17-4B5F-A3F1-0D41AC37896E}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\game.dat | 
"{A0C95372-7464-4329-8842-7F308FD43BDA}" = protocol=6 | dir=in | app=c:\users\gregor\saved games\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe | 
"{A85C809B-C83E-4462-A636-6B232F5142EF}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013.exe | 
"{AEDB5B41-1FA2-4907-A3E9-6DE7E756CA9A}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"{B02B4DA4-7269-4333-A43A-5E465324C031}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{B29C7CD9-0B7B-403B-9F12-0411648AAFF3}" = protocol=17 | dir=in | app=c:\program files\solidworks corp\solidworks\photoview\photoview360.exe | 
"{B5D21ED0-CC42-46E4-A122-8CFAB469120C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B5E91F35-82CF-42B0-9065-A2793552C23C}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe | 
"{B6D6A3FE-21E5-4CC6-8A23-6CAF001D12A1}" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe | 
"{B7930859-EAA6-4A2B-945F-948CB98BE606}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe | 
"{B80EADEE-6097-4E9A-8EC2-EF51D1F55C07}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B9F62BB8-2ABE-4DBC-8DA7-1D637D7BDFEE}" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942 secret weapons of wwii demo\bf1942.exe | 
"{BFB9FCF5-D733-4BCA-B1AF-C0523966BCD3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{C049B8B8-059E-441F-A856-3553B8C9C22C}" = protocol=17 | dir=in | app=c:\program files (x86)\blockscape\blockscape.exe | 
"{C0B4056E-B896-435C-BBE5-FF8029F17959}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{C0FD9A7A-56D3-43E9-AB90-F3B5D781B62C}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"{C4E77BBF-D0CA-4D7F-8792-52D95A6AE74F}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"{C61EE5C7-C289-4C66-A4F9-90C3C27AFE38}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\game.dat | 
"{C69328C2-A94E-4401-A5AA-344BC3D91835}" = protocol=6 | dir=in | app=c:\program files\solidworks corp\solidworks\photoview\photoview360.exe | 
"{CB2332EA-77AC-41DE-AD54-8B1B22BDC0F9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{CD73109F-785B-4B0F-A31A-C29728D04E76}" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe | 
"{CEB5E253-E9F7-42EC-8CD2-4B34D15D38AA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{CEC4C692-11DA-49A4-BDF5-1B4850B0C718}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{D0590F8B-2C56-49F4-8537-425AADC33ED9}" = protocol=17 | dir=in | app=c:\users\gregor\saved games\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe | 
"{D4EB0704-CD1A-4064-9BD3-3B0EBE78928B}" = protocol=17 | dir=in | app=c:\users\gregor\saved games\counter strike source\steamapps\rat-steam\hl2\hl2.exe | 
"{D6AA90B8-1CE2-49BE-A48F-C153FC48FEF9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{DC231347-1EDD-47AC-AE89-FE47E3F01FD9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{E367C3E0-C205-4009-A2F2-E5234112AC89}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{E3C1E94F-D390-4786-9C93-4AAB50313F35}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{F3E64C80-FF44-44F1-B4BA-40FBB184FAA5}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{F4B704DB-58C8-4235-96C1-DD34EC161BD0}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{F5F65C12-2441-4197-89F6-EDA2CC81BE01}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{F6876E1C-7CC5-44FF-B41A-8CD722DBE321}" = protocol=6 | dir=in | app=c:\users\gregor\saved games\dead island\deadislandgame.exe | 
"{FA8FF2D9-2AE2-43F3-BB3A-D5BDA65FAAB3}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013.exe | 
"TCP Query User{03175E77-A58B-40B5-A4CE-E3454D7F4A7C}C:\program files (x86)\call of duty black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\call of duty black ops\blackops.exe | 
"TCP Query User{06991623-6EB4-48F2-9908-1D79D0440E75}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{0BAE0A6A-263B-4FE2-B164-9AB302813506}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"TCP Query User{11AAFB3F-2403-4DB0-AC91-A86F84130BFE}C:\users\gregor\saved games\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\call of duty 2\cod2mp_s.exe | 
"TCP Query User{128B6CF7-3A79-401D-8303-292BF8CE55EE}C:\program files (x86)\ea games\battlefield 1942 secret weapons of wwii demo\bf1942.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942 secret weapons of wwii demo\bf1942.exe | 
"TCP Query User{132034CA-6F97-4173-BAD7-3BEEB0428377}C:\users\gregor\desktop\codwaw.exe" = protocol=6 | dir=in | app=c:\users\gregor\desktop\codwaw.exe | 
"TCP Query User{14170065-1A52-4029-8AE6-10C68B9EC650}C:\users\gregor\saved games\cood\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\cood\call of duty\codmp.exe | 
"TCP Query User{1422B9AE-E84D-4673-8B2C-3AA6707574EE}C:\users\gregor\saved games\counter strike source\hl\hltv.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\counter strike source\hl\hltv.exe | 
"TCP Query User{22CB3CE4-694F-4A67-9090-A2FE3D8890FD}C:\users\gregor\saved games\call of duty - world at war\codwawmp.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\call of duty - world at war\codwawmp.exe | 
"TCP Query User{2E4E9A41-78E3-4494-AFD2-A9887811CEFB}C:\users\gregor\saved games\call of duty black ops mit zombie\blackops1. crack.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\call of duty black ops mit zombie\blackops1. crack.exe | 
"TCP Query User{3501F2CD-4D0E-414F-941A-18BB2BB2F7AD}C:\users\gregor\saved games\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\crysis 2\bin32\crysis2.exe | 
"TCP Query User{44F10D43-8403-4C61-9E1D-F9EBF8C7D1B8}C:\users\gregor\saved games\battlefield 2 besser\bf2.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\battlefield 2 besser\bf2.exe | 
"TCP Query User{5A66A29F-A4D8-4BF0-AF99-98E985C33D17}C:\users\gregor\saved games\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\tmnationsforever\tmforever.exe | 
"TCP Query User{63C0CC2E-4D47-4E50-B35F-9B74066AB118}C:\program files (x86)\steam\steamapps\hontsch97\garry's mod beta\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\hontsch97\garry's mod beta\hl2.exe | 
"TCP Query User{7945F2AD-D7EE-49DE-AC54-696097F16CBC}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"TCP Query User{7FCD2CE5-F02B-49BF-96E8-7A8DE167F588}C:\program files (x86)\steam\steamapps\hontsch97\garrysmod\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\hontsch97\garrysmod\hl2.exe | 
"TCP Query User{9339DCA4-8F51-4D2C-BBFE-E1F3AB4391A7}C:\users\gregor\saved games\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe | 
"TCP Query User{9837B0C4-A8E5-4B87-968A-2EB98BAAB46E}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe | 
"TCP Query User{A3CD644A-20EC-4CD3-96FD-B0AAE4E532CD}C:\users\gregor\saved games\counter strike source\steamapps\rat-steam\hl2\hl2.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\counter strike source\steamapps\rat-steam\hl2\hl2.exe | 
"TCP Query User{A5F92735-16B8-4108-A351-638AF616A822}C:\users\gregor\saved games\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\call of duty\codmp.exe | 
"TCP Query User{A64B28D7-FB8D-4F04-AE4C-1DB5C338F102}C:\users\gregor\saved games\cossacks - back to war\dmcr.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\cossacks - back to war\dmcr.exe | 
"TCP Query User{AB05A1DA-5233-409C-ADFB-F15AE955039B}C:\users\gregor\saved games\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\tmnationsforever\tmforever.exe | 
"TCP Query User{ACD26F08-C068-4424-8C86-F69D695C45AA}C:\users\gregor\saved games\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\dead island\deadislandgame.exe | 
"TCP Query User{AE15EC76-6472-4FCB-9752-2E50242B7A7D}C:\users\gregor\saved games\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\call of duty 4 - modern warfare\iw3mp.exe | 
"TCP Query User{C3B52557-BC2B-4CD7-BEAC-64E5207841C7}C:\program files (x86)\blockscape\blockscape.exe" = protocol=6 | dir=in | app=c:\program files (x86)\blockscape\blockscape.exe | 
"TCP Query User{D0270BFB-BCC0-4C10-A28B-19D92607F990}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{D6921A3D-E76F-4DE5-B3A5-0402F42C7D34}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | 
"TCP Query User{DC59943C-AEE4-4E12-A492-151745C0E743}C:\users\gregor\saved games\assassin's creed brotherhood\acbsp.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\assassin's creed brotherhood\acbsp.exe | 
"TCP Query User{DC9C7B59-1DAD-41B0-8F54-4D9B5EFAC7C8}C:\users\gregor\saved games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\battlefield 2\bf2.exe | 
"TCP Query User{DF01EFA7-41C0-4C97-978C-5F8A664D5933}C:\users\gregor\saved games\cnc-generals\game.dat" = protocol=6 | dir=in | app=c:\users\gregor\saved games\cnc-generals\game.dat | 
"TCP Query User{E222CACF-360C-49CD-A941-27FF4DE619ED}C:\users\gregor\saved games\cood\call of duty 4\codmp.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\cood\call of duty 4\codmp.exe | 
"TCP Query User{F71A4B89-4D63-4438-802F-20918AE35967}C:\users\gregor\saved games\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\call of duty 4 - modern warfare\iw3mp.exe | 
"TCP Query User{F7FFD388-5EF6-4A8D-93DF-BFBEAC2F3FC7}C:\users\gregor\saved games\call of duty modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=c:\users\gregor\saved games\call of duty modern warfare 2\iw4mp.exe | 
"TCP Query User{FD2CFA70-6133-41C4-88F8-3EF0D153E2C7}C:\users\gregor\desktop\bitcomet.exe" = protocol=6 | dir=in | app=c:\users\gregor\desktop\bitcomet.exe | 
"TCP Query User{FF58D295-807B-44A5-949E-2FB908D7EF35}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 
"UDP Query User{0D109785-AE31-480F-BF40-E63A5BB85D39}C:\users\gregor\saved games\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\tmnationsforever\tmforever.exe | 
"UDP Query User{0E59F3C9-7053-4986-8DBC-E0B25351587B}C:\program files (x86)\blockscape\blockscape.exe" = protocol=17 | dir=in | app=c:\program files (x86)\blockscape\blockscape.exe | 
"UDP Query User{15BEC7D0-299D-42D9-A1D5-A180A7E44D0F}C:\users\gregor\saved games\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\call of duty 2\cod2mp_s.exe | 
"UDP Query User{1EB41A50-AE29-4A08-BFF5-15DA69448A6E}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"UDP Query User{1EB913D7-1D54-48FD-A7BB-2631C030377B}C:\users\gregor\saved games\cossacks - back to war\dmcr.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\cossacks - back to war\dmcr.exe | 
"UDP Query User{293015EF-B73E-4B94-841E-FE9B0342090B}C:\users\gregor\saved games\call of duty modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\call of duty modern warfare 2\iw4mp.exe | 
"UDP Query User{2C865634-B099-4ABD-B96D-1A303913E1BC}C:\users\gregor\saved games\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\crysis 2\bin32\crysis2.exe | 
"UDP Query User{316D70B9-193C-403D-B965-3AE7633A2E1B}C:\users\gregor\desktop\bitcomet.exe" = protocol=17 | dir=in | app=c:\users\gregor\desktop\bitcomet.exe | 
"UDP Query User{392FBEAA-4171-47FF-AF12-39FD2B97F86B}C:\users\gregor\saved games\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\dead island\deadislandgame.exe | 
"UDP Query User{3F2BDCA6-B381-47C7-AE0E-F673C1E24F94}C:\users\gregor\saved games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\battlefield 2\bf2.exe | 
"UDP Query User{40DB795E-F2AE-4FEE-9B01-BA87017489A4}C:\program files (x86)\call of duty black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\call of duty black ops\blackops.exe | 
"UDP Query User{51F6287E-0F14-4A74-B551-71D6A84714F1}C:\users\gregor\saved games\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{59327E04-E859-4139-857F-1DCC85C5786D}C:\users\gregor\saved games\counter strike source\hl\hltv.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\counter strike source\hl\hltv.exe | 
"UDP Query User{5CFF8299-A718-471B-B812-D51308C3174F}C:\users\gregor\saved games\counter strike source\steamapps\rat-steam\hl2\hl2.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\counter strike source\steamapps\rat-steam\hl2\hl2.exe | 
"UDP Query User{6BC7798A-1465-424D-B7DF-276C31B2A1A6}C:\users\gregor\saved games\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\call of duty\codmp.exe | 
"UDP Query User{72C1EA37-F489-4382-8F3F-5B4E46CF93D1}C:\users\gregor\saved games\cood\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\cood\call of duty\codmp.exe | 
"UDP Query User{837C8BFD-9AA9-4AF3-8E4E-6CCFDEF570E9}C:\program files (x86)\steam\steamapps\hontsch97\garrysmod\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\hontsch97\garrysmod\hl2.exe | 
"UDP Query User{8545C750-6F20-4B6E-A349-2C3A384137E4}C:\users\gregor\saved games\battlefield 2 besser\bf2.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\battlefield 2 besser\bf2.exe | 
"UDP Query User{8C8B3C70-F825-49CB-8104-48112EA4C6A1}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{90806737-11B0-4DAD-BFAC-ADEAE84C4FB6}C:\users\gregor\saved games\assassin's creed brotherhood\acbsp.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\assassin's creed brotherhood\acbsp.exe | 
"UDP Query User{925EBF74-A1F1-43A9-BA02-3722AC7BBF19}C:\users\gregor\saved games\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\ea games\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe | 
"UDP Query User{964FBA8A-B944-403F-8D54-9BCA42E8CCB7}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 
"UDP Query User{9C71D010-2C9E-4908-B796-878D30011052}C:\users\gregor\saved games\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\tmnationsforever\tmforever.exe | 
"UDP Query User{AA300F5F-7415-4CD9-BAC3-A6E5992F4A27}C:\users\gregor\desktop\codwaw.exe" = protocol=17 | dir=in | app=c:\users\gregor\desktop\codwaw.exe | 
"UDP Query User{BF929446-F436-435C-BA0E-DAA44274B1F9}C:\program files (x86)\steam\steamapps\hontsch97\garry's mod beta\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\hontsch97\garry's mod beta\hl2.exe | 
"UDP Query User{BFBE4498-6945-4EBF-A7D7-6F8C22D4256A}C:\users\gregor\saved games\cood\call of duty 4\codmp.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\cood\call of duty 4\codmp.exe | 
"UDP Query User{BFEEB052-E624-4E8A-98D4-4720992484DF}C:\program files (x86)\ea games\battlefield 1942 secret weapons of wwii demo\bf1942.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942 secret weapons of wwii demo\bf1942.exe | 
"UDP Query User{C58E3642-8943-4AF9-A6C8-2091C0FAC821}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{C908E8B8-D1C5-4DF0-8E7A-6E91F47A0FC0}C:\users\gregor\saved games\call of duty black ops mit zombie\blackops1. crack.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\call of duty black ops mit zombie\blackops1. crack.exe | 
"UDP Query User{CBFE4F2E-A29E-473F-8AC7-BEE9BA8E9B9A}C:\users\gregor\saved games\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{D9403980-00C7-4BD4-A772-B7957010815F}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | 
"UDP Query User{E1FFC260-6185-4580-9DCC-2F818FC1FA23}C:\users\gregor\saved games\cnc-generals\game.dat" = protocol=17 | dir=in | app=c:\users\gregor\saved games\cnc-generals\game.dat | 
"UDP Query User{E5259743-61A0-4392-A65E-7AF5BF5ACB60}C:\users\gregor\saved games\call of duty - world at war\codwawmp.exe" = protocol=17 | dir=in | app=c:\users\gregor\saved games\call of duty - world at war\codwawmp.exe | 
"UDP Query User{EB2F75BD-C6E4-4956-99C8-DD84869F939B}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe | 
"UDP Query User{FBBE4F19-3A9A-43CE-89A7-4E1B60E2CB7F}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1FC18AC7-3F98-45A4-8DB5-69518CE5BBD1}" = HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät
"{21C069F9-8BC5-4A24-9C8B-7D33E5645E09}" = Studie zur Verbesserung von HP Officejet Pro 8500 A910 Produkten
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86416032FF}" = Java(TM) 6 Update 32 (64-bit)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{455804F2-70A9-46BD-BEB8-957000EC20D4}" = SolidWorks eDrawings 2011 x64 Edition SP02
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F113377-0BA1-4552-9ABB-9BF220FAF132}" = SolidWorks 2011 x64 Edition SP02
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{542DDF04-9F91-4F36-B2F4-2638B788A4C8}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{8F8689D5-36FE-4BA3-AE55-6D68DE45A2B5}" = SolidWorks Flow Simulation 2011 SP02 x64 Edition 
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CEF0C5DA-21C5-4FA7-AD05-5D21C525543C}" = SolidWorks 2011 x64 German Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"Blender" = Blender
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{13D324E9-9DB1-478D-944C-28BBE1BB80DC}" = HP Officejet Pro 8500 A910 Hilfe
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{88E62BD7-A532-48F6-8428-D949BB93A2D7}" = Play Wireless USB Adapter
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{909354DE-C180-4B00-B61F-9A6D805E5796}" = Battlefield 1942 Secret Weapons of WWII Demo
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}" = Marketsplash Schnellzugriffe
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Blockscape_is1" = Blockscape Phase 1 (beta)
"Call of Duty Black Ops_is1" = Call of Duty Black Ops
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"DealPly" = DealPly
"DivX Setup" = DivX-Setup
"FarmingSimulator2013DE_is1" = Landwirtschafts Simulator 2013
"Faszination Sprache 1 NEU. Trainingsprogramm_is1" = Faszination Sprache 1 NEU. Trainingsprogramm
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.19.1015
"Free YouTube Download_is1" = Free YouTube Download version 3.1.37.918
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{88E62BD7-A532-48F6-8428-D949BB93A2D7}" = Play Wireless USB Adapter
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.53
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"SolidWorks Installation Manager 20110-40200-1100-100" = SolidWorks 2011 x64 Edition SP02
"Steam App 4000" = Garry's Mod
"Steam App 4010" = Garry's Mod 13 Beta
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
"WinZip" = WinZip
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CodeBlocks" = CodeBlocks
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 20.10.2012 11:37:44 | Computer Name = Gregor-PC | Source = Application Error | ID = 1000
Error - 20.10.2012 12:21:01 | Computer Name = Gregor-PC | Source = Application Error
 | ID = 1000
 
Description = Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd018
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4b4
ID des fehlerhaften Prozesses: 0x1ba4
Startzeit der fehlerhaften Anwendung: 0x01cdaedee343b304
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmprph.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 22cf5b10-1ad2-11e2-bfa8-c89cdc2e162a
Error - 20.10.2012 12:28:06 | Computer Name = Gregor-PC | Source = Application Error
 | ID = 1000
 
Description = Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd018
Name des fehlerhaften Moduls: jscript.dll, Version: 5.8.7601.16982, Zeitstempel: 0x503753fa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000013fb4
ID des fehlerhaften Prozesses: 0x1ba4
Startzeit der fehlerhaften Anwendung: 0x01cdaedee343b304
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmprph.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\jscript.dll
Berichtskennung: 201424fc-1ad3-11e2-bfa8-c89cdc2e162a
Error - 20.10.2012 12:28:20 | Computer Name = Gregor-PC | Source = Application Error
 | ID = 1000
 
Description = Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd018
Name des fehlerhaften Moduls: jscript.dll, Version: 5.8.7601.16982, Zeitstempel: 0x503753fa
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000000013fb4
ID des fehlerhaften Prozesses: 0x1ba4
Startzeit der fehlerhaften Anwendung: 0x01cdaedee343b304
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmprph.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\jscript.dll
Berichtskennung: 28d45045-1ad3-11e2-bfa8-c89cdc2e162a
Error - 20.10.2012 12:28:44 | Computer Name = Gregor-PC | Source = Application Error
 | ID = 1000
 
Description = Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd018
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4b4
ID des fehlerhaften Prozesses: 0x1a0c
Startzeit der fehlerhaften Anwendung: 0x01cdaedff6be05f9
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmprph.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 36f40ab5-1ad3-11e2-bfa8-c89cdc2e162a
Error - 20.10.2012 12:28:49 | Computer Name = Gregor-PC | Source = Application Error
 | ID = 1000
 
Description = Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd018
Name des fehlerhaften Moduls: jscript.dll, Version: 5.8.7601.16982, Zeitstempel: 0x503753fa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000013703
ID des fehlerhaften Prozesses: 0x1a0c
Startzeit der fehlerhaften Anwendung: 0x01cdaedff6be05f9
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmprph.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\jscript.dll
Berichtskennung: 399801d3-1ad3-11e2-bfa8-c89cdc2e162a
Error - 20.10.2012 12:28:51 | Computer Name = Gregor-PC | Source = Application Error
 | ID = 1000
 
Description = Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd018
Name des fehlerhaften Moduls: jscript.dll, Version: 5.8.7601.16982, Zeitstempel: 0x503753fa
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000000013703
ID des fehlerhaften Prozesses: 0x1a0c
Startzeit der fehlerhaften Anwendung: 0x01cdaedff6be05f9
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmprph.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\jscript.dll
Berichtskennung: 3b405acb-1ad3-11e2-bfa8-c89cdc2e162a
Error - 25.10.2012 19:26:46 | Computer Name = Gregor-PC | Source = Application Error
 | ID = 1000
 
Description = Name der fehlerhaften Anwendung: Steam.exe, Version: 1.0.1446.623, Zeitstempel: 0x5004ae1a
Name des fehlerhaften Moduls: vstdlib_s.dll, Version: 1.55.47.40, Zeitstempel: 0x5085e8f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001154e
ID des fehlerhaften Prozesses: 0x5f8
Startzeit der fehlerhaften Anwendung: 0x01cdb2be290f77de
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\Steam.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\vstdlib_s.dll
Berichtskennung: 70d59233-1efb-11e2-9df3-c89cdc2e162a
Error - 27.10.2012 16:32:37 | Computer Name = Gregor-PC | Source = VSS | ID = 8194
 
Description = 
Error - 29.10.2012 17:33:56 | Computer Name = Gregor-PC | Source = Application Error
 | ID = 1000
 
Description = Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd018
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4b4
ID des fehlerhaften Prozesses: 0x45c
Startzeit der fehlerhaften Anwendung: 0x01cdb61d168241e8
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmprph.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 57448121-2210-11e2-baa2-c89cdc2e162a
Error - 02.11.2012 11:47:44 | Computer Name = Gregor-PC | Source = Application Hang
 | ID = 1002
 
Description = Programm cod2mp_s.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17ec

Startzeit: 01cdb90379b5982d

Endzeit: 106

Anwendungspfad: C:\Users\Gregor\Saved Games\Call of Duty 2\cod2mp_s.exe

Berichts-ID: 

 
Error encountered while reading event logs.
 
< End of report >

--- --- ---

Malwarebytes hat bei mir auch noch 4 bedrohliche Files und 1 registri key gefunden.

Code:

ATTFilter

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.05.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Gregor :: GREGOR-PC [Administrator]

05.11.2012 19:12:31
mbam-log-2012-11-05 (19-12-31).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 585575
Laufzeit: 2 Stunde(n), 8 Minute(n), 2 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Users\Gregor\Saved Games\Call of Duty Modern Warfare 2\TeknoGods_MW2SP.exe (Backdoor.Agent.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Gregor\Saved Games\Dragon Age 2\Crack\rld-da2k.exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Gregor\Saved Games\Dragon.Age.2-RELOADED\rld-dag2\rld-dag2\Crack\rld-da2k.exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\WICHTIGE PROGRAMME\Stress\Stress~1.exe (Joke.Stressreducer) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

kira · 06.11.2012, 05:27

- Ich beführte dass Du Dein Problem nur lösen kannst, wenn du dein System neu installierst, da geht`s um:

Code:

ATTFilter

C:\Users\Gregor\Saved Games\Dragon Age 2\Crack\rld-da2k.exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Gregor\Saved Games\Dragon.Age.2-RELOADED\rld-dag2\rld-dag2\Crack\rld-da2k.exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.

"Solche Programme" enthalten immer besonders viele und gefährliche Schadprogramme, sollte man die Finger davon lassen!
** Du solltest in so einem Fall mal dein Konsummuster überdenken

Weil dein Verhalten damit dem deutschen Recht unterliegt, wird den Support an dieser Stelle von unsere Seite aus beendet. Also am besten ist es, Du Sicherst deiner Daten (ohne cracks & Keygens!) und machst eine komplette Neuinstallation des Rechners, das ist der schnellste und sauberste lösung!
Aber wenigstens hast Du dann nach einer Neuinstallation wieder ein sauberes System und hoffentlich hast Du was draus gelernt und in Zukunft lässt die Finger von...
-> Forumregel!

Zocker97 · 06.11.2012, 17:39

Ok, mach ich. Ich hab die Spiele nicht selbst gedownloaded sondern ein Freund hat sie mir gegeben. Ich werds ihn gleich mal sagen das er mir nicht mehr so nen "sche**" geben soll. Aber warum lässt sich Kaspersky noch immer nicht einschalten?
Es steht zwar in Kaspersky es sei eingeschalten und der Pc wäre sicher aber unter Systemsteurungen steht man soll ihn dringend einschalten.

kira · 07.11.2012, 07:43

Tipps & Rat:

1.
Datensicherung:
► NUR Daten sichern, die nicht ausführbaren Dateien enthalten - Dateiendungen - Dies ist eine Liste von Dateiendungen, die Dateien mit ausführbarem Code bezeichnen können.
- Vorsicht mit den schon vorhandenen Dateien auf die extern gespeicherten Daten und auch jetzt mit dem Virus infizierte Dateien eine Datensicherung anzufertigen
- Am besten alles was dir sehr wichtig, separat (extern) sichern - nicht mischen eventuell früher geschicherten Daten, also vor dem Befall!
- Eventuell gecrackte Software nicht sichern und dann auf neu aufgesetztem System wieder drauf installieren!

2.
-> Anleitung: Neuaufsetzen des Systems + Absicherung
-> Anleitung zum Neuaufsetzen - Windows XP, Vista und Win7

3.
- Vor zurückspielen - bevor du mit deinem PC direkt ins Netz gehst...:
- die Autoplay-Funktion für alle Laufwerke deaktivieren/ausschalten -> Autorun/Autoplay gezielt für Laufwerkstypen oder -buchstaben abschalten

Die auf eine externe Festplatte gesicherten Daten, gründlich zu scannen von einem suaberen System aus, am besten mit mehreren Scannern-> Kostenlose Online Scanner - Anleitung
Absolut empfehlenswerter Scanner:

Zitat:

Eset Online Scanner (NOD32)
Panda-Aktivscan
Symantec Security Check

Die Online-Scanner sind alle reine On-Demand-Scanner. Sie durchsuchen einzelne Dateien oder Verzeichnisse, wahlweise die gesamte Festplatte, haben keinen Hintergrundwächter oder andere residente Prozesse. Dadurch verbrauchen sie ausser Festplattenspeicher keine Resourcen und man kann beliebig viele gleichzeitig installieren. Die Online-Scanner sind gut geeignet um sich eine zweite Meinung einzuholen.

4.
Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern
z.B. Login-, Mail- oder Website-Passwörter
Tipps:
Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)

Lesestoff Nr.1:
Gib Kriminellen Handlungen keine Chance!

Zitat:

Sichere regelmäßig deine Daten (Bilder Musik, Dokumente, Mails (als Textdatei), im Browser Lesezeichen usw) auf CD/DVD, USB-Sticks oder externe Festplatten! Am besten 2x an verschiedenen Orten sichern!

Wie erstelle ich ein eingeschränktes Benutzerkonto?
Software immer auf dem neuesten Stand halten!:
ALLE auf dem System installierten Programme und Treiber, sollten regelmäßig upgedatet werden um Sicherheitslücken zu vermeiden und um das reibungslose Arbeitsabläufe zu erreichen!
Firefox - FirefoxWiki/Einstellungen - Erweiterungen für Firefox
Sichere eMail Clients z.B. Thunderbird-->Erweiterungen für Mozilla Thunderbird
- Unbekannten E-Mail-Anhang NICHT öffnen!
- Mails besonders mit Anhang, nicht anklicken, sondern als Text oder in Druckversion anzeigen lassen
Sichere Paswort - Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)
Die fünf häufigsten Passwort-Fehler

"Never accept software from strangers" - Installiere grundsätzlich immer nur Programme, die Du auch wirklich benötigst und von denen Du überzeugt bist, dass sie seriös sind.
Du hast die Wahl!, welche zusätzlichen Komponenten noch installiert werden sollen? -> Während der Installation immer mitlesen, Sponsoren und Partnerprogramme, Toolbars oder eventuell noch andere extra angebotene Programme möglichst abwählen!
so wird oft Art von Adware/Spyware mitinstalliert!

NICHT irgendwelche Programme aus dem Netz laden, wenn nicht zu 100% fest steht, dass es sich dabei um saubere Software handelt. Nette Versprechen der Hersteller garantieren noch lange keine einwandfreie Funktionsweise, also vorher blättere die Seiten bei GOOGLE, da kannst Du Dir wertvolle Informationen holen!!!

Programme und Treiber:
Nur vom Hersteller!

Onlinebanking:
Gib deine Passwörter niemals preis!
Seriöse Bankinstitute, E- Mail- Provider oder Online- Shops versenden grundsätzlich keine E- Mails, in denen Kunden aufgefordert werden, vertrauliche Daten wie Passwörter, Verfügernummer, PINs oder TANs preiszugeben. Bei dieser Art von E- Mails handelt es sich immer um Betrugsversuche, weshalb entsprechende Anfragen nicht beantwortet werden sollten. Sobald der Verdacht auf Betrug entsteht, melde deinen Verdacht der jeweiligen Bank- Hotline.

Computer, anderen (Gästen/Freunden) zur Nutzung überlassen überlassen - Nutze nur vertrauenswürdige Computer!
Vergewissere dich, dass nur Personen deines Vertrauens deinen Computer nutzen oder verwalten und wickel niemals Bankgeschäfte über nicht vertrauenswürdige Computer - beispielsweise aus einem Internetcafé während des Urlaubs - ab

Wichtige Daten Regelmäßig sichern! - aber denk daran: dein Hauptsystem ist doch kein Lagerhalle!

Vorsicht bei der Nutzung fremder Computer und anschliessbare Externe Speichermedien wie Festplatte, USB Sticks, Speicherkarten usw![/color] - auch zeitweise anschließen und scannen lassen (sehe unter `kostenlose Online-Viren-Scanner`)
Webseiten ohne Gültiges Impressum nicht besuchen
- Externe Geräte (Festplatte USB-Stick) nicht ständig am PC anschließen, sondern nur kurzfristig während Du etwas sichern möchtest
Lizenzkosten sparen? - Vorsicht bei Dateien/Programmen aus nicht vertrauenswürdigen Quellen! - "full Keygen, Crack, Serial, Warez, keygenerators" etc.
Sind immer verseucht mit diverse Malware/Schadprogramme/Code, es gibt keine seite wo Viren frei ist. (Man sollte nicht absitlich der Teufel holen) Eine weitere höchst unsichere Quelle ist das File-Sharing der sog. (Musik-)Tauschbörse.
► Ausserdem machst Du dich damit strafbar!
Nur eine Firewall sowie ein Antiviren Programm verwenden, welche sich immer auf dem aktuellsten Stand befinden sollten!
Das Installieren von `zuviel` Software beeinträchtigt die Systemleistung und Sicherheit, verlangsamt den Start-Vorgang enorm und belastet den Arbeitsspeicher (weil laufen ja die Programme nebeneinander gleichzeitig, die viel Performance fressen, aber wenig Qualität bringen). Im Laufe der Zeit wird der rechner durch zu viel unnötigen Ballast immer langsamer, und unsicherer. Um so mehr Programme installiert sind, um so häufiger treten Probleme auf, die dann unter Umständen nur schwer lösen können. Dazu kommt noch, das einige Programme große Sicherheitsrisiken mit sich bringen
Virenscanner
BSI für Bürger
SETI@home - [Sicherheit] Sicherheitskonzept

** Der gesunde Menschenverstand, Windows und Internet-Software sicher konfigurieren ist der beste Weg zur Sicherheit im Webverkehr ist !!

Zitat:

Da der Bestand der Datenbank wird täglich ergänzt und erweitert bzw werden mit der aktuellen Virendefinition die Informationen über den betroffenen Virus aufgenommen, empfehle ich dir mindestens einmal pro Woche (später genügt es sicherlich einmal im Monat) dein System Online Scannen lassen (immer mit einen anderen Scanner), um eine zweite Meinung einzuholen - Die auf dem Speichermedium gesicherten Daten sollten auch mit einbezogen werden!
(benutzen meist ActiveX und/oder Java): Kostenlose Online Scanner -

Lesestoff Nr.2:
► Kann sich auf Dauer eine Menge Datenmüll ansammeln, sich Fehlermeldungen häufen, der PC ist wahrscheinlich nicht mehr so schnell, wie früher:

Verlauf, Cache und Cookies: Spuren beseitigen nach dem Surfen
hier nachlesen und hier microsoft.com
Wenn dein System reibungslos läuft, kannst zeitweise die alte Wiederherstellungspunkte entfernen: -> Alle Systemwiederherstellungspunkte bis auf den Letzten löschen
Oft den PC zu optimieren nütz wenig, der braucht jetzt eine Radikalkur (nach ca. 3-4 jahren, aber hängt von der Häufigkeit der Nutzung bzw Belastung ab): Anleitung: Neuaufsetzen des Systems + Absicherung
Staub, Fingerabdrücke, Handschweiß – PC und Peripherie sehen mit der Zeit ganz schön eklig aus, ausserdem laut, reagiert langsam und wird schnell heiß:
-> Frühjahrsputz für den PC: Tipps zur Reinigung und Entrümpelung

wünsch Dir alles Gute

Wenn Du uns unterstützen möchtest→ Spendekonto

gruß
kira

Virenschutzprogramm und Firewall deaktivieren sich immer!

Log-Analyse und Auswertung: Virenschutzprogramm und Firewall deaktivieren sich immer!