Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Weiterleitung auf URL123.info

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 23.04.2012, 11:02   #1
Kowalski1
 
Weiterleitung auf URL123.info - Standard

Weiterleitung auf URL123.info



Hallo,

ich wurde gestern von Google auf eine Seite mit dem namen url123.info weitergeleitet, doch das wollte ich garnicht.
Es öffnete sich ein weißer Bildschirm und die Seite fragte mich auch ständig als ich zurück wollte ob ich nicht noch etwas zu erledigen habe usw.
Kennt jemand diese Seite und weiß ob sie schädlich ist?

Hier mal ein ORL Scan:

Code:
ATTFilter
OTL logfile created on: 23.04.2012 11:54:46 - Run 11
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Kevin\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 47,55% Memory free
10,99 Gb Paging File | 9,37 Gb Available in Paging File | 85,24% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,31 Gb Total Space | 58,14 Gb Free Space | 29,77% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 22,15 Gb Free Space | 8,19% Space Free | Partition Type: NTFS
 
Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Google\Update\1.3.21.111\GoogleCrashHandler.exe (Google Inc.)
PRC - D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Kevin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - D:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Programme\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\System32\lxbccoms.exe ( )
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko10.dll ()
MOD - D:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\VIA\VIAudioi\VDeck\Dts2ApoApi.dll ()
MOD - C:\Programme\VIA\VIAudioi\VDeck\QsApoApi.dll ()
MOD - C:\Programme\VIA\VIAudioi\VDeck\VMicApi.dll ()
MOD - D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (postgresql-8.4) -- C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (postgresql-8.3) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
SRV - (TunngleService) -- D:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (DAUpdaterSvc) -- D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (RosettaStoneDaemon) -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd.)
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (lxbc_device) -- C:\Windows\System32\lxbccoms.exe ( )
SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (OpenVPNService) -- C:\Programme\OpenVPN\bin\openvpnserv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (PnkBstrK) -- C:\Windows\System32\drivers\PnkBstrK.sys ()
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (Lavasoft Kernexplorer) -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys ()
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bserd) -- C:\Windows\System32\drivers\ss_bserd.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (truecrypt) -- C:\Windows\System32\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net)
DRV - (RsFx0103) -- C:\Windows\System32\drivers\RsFx0103.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (tap0801) -- C:\Windows\System32\drivers\tap0801.sys (The OpenVPN Project)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook:  - SOFTWARE\Classes\CLSID\\LocalServer32 File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = hxxp://google.icq.com/search/search_frame.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://google.icq.com/search/search_frame.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.wieistmeineip.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: NPDyyno@dyyno.com:1.0.0.24
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@dyyno.com/vlc;version=0.8.6f.2: C:\Program Files\Dyyno\Dyyno Player\npvlc.dll (Dyyno)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.12.30 20:41:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012.03.20 19:17:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.24 13:38:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.24 13:38:08 | 000,000,000 | ---D | M]
 
[2009.01.23 18:12:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions
[2012.04.22 23:52:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions
[2012.02.24 13:55:28 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2012.04.22 23:52:05 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.26 19:52:16 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.30 14:02:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.04.23 11:42:05 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2012.03.01 22:17:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.02.14 19:45:30 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\moveplayer@movenetworks.com
[2009.04.20 15:36:41 | 000,000,000 | ---D | M] (Simple Dyyno Launcher) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\NPDyyno@dyyno.com
[2010.10.20 20:48:50 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\vshare@toolbar
[2010.01.23 13:35:03 | 000,002,321 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\dictcc.xml
[2009.06.15 21:46:47 | 000,002,030 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\myvideo-suche-.xml
[2009.07.11 12:04:46 | 000,000,727 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\phpnet.xml
[2009.01.23 19:10:53 | 000,002,108 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\youtube-videosuche.xml
[2012.02.22 13:29:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.01.29 13:33:36 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.16 23:19:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.07.16 14:48:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\KEVIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1J5N9NVP.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.24 13:38:07 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.24 13:38:07 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.24 13:38:07 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.24 13:38:07 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.24 13:38:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\pdf.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: getPlusPlus for Adobe 16263 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Dyyno Player Plugin (Enabled) = C:\Program Files\Dyyno\Dyyno Player\npvlc.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
 
O1 HOSTS File: ([2012.04.18 19:15:32 | 000,441,949 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 15212 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Kevin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\PrxerNsp.dll ( )
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\PrxerDrv.dll (Initex Software)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\PrxerDrv.dll (Initex Software)
O15 - HKCU\..Trusted Domains: everestpoker.com ([account] https in Trusted sites)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DE9F9EF-8DB8-41C2-8A1F-AF77E3B8D7FB}: NameServer = 195.50.140.246 195.50.140.248
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E65DDC-D557-4A3C-93DC-0488FAD00A79}: DhcpNameServer = 92.241.168.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5348C871-FA4C-48BA-8047-4C204317B8F4}: DhcpNameServer = 7.254.254.254
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5c2a288e-ee35-11df-a91a-d049f4b62852}\Shell - "" = AutoRun
O33 - MountPoints2\{5c2a288e-ee35-11df-a91a-d049f4b62852}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{9c031dfe-e967-11dd-b6cc-002354732f26}\Shell - "" = AutoRun
O33 - MountPoints2\{9c031dfe-e967-11dd-b6cc-002354732f26}\Shell\AutoRun\command - "" = H:\steambackup2.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.13 13:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.04.13 13:56:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.04.01 22:18:23 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Temporary Projects
[2012.03.27 19:46:12 | 000,050,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
[2012.03.27 19:46:04 | 000,079,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
[2012.03.27 19:43:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\RsFx
[2012.03.27 19:42:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2012.03.27 19:42:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\1033
[2012.03.27 19:42:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\1031
[2012.03.27 19:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
[2012.03.27 19:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2012.03.27 19:37:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012.03.27 19:37:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012.03.27 19:36:34 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Documents\Visual Studio 2010
[2012.03.27 19:36:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
[2012.03.27 19:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2012.03.27 19:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2012.03.27 19:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
[2012.03.27 19:24:55 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2012.03.27 19:24:53 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012.03.27 19:24:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2009.01.29 20:28:27 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\PrxerNsp.dll
[2009.01.26 15:40:49 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbcserv.dll
[2009.01.26 15:40:49 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxbcusb1.dll
[2009.01.26 15:40:49 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbchbn3.dll
[2009.01.26 15:40:49 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbccomc.dll
[2009.01.26 15:40:49 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbcpmui.dll
[2009.01.26 15:40:49 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbclmpm.dll
[2009.01.26 15:40:49 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxbccoms.exe
[2009.01.26 15:40:49 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbccomm.dll
[2009.01.26 15:40:49 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbcinpa.dll
[2009.01.26 15:40:49 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbciesc.dll
[2009.01.26 15:40:49 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxbcih.exe
[2009.01.26 15:40:49 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxbccfg.exe
[2009.01.26 15:40:49 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBChcp.dll
[2009.01.26 15:40:49 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbcprox.dll
[2009.01.26 15:40:49 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbcpplc.dll
[4 C:\Users\Kevin\Documents\*.tmp files -> C:\Users\Kevin\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.23 11:40:31 | 000,765,288 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.23 11:40:31 | 000,721,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.23 11:40:31 | 000,181,702 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.23 11:40:31 | 000,153,554 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.23 11:35:42 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.23 11:35:42 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.23 11:35:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.23 11:35:28 | 3488,735,232 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.23 00:33:08 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2012.04.22 21:50:59 | 000,000,552 | ---- | M] () -- C:\Users\Kevin\AppData\Local\d3d8caps.dat
[2012.04.22 21:39:46 | 000,711,240 | ---- | M] () -- C:\Windows\is-I1TPS.exe
[2012.04.22 21:39:46 | 000,012,782 | ---- | M] () -- C:\Windows\is-I1TPS.msg
[2012.04.22 21:39:46 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.22 21:39:46 | 000,000,441 | ---- | M] () -- C:\Windows\is-I1TPS.lst
[2012.04.22 21:17:20 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2012.04.22 21:17:20 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2012.04.22 20:31:36 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.04.19 17:53:01 | 000,025,622 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\wklnhst.dat
[2012.04.19 17:52:04 | 000,000,404 | ---- | M] () -- C:\Windows\LEXSTAT.INI
[2012.04.19 17:37:06 | 000,002,623 | ---- | M] () -- C:\Users\Kevin\Desktop\Microsoft Word.lnk
[2012.04.18 19:15:32 | 000,441,949 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.04.18 15:23:02 | 000,155,648 | ---- | M] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.17 16:03:54 | 000,441,866 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120418-191532.backup
[2012.04.12 00:20:32 | 000,441,866 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120417-160352.backup
[2012.04.09 01:13:59 | 000,441,321 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120412-002032.backup
[2012.04.08 18:37:21 | 000,002,109 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.04.06 14:46:07 | 000,441,321 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120409-011359.backup
[2012.04.04 20:01:51 | 000,441,321 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120406-144607.backup
[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.03.30 21:16:20 | 000,440,697 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120404-200151.backup
[2012.03.30 11:53:01 | 000,440,697 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120330-211620.backup
[2012.03.29 13:28:18 | 000,440,697 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120330-115300.backup
[2012.03.28 17:39:09 | 000,440,697 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120329-132818.backup
[2012.03.28 13:38:04 | 000,001,175 | ---- | M] () -- C:\Users\Kevin\Desktop\Microsoft Visual Basic 2010 Express.lnk
[4 C:\Users\Kevin\Documents\*.tmp files -> C:\Users\Kevin\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.04.22 21:50:59 | 000,000,552 | ---- | C] () -- C:\Users\Kevin\AppData\Local\d3d8caps.dat
[2012.04.22 21:39:46 | 000,711,240 | ---- | C] () -- C:\Windows\is-I1TPS.exe
[2012.04.22 21:39:46 | 000,012,782 | ---- | C] () -- C:\Windows\is-I1TPS.msg
[2012.04.22 21:39:46 | 000,000,441 | ---- | C] () -- C:\Windows\is-I1TPS.lst
[2012.03.28 13:38:04 | 000,001,175 | ---- | C] () -- C:\Users\Kevin\Desktop\Microsoft Visual Basic 2010 Express.lnk
[2012.03.13 14:47:47 | 000,000,045 | ---- | C] () -- C:\Users\Kevin\AppData\Local\machpro.dat
[2012.02.29 21:21:24 | 000,042,392 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011.08.03 03:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.08.01 19:35:03 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.06.12 23:20:17 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2011.06.01 14:45:52 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011.06.01 14:45:52 | 000,042,112 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011.05.26 21:17:33 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.05.26 21:17:33 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.05.12 21:46:08 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2011.01.13 19:18:15 | 000,000,365 | ---- | C] () -- C:\Users\Kevin\AppData\Local\postgresinstall.bat
[2011.01.04 16:10:58 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.01.04 16:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.01.04 16:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.01.04 16:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.01.04 16:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010.12.06 15:58:56 | 002,496,715 | ---- | C] () -- C:\Windows\System32\abgx360.exe
[2010.05.26 20:37:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2010.04.28 21:31:06 | 000,000,068 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.03.05 19:47:36 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010.02.27 14:08:29 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2010.02.23 17:13:27 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll
[2010.01.27 21:46:45 | 000,138,384 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.12.29 13:32:12 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.12.23 21:40:51 | 000,000,762 | ---- | C] () -- C:\Windows\Edofma.INI
[2009.08.28 14:25:32 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.07.23 20:20:43 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.05.29 18:36:24 | 000,086,250 | ---- | C] () -- C:\Windows\wininit.ini
[2009.05.27 18:23:04 | 000,000,600 | ---- | C] () -- C:\Users\Kevin\AppData\Local\PUTTY.RND
[2009.05.12 13:32:34 | 000,014,848 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2009.03.22 22:18:35 | 000,134,989 | ---- | C] () -- C:\Windows\War3Unin.dat
[2009.03.15 20:22:50 | 000,000,535 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009.01.29 21:02:15 | 000,000,093 | ---- | C] () -- C:\Users\Kevin\AppData\Local\fusioncache.dat
[2009.01.29 20:28:29 | 000,000,386 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\Current.prx
[2009.01.26 15:40:49 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbcutil.dll
[2009.01.26 15:40:49 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBCinst.dll
[2009.01.26 12:19:30 | 000,025,622 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\wklnhst.dat
[2009.01.26 12:15:43 | 000,001,187 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.01.26 11:43:49 | 000,000,404 | ---- | C] () -- C:\Windows\LEXSTAT.INI
[2009.01.25 19:14:10 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.01.25 19:14:08 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.01.23 18:21:26 | 000,155,648 | ---- | C] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.23 18:10:00 | 000,138,056 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\PnkBstrK.sys
[2009.01.23 18:09:45 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009.01.23 18:09:43 | 000,682,280 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2009.01.23 18:09:43 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.01.23 16:28:26 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.01.23 16:28:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.01.23 16:04:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2009.01.23 16:04:23 | 000,026,082 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.01.23 16:03:13 | 000,000,680 | ---- | C] () -- C:\Users\Kevin\AppData\Local\d3d9caps.dat
[2008.01.21 09:15:58 | 000,765,288 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,181,702 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.12.28 09:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2007.04.27 11:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007.02.22 19:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbccoin.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,367,592 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,721,450 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,153,554 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.10.25 15:51:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbcvs.dll
[1999.01.22 22:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
[1998.06.10 01:00:00 | 000,015,120 | ---- | C] () -- C:\Windows\System32\REPUTIL.DLL

< End of report >
         

Alt 23.04.2012, 11:03   #2
Kowalski1
 
Weiterleitung auf URL123.info - Standard

Weiterleitung auf URL123.info



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 23.04.2012 11:54:46 - Run 11
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Kevin\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 47,55% Memory free
10,99 Gb Paging File | 9,37 Gb Available in Paging File | 85,24% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,31 Gb Total Space | 58,14 Gb Free Space | 29,77% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 22,15 Gb Free Space | 8,19% Space Free | Partition Type: NTFS
 
Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1BC15B64-C369-496B-A7D8-CFFFC4738F54}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{93D28C7D-657A-4A6C-9A39-E8811B331A93}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{9B414A25-7921-4077-8A59-B68AA7302B3D}" = lport=6112 | protocol=6 | dir=in | name=6112 | 
"{A380219C-62BF-43B3-A6B1-09D5BDF70280}" = lport=1338 | protocol=6 | dir=in | name=1338 | 
"{AC91602A-E785-452B-8567-15E5539F3047}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
"{C6D9711C-F8FC-4968-B369-15E51F4CA809}" = lport=5432 | protocol=6 | dir=in | name=postgres | 
"{C84A652A-8EBA-4CB9-99A5-A971B83D8A81}" = lport=6112 | protocol=17 | dir=in | name=6112 | 
"{DFEAD0CC-CDB7-455C-9249-93B9580096CA}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | 
"{FDFCFF18-B31E-40CD-BD14-B5E380366C3A}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02260DC9-E8BB-4709-AE40-AC121E1B75C4}" = protocol=6 | dir=in | app=d:\program files\tunngle\tunngle.exe | 
"{050717F2-A386-453C-9E2F-3E820C983899}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{0B15D919-5D5E-44A1-87D3-A138A09B8863}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\rosettastoneltdservices.exe | 
"{0CE501C0-FDCF-4D73-B12C-314C4B52CC81}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead\left4dead.exe | 
"{102B6718-FC6C-417E-9224-A7EB457B3B58}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{10FAA7ED-BF56-49A0-9FE0-9B82B277744C}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\rosettastonedaemon.exe | 
"{13EDE2F6-A665-4156-AF37-9447DE82A910}" = protocol=6 | dir=in | app=d:\program files\dragon age\bin_ship\daorigins.exe | 
"{1711F7DC-8DB9-4F7A-8479-F04A13225919}" = protocol=6 | dir=in | app=d:\program files\microsoft games\age of empires iii\age3.exe | 
"{1B2A3F2F-1146-4727-97EA-2CCF7BD51B64}" = protocol=17 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe | 
"{2292A04C-B868-459D-B9FC-C131350CA1ED}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0-dede-downloader.exe | 
"{23CEBD8A-3C1D-4B0E-882C-A4FCF90AB311}" = protocol=17 | dir=in | app=d:\program files\origin games\fifa 12\game\fifa.exe | 
"{2424D9BB-DF60-4D8F-AE13-BC1FCB900C72}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{26173FAA-DEEC-43DF-AEAC-F557EBB4DC69}" = dir=in | app=c:\users\kevin\appdata\roaming\ycf\livolo.exe | 
"{2B8C018F-B057-4F7A-85A4-3ECF943216F9}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | 
"{3235C9BD-E643-4991-A705-710F9EA4A2D1}" = protocol=6 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe | 
"{3518C955-624F-496D-B0BA-B30391ADAA38}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbcpswx.exe | 
"{3630A9D1-6A51-4B39-BEC9-4D15CCD4DDC0}" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat | 
"{36C40B64-DA14-4D51-8CCC-9BBDCAFA559D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{39E71065-55BB-4394-BA3A-EF8F1A446F4A}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead\left4dead.exe | 
"{3A483245-06E6-43D5-8775-CE3D6B3036F7}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\empire total war\empire.exe | 
"{3DA9F65D-0F1B-4AC4-93FF-931F8E04C48C}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | 
"{3E262613-34F5-40BC-9945-DD865C30B995}" = protocol=17 | dir=in | app=d:\program files\guild wars\gw.exe | 
"{3EC05ED4-1271-4608-A9C0-5553C6A9AFD5}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fear.exe | 
"{435BA85B-268F-4C94-9075-CEF504A1F201}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{4A6297F7-5AAB-451F-AB63-6DCDC1EBEE4A}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{4C9FDD42-5D44-4FC3-8E72-410A9266A9A5}" = protocol=17 | dir=in | app=d:\program files\rvg software\holdem manager\holdemmanager.exe | 
"{4E48D4A7-54F5-4CB8-BCE4-D3D267E2B647}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{538A5A86-8353-45C0-ACAC-0C5A64CDE326}" = protocol=17 | dir=in | app=c:\windows\system32\lxbccoms.exe | 
"{563115A1-0AB3-403A-A358-8CC8169C7C92}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{64526B2B-07FE-4CB9-995A-EC99BD56CEC4}" = protocol=6 | dir=in | app=d:\program files\origin games\fifa 12\game\fifa.exe | 
"{67992397-B7F7-48C9-AFB8-4D2413AED5C2}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{68D0A40B-8F8C-450C-AFB0-108EFC58CA95}" = protocol=17 | dir=in | app=d:\program files\icq7.5\icq.exe | 
"{690B9E13-F0F1-4C73-BE7F-F9D7DE3AB7D9}" = protocol=6 | dir=in | app=d:\program files\itunes\itunes.exe | 
"{6A07AFBB-4BCF-4EA3-B508-52A3610868DC}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{6B061DED-E945-4814-B47A-FC9F738527B4}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | 
"{6D04846C-3871-404E-8733-DD022C80F67F}" = protocol=17 | dir=in | app=d:\program files\tunngle\tunngle.exe | 
"{723E5170-3CBE-40B8-8F55-7AD9AC5820A3}" = protocol=17 | dir=in | app=d:\program files\rockstar games\eflc\launcheflc.exe | 
"{72B0DB13-159F-4B56-BE61-0FAC797EB6FF}" = protocol=6 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe | 
"{750974CD-2435-4972-ADF3-F528CBC8235B}" = protocol=17 | dir=in | app=d:\program files\dragon age\bin_ship\daupdatersvc.service.exe | 
"{76DAFFCF-C701-4127-A0F9-BB5BA3FD1BB1}" = protocol=17 | dir=in | app=d:\program files\jdownloader\jdownloader.exe | 
"{790146CC-0E13-491D-B8B4-BBB41C56F905}" = protocol=17 | dir=in | app=d:\program files\dragon age\daoriginslauncher.exe | 
"{816D2944-2DDC-4CA2-82B1-FD5A19CBECB7}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe | 
"{82D89747-9AB8-4AE0-9EF0-BC90C1F3AD2B}" = protocol=6 | dir=in | app=d:\program files\rockstar games\eflc\launcheflc.exe | 
"{8395DC00-59CF-451E-98B3-AA3B56F4BFE8}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | 
"{84ECAE31-FC9E-4C68-8E94-D26484B812F5}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe | 
"{878CF526-CDEE-4F0B-9B48-3A33B6456523}" = dir=in | app=c:\program files\rosettastoneltdservices\rosettastoneltdservices.exe | 
"{88779E37-82FB-4FF0-B070-B60C5C67BB61}" = protocol=6 | dir=in | app=d:\program files\icq7.5\icq.exe | 
"{89D5CA6B-C59E-421F-B29A-C3139E64C405}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe | 
"{8D9080F5-CBB9-4D78-9741-EB29E4137EC8}" = protocol=17 | dir=in | app=d:\program files\tunngle\tnglctrl.exe | 
"{8DD8DE8D-5C60-431F-94A2-2085321DF1A0}" = protocol=6 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe | 
"{8E10E4F2-102D-4313-A0C2-49FC0F8A9780}" = protocol=6 | dir=in | app=c:\windows\system32\lxbccoms.exe | 
"{8F352AF1-718E-478D-A562-B315AF975D36}" = protocol=6 | dir=in | app=d:\program files\rvg software\holdem manager\dbcontrolpanel.exe | 
"{9066254F-CA05-4EAD-A4F2-C51E4E680FB5}" = protocol=17 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe | 
"{90EE8DC0-423B-4889-8746-4EAA937158D5}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fearxp\fearxp.exe | 
"{91371408-6EF0-4D66-BA1A-CE2273A4C934}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{954EADF2-6428-4413-BDAA-9B642E192696}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{98A92B9B-2335-41B4-95F7-07262B5991EF}" = protocol=6 | dir=in | app=d:\program files\rvg software\holdem manager\holdemmanager.exe | 
"{9C32CA59-2829-4D89-9165-B97478D864BF}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{A2A87C3B-F9F4-4756-AD7E-E9AF4FC1330B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe | 
"{A3D2E1C9-2EEE-4A9C-AA5F-070D9DF59537}" = dir=in | app=c:\program files\rosettastoneltdservices\rosettastonedaemon.exe | 
"{B10D5103-085B-4117-9133-F70B2C643F75}" = protocol=6 | dir=in | app=d:\program files\dragon age\bin_ship\daupdatersvc.service.exe | 
"{B2DF138E-9D08-481D-A35C-3DF328E167AD}" = protocol=17 | dir=in | app=d:\program files\icq7.5\icq.exe | 
"{B2E8F5FC-C809-4468-89C7-7BC5F4A98AEE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B3740786-CCE7-4F72-94A8-2144178CE1DC}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fear.exe | 
"{B5F30A51-1A31-4C51-BA5B-81D57F176B3A}" = protocol=17 | dir=in | app=d:\program files\microsoft games\age of empires iii\age3.exe | 
"{B9BA56B4-9973-4FCE-BB3F-FE3BA14D123E}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0-dede-downloader.exe | 
"{C2C7D9BA-F032-4721-BE08-FC5CC192779B}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | 
"{C3FCFC0F-6786-4BCD-8E90-7FAC5F771B8E}" = protocol=6 | dir=in | app=d:\program files\dragon age\daoriginslauncher.exe | 
"{C6EE227B-D4C8-447A-9839-F4180B9B47B8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C9227D88-0738-4AAF-8B83-FC1EC143C487}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{CC4BBF49-1B60-442E-89A9-B06A529E79EF}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fearxp\fearxp.exe | 
"{CF275D39-5B34-4F54-9AAC-E67D11014EF2}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | 
"{D0A342DE-47F0-40E5-9DDC-26A00D484ADE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{D0FF87E1-C68C-4DD2-B2D0-94E4CFC3FF1C}" = protocol=17 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe | 
"{D155E9CF-FB09-493B-A41C-49B03EC8F8DB}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe | 
"{D7C61099-0E88-4FC1-A2A7-BBD4B33A57D9}" = protocol=6 | dir=in | app=d:\program files\tunngle\tnglctrl.exe | 
"{DA2244EA-B8AF-4632-9ED7-17EDC40614BC}" = protocol=6 | dir=in | app=d:\program files\jdownloader\jdownloader.exe | 
"{DEF5CCD5-D345-4C7B-9B5E-7204566625EC}" = protocol=6 | dir=in | app=d:\program files\icq7.5\icq.exe | 
"{E013AFFF-F7CB-4D5B-AFDC-7A867571087C}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\empire total war\empire.exe | 
"{E07CD312-6F7C-45E7-BA3B-DCCF6DDC235E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E0C4163B-AFA6-4B91-A36D-BA5A74848E85}" = protocol=17 | dir=in | app=d:\program files\dragon age\bin_ship\daorigins.exe | 
"{E1694F0D-443C-4AF3-B632-53A516E6E2D6}" = protocol=6 | dir=in | app=d:\program files\rvg software\holdem manager\hmhud.exe | 
"{E2A90B3E-2D2F-4451-98BD-3965C1E50BE7}" = protocol=17 | dir=in | app=d:\program files\rvg software\holdem manager\dbcontrolpanel.exe | 
"{E2D38A28-619B-4834-AF19-44745E421847}" = protocol=6 | dir=in | app=d:\program files\guild wars\gw.exe | 
"{E3419925-96B7-4252-8A83-793EC1FC6CCF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbcpswx.exe | 
"{E9B24E58-D222-416D-9A21-7000279F0571}" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat | 
"{EE8BC520-C3F9-4AD8-B582-718CB0F6D022}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{F322ECEA-F096-411A-949E-5C828DD2E3E5}" = protocol=17 | dir=in | app=d:\program files\rvg software\holdem manager\hmhud.exe | 
"{F32BC7EA-EE55-451E-83BA-2390596BCF5D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{F59FDB2E-6B16-4D9E-9E79-BAE045C89F89}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FA037785-B456-43D8-B5C1-23B33479A2CF}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{FA640713-D0A0-48F1-965A-F8C400DE261C}" = protocol=6 | dir=in | app=d:\program files\icq7.5\icq.exe | 
"{FBB8494F-3FBD-49A7-97CA-179BDB9729D2}" = protocol=17 | dir=in | app=d:\program files\itunes\itunes.exe | 
"{FC00CB47-D4D8-400F-9E57-D4446BD637A1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FCD0F2B3-1DDD-4755-96DF-1356DAE8E10C}" = protocol=17 | dir=in | app=d:\program files\icq7.5\icq.exe | 
"{FD842E24-0121-4040-9F34-B835AF063345}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe | 
"{FE49D6DF-5DF5-4677-81B4-9CD40252F8C3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{049D0E66-0298-4E8B-9358-D47E8FDB0C3F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{04F344EC-5E4D-43F6-AFCE-22EE95F7FB50}D:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=6 | dir=in | app=d:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe | 
"TCP Query User{08174836-18B6-4FAA-A655-2571C7877725}D:\program files\rockstar games\eflc\eflc.exe" = protocol=6 | dir=in | app=d:\program files\rockstar games\eflc\eflc.exe | 
"TCP Query User{0C126593-312B-4AD3-863D-8400420B58B9}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{0C1461D8-90F6-4C35-AFAC-24D5E8C44CA4}C:\program files\activision\empires dawn of the modern world\empires_dmw.exe" = protocol=6 | dir=in | app=c:\program files\activision\empires dawn of the modern world\empires_dmw.exe | 
"TCP Query User{0CE0CFA6-E3A7-4CD4-B0DE-3B57D98C23EB}D:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe | 
"TCP Query User{124E94B1-4E62-42E7-99E3-CC7BF683C40E}D:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=d:\program files\intervideo\dvd8\windvd.exe | 
"TCP Query User{1416E868-8826-47F9-BDD3-F75ED2C5181B}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe | 
"TCP Query User{14308610-31A2-4E31-AC07-0DDBA6690333}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe | 
"TCP Query User{1B7FE7CC-DBF3-458A-80D3-5FEA509CCE67}D:\program files\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\program files\world of warcraft\launcher.exe | 
"TCP Query User{1D2E2B02-D8A0-42C1-8466-0A36F0902BC9}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"TCP Query User{3C0AB35C-276B-414D-A213-E54BBBB838DF}D:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe | 
"TCP Query User{4607BE98-85A2-4B92-9F34-68E474831D7A}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{49D913CB-E95A-4154-88F6-C93E1752763F}D:\program files\winhttrack\winhttrack.exe" = protocol=6 | dir=in | app=d:\program files\winhttrack\winhttrack.exe | 
"TCP Query User{4FE52CA6-24AA-40ED-BDFA-005BF946FC2A}D:\program files\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=d:\program files\valve\portal 2\portal2.exe | 
"TCP Query User{6AF44318-D101-489A-9755-24201C6661E6}D:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe | 
"TCP Query User{6B07766E-D96C-49E9-9A06-8DA31F794839}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{6E85616E-0AC0-4DBB-A33C-812E9E52B214}C:\program files\graffiti studio 2.0\graffiti studio.exe" = protocol=6 | dir=in | app=c:\program files\graffiti studio 2.0\graffiti studio.exe | 
"TCP Query User{74F4E9B8-5458-4F9F-98D5-44928363DB1E}D:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\program files\sopcast\sopcast.exe | 
"TCP Query User{836C65D3-9920-4A7B-9412-98DB2ED728E8}D:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{90414F95-AB68-4239-BCB5-B36E9C41F391}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe | 
"TCP Query User{94F32068-74E9-43E9-99DF-E6ADAE1FC09C}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe | 
"TCP Query User{96097F71-1DAA-461B-829A-AB480AE296D1}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | 
"TCP Query User{96C6F46D-7F7E-4E33-ACEB-C16A1FE2F753}D:\program files\ubisoft\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\far cry 2\bin\farcry2.exe | 
"TCP Query User{9ABA2525-3565-4259-A03E-24ADEF7EABE3}D:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe" = protocol=6 | dir=in | app=d:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe | 
"TCP Query User{9B5354C6-39D5-4310-BC11-D6CE303EB780}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{A3890824-D3F6-4F4F-ADF3-D4E2F7ACFED5}C:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe" = protocol=6 | dir=in | app=c:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe | 
"TCP Query User{AFFDAD41-1AF0-4AA9-A89B-BF912C6520A3}D:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | 
"TCP Query User{B9B481CC-80B5-410D-9E1D-3A38ADEE3F58}D:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\program files\world of warcraft\backgrounddownloader.exe | 
"TCP Query User{C3276851-E358-4B72-9A07-ED0D8BF93299}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{D4609FD2-780B-4F2E-8350-31886477599A}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{E0831070-2F42-4BA3-95CC-25B22F88277D}C:\program files\x-chat 2\xchat.exe" = protocol=6 | dir=in | app=c:\program files\x-chat 2\xchat.exe | 
"TCP Query User{E4782409-E453-45AA-8C55-6FB1B41B9E28}C:\program files\openvpn\bin\openvpn.exe" = protocol=6 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe | 
"TCP Query User{E89CBB6F-3FDC-4543-B1F3-49D067CCD41C}C:\users\kevin\temp\teamviewer\version4\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\kevin\temp\teamviewer\version4\teamviewer.exe | 
"TCP Query User{F8783AAA-F8E2-4820-884A-9E8C25DBD531}D:\program files\ubisoft\related designs\anno 1404\addon.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\addon.exe | 
"UDP Query User{02993BB8-1AEE-451D-8FEB-F9B2BC730D15}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | 
"UDP Query User{0378D491-90D0-47E8-9F5F-B5BD4BA7D2D7}D:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=17 | dir=in | app=d:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe | 
"UDP Query User{0576D843-2AB9-4805-800C-F65355E2553E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{0D7FB650-BA8F-4287-8CF1-2FF18B954BDA}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{0FBE7B06-3488-4C92-ABBF-813488D24215}D:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\program files\sopcast\sopcast.exe | 
"UDP Query User{126CC74A-8A3C-42DD-AA55-32C1862A9A4A}C:\program files\activision\empires dawn of the modern world\empires_dmw.exe" = protocol=17 | dir=in | app=c:\program files\activision\empires dawn of the modern world\empires_dmw.exe | 
"UDP Query User{2135D95F-6179-48A4-AB5F-23E6A6683DDE}D:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\program files\world of warcraft\backgrounddownloader.exe | 
"UDP Query User{22DC7004-F415-4A63-A3AB-CEA9D14A2A4D}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe | 
"UDP Query User{24CF0632-9E3A-427B-9A89-6CFA95A0CF0F}D:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe | 
"UDP Query User{2B0C7EDD-9757-4908-839E-CE60AD3AAB94}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{2ED5D616-E6CA-40E5-8295-2F8260D4C2D2}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"UDP Query User{33234148-933E-406B-867E-4F6FE70750C6}D:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe" = protocol=17 | dir=in | app=d:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe | 
"UDP Query User{397800EC-ADF1-4E68-97E7-623353BC6BBB}C:\program files\openvpn\bin\openvpn.exe" = protocol=17 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe | 
"UDP Query User{39876B57-9949-4193-B7BB-62965B7CA361}C:\program files\x-chat 2\xchat.exe" = protocol=17 | dir=in | app=c:\program files\x-chat 2\xchat.exe | 
"UDP Query User{3CEC3EB6-213D-4754-AAA0-F70A7DF77DB9}D:\program files\winhttrack\winhttrack.exe" = protocol=17 | dir=in | app=d:\program files\winhttrack\winhttrack.exe | 
"UDP Query User{48C2ECB9-17B2-48C5-87DB-F9B1317EB174}D:\program files\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=d:\program files\valve\portal 2\portal2.exe | 
"UDP Query User{48FBD34E-91B9-43EB-935F-3A037D8934F1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{4BF507AB-6E70-46A7-AE59-4B242C49FF87}D:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | 
"UDP Query User{4EB37FA1-7A9F-448A-A0B2-49D36334763F}C:\program files\graffiti studio 2.0\graffiti studio.exe" = protocol=17 | dir=in | app=c:\program files\graffiti studio 2.0\graffiti studio.exe | 
"UDP Query User{520A5AFE-1914-4276-82DE-EFF1AB4C6528}D:\program files\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\program files\world of warcraft\launcher.exe | 
"UDP Query User{61C080E2-1D35-4A75-AFB4-9EE03D9486F4}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe | 
"UDP Query User{638DCCE4-D8A3-40C7-8C48-D3CF6D496BF8}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe | 
"UDP Query User{6396DB85-D5BB-485F-87B7-A29190E1D724}D:\program files\ubisoft\related designs\anno 1404\addon.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\addon.exe | 
"UDP Query User{73909B1C-8977-416E-B65E-0E7D64AB199D}D:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe | 
"UDP Query User{7EA54910-C7E0-40AB-85D4-8C00AC544246}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{810E8CAE-E004-4F84-A689-8D452C9459AB}C:\users\kevin\temp\teamviewer\version4\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\kevin\temp\teamviewer\version4\teamviewer.exe | 
"UDP Query User{84787A75-BB9D-481F-88E0-DFEAFDB53536}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{8946B41A-3B34-4FD8-B8DB-25A8A8690BC0}D:\program files\ubisoft\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\far cry 2\bin\farcry2.exe | 
"UDP Query User{8FAF48EF-3C10-452B-AEF0-BCECCD682355}C:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe" = protocol=17 | dir=in | app=c:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe | 
"UDP Query User{A0FB9F23-81DB-4467-A9D0-96B933FC272A}D:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe | 
"UDP Query User{B7B4928C-858A-427B-B2A5-7D28160C26C1}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{BE02FC87-B499-4FAA-BE33-B9E5700844E5}D:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=d:\program files\intervideo\dvd8\windvd.exe | 
"UDP Query User{C0D295DE-8E05-4585-843E-93FC298484EA}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe | 
"UDP Query User{F473267A-E72F-4133-B22F-74F39EAC164F}D:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{F4B67866-96DB-4695-84A5-484A19FA9DA8}D:\program files\rockstar games\eflc\eflc.exe" = protocol=17 | dir=in | app=d:\program files\rockstar games\eflc\eflc.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{04440044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Enzyklopädie 2004
"{045A9539-37B6-464D-94F9-E4ADFA856903}" = PokerStrategy.com Equilator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D994CC5-819F-4657-84DD-397B8FE1EA80}" = Star Wars Jedi Knight Jedi Academy
"{0E9389C0-0E8A-4174-A430-CFAFF29CC3A7}" = PokerStrategy.com Equilab
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{1459C671-45F3-4A58-8EA6-3B675460E51A}" = DO Kopfrechnen
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{1594B7BA-4357-47E5-82C2-004996E528EF}" = TableNinja
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1C2B3CEA-482E-4453-B3E2-C9731337828A}" = Microsoft SQL Server 2008 Native Client
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars(TM): Knights of the Old Republic (TM)
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{2F8BE683-EF69-4D18-9974-DB0C1832A516}" = ICM Trainer Light
"{3230518C-2953-4FB9-8485-B3CDFCC36A70}" = Rosetta Stone Ltd Services
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{39930321-4C58-4B8B-BCBF-342698C9801D}" = Max Payne
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE2032D-B1DA-4057-9D1E-4120F8B64367}" = DSLaufzeit
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{45B4FF51-D048-46A1-AE2C-3786F2221F47}" = DSRechner
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{47EA4DDF-FD99-46B3-846C-9F3F315268AD}" = ICM Trainer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AB36284-71BC-4FAA-931C-6641DE3F4472}" = MAGIX Goya burnR (MSI)
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent 
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B680750-760B-49E4-81E7-21B2B337F9F7}" = Microsoft Works
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{628C3D50-F524-4C49-A958-672CE7953756}" = Der Herr der Ringe® - Die Eroberung™
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7AF9D464-6627-4FB9-AEF9-15D6C972CA84}_is1" = Minecraft Beta Version 1.7.3
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7C3D8108-8D99-427F-A1C2-D8E0D25A469C}" = Tom Clancy's EndWar
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{909BBDB7-BABE-434C-9124-863A9F8D1CF8}" = FEAR Extraction Point
"{90DA7F39-B9D4-4FB1-93A0-6B10F83E35E2}" = Wer wird Millionär - Party-Edition
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD 4
"{99889189-C739-4A46-BA02-3B271A118957}" = F.E.A.R. Mission Perseus
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9AA2D735-3375-42D4-9A61-3FFEF82599D6}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup 
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = Die Siedler 7
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A1416622-0DDE-45B5-B06C-DFC3ED94C53B}" = Der Pate® II
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A53BEB85-A538-4F93-BF0C-2D9770532D10}" = Lost Horizon
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B06DEEF2-9F64-4C04-84E7-D56CD9BF85BE}" = MAGIX Music Maker MX Download-Version
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B8AC8B3A-5842-4AE6-AFFD-FB2808EE3544}" = MAGIX Music Maker MX Trial (Soundpaket)
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BB47D7EA-7EF1-475C-9C14-AF5B8FCA45E2}" = Condemned - Criminal Origins
"{BE9A67F1-BDD3-4259-9F5C-2EFCE6B3A6C5}" = Clive Barker's Jericho
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C2F8468F-85AB-4D08-A68E-01D328E7B261}" = PokerStrategy.com Elephant
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CAD1691A-FA24-4B95-9009-3257B8440ECC}" = Tom Clancy's Splinter Cell Double Agent
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1D632A2-E249-466D-A094-B1B934D37645}_is1" = Stronghold Kingdoms
"{D2ECAEB9-1ACD-4DA2-B3F6-4A94A429FC8C}" = Legendary
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: The Complete Saga
"{D6A5B908-426D-4F00-B7DE-D59DFD51E0E8}" = MAGIX Screenshare
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DC158DF7-6B36-4C6F-BC91-109014297994}" = FIFA 11 Demo
"{DEED33EE-4357-4907-8F20-C1A50CC68A5A}" = USB Joystick
"{E184BB79-61A3-4B0A-86D1-12A56C0A7270}" = Painkiller Resurrection
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E71AC707-179D-458D-A1E8-F52977CAEAB4}" = M.U.D. TV
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{F027C8E3-6DBD-492A-9959-7B36B1DE0D65}" = Ad-Aware
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F73D18C1-F4DA-4B9F-9C46-5185F5D3DB7C}" = F.E.A.R. 2 SP Demo
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FB32F52B-0D1C-4214-91A6-5B2DA15A5238}" = Ad-Aware
"{FD025150-EEA0-4CAC-BED1-B9837783FCC8}" = ActivePerl 5.10.0 Build 1005
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"abgx360" = abgx360 v1.0.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"APP-Codejock.SuitePro.ActiveX.v12.0.1_is1" = Xtreme SuitePro ActiveX v12.0.1
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"Ask Toolbar_is1" = Ask Toolbar
"Aspell German Dictionary_is1" = Aspell German Dictionary-0.50-2
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.8 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Black Mirror 2_is1" = Black Mirror 2
"Black Mirror III_is1" = Black Mirror III
"Brain Workshop_is1" = Brain Workshop 4.4
"Call of Duty Black Ops GERMAN Uncut 1.00" = Call of Duty Black Ops GERMAN Uncut 1.00
"CCleaner" = CCleaner (remove only)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dues Ex Human Revolution_is1" = Dues Ex Human Revolution
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"DyynoPlayer" = DyynoPlayer 0.8.6f.2
"Empires Dawn of the Modern World" = Empires Dawn of the Modern World
"Eraser" = Eraser
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"F.E.A.R. 3_is1" = F.E.A.R. 3
"F.E.A.R.2 Reborn_is1" = F.E.A.R.2 Reborn
"FeedReader_is1" = FeedReader
"FileZilla Client" = FileZilla Client 3.3.4.1
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Billiards 2008_is1" = Free Billiards 2008
"Free YouTube Download_is1" = Free YouTube Download 2.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Game Booster_is1" = Game Booster
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"GFWL_{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"GNU Aspell_is1" = GNU Aspell 0.50-3
"Google Updater" = Google Updater
"Graffiti Studio 2.0_is1" = Graffiti Studio 2.0
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen)
"Guild Wars" = GUILD WARS
"HijackThis" = HijackThis 2.0.2
"HoldemManager" = Holdem Manager
"ICQToolbar" = ICQ Toolbar
"ImgBurn" = ImgBurn
"InstallShield_{045A9539-37B6-464D-94F9-E4ADFA856903}" = PokerStrategy.com Equilator
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"InstallShield_{D2ECAEB9-1ACD-4DA2-B3F6-4A94A429FC8C}" = Legendary
"InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: Die Komplette Saga
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"JDownloader" = JDownloader
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Lexmark 510 Series" = Lexmark 510 Series
"Lexmark Z500-Z600 Series" = Lexmark Z500-Z600 Series
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia II_is1" = Mafia II
"MAGIX_MSI_mm18" = MAGIX Music Maker MX Download-Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU
"Mikogo" = Mikogo
"MobMap_is1" = MobMap 3.55
"Mozilla Firefox (3.6.27)" = Mozilla Firefox (3.6.27)
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"MyMDb_0" = MyMDb 3.6
"Nero - Burning Rom!UninstallKey" = Ahead Nero OEM
"NeroVision!UninstallKey" = Ahead NeroVision Express
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OpenVPN" = OpenVPN 2.0.9-gui-1.0.3
"Origin" = Origin
"PartyPoker" = PartyPoker
"Pidgin" = Pidgin
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"Postal 2_is1" = Portal 2
"PostgreSQL 8.3" = PostgreSQL 8.3
"PostgreSQL 8.4" = PostgreSQL 8.4
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Proxifier_is1" = Proxifier version 2.7
"PunkBusterSvc" = PunkBuster Services
"Quick Memory Editor_is1" = Quick Memory Editor 5.5
"QuickPar" = QuickPar 0.9
"RealPlayer 12.0" = RealPlayer
"Schlag den Raab_is1" = Schlag den Raab
"Shockwave" = Shockwave
"SitNGoWizard" = SitNGo Wizard
"SMPlayer_is1" = SMPlayer 0.6.6
"SopCast" = SopCast 3.2.4
"Steam App 10500" = Empire: Total War
"Steam App 240" = Counter-Strike: Source
"Steam App 400" = Portal
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 500" = Left 4 Dead
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"TeamViewer 6" = TeamViewer 6
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"TrueCrypt" = TrueCrypt
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.7
"UseNeXT_is1" = UseNeXT
"VirusTotalUploader" = VirusTotal Uploader
"VirusTotalUploader2.0" = VirusTotal Uploader 2.0
"Visual Basic 6.0 Professional Edition (deu)" = Microsoft Visual Basic 6.0 Professional Edition (Deutsch)
"VLC media player" = VLC media player 0.9.8a
"Warcraft III" = Warcraft III
"WebMoney Agent" = WebMoney Agent
"Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.5
"WebPost" = Microsoft Web Publishing Wizard 1.53
"Wecker 2.2" = Wecker 2.2 2.2
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9
"WinPatrol" = WinPatrol 2008
"WinRAR archiver" = WinRAR
"Works2004Setup" = Setup-Start von Microsoft Works 2004
"World of Warcraft" = World of Warcraft
"xampp" = XAMPP 1.7.1
"X-Chat 2_is1" = X-Chat 2.8.6-2
"Xfire" = Xfire (remove only)
"XnView_is1" = XnView 1.96.5
"xp-AntiSpy" = xp-AntiSpy 3.97
"Zygor Guides" = Zygor Guides
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"360WAVESPATCHERCLT" = 360WavesPatcher (Client setup)
"BrainGame" = Dr Kawashima
"Google Chrome" = Google Chrome
"Runic Games Torchlight" = Torchlight
"sc10-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Universal Replayer" = Universal Replayer
"Warcraft III" = Warcraft III: All Products
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 23.04.2012 05:37:16 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-04-23 11:37:16 CESTFATAL:  role "SYSTEM" does not exist 
 
Error - 23.04.2012 05:37:18 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-04-23 11:37:18 CESTFATAL:  role "SYSTEM" does not exist 
 
Error - 23.04.2012 05:37:19 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-04-23 11:37:19 CESTFATAL:  role "SYSTEM" does not exist 
 
Error - 23.04.2012 05:37:20 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-04-23 11:37:20 CESTFATAL:  role "SYSTEM" does not exist 
 
Error - 23.04.2012 05:37:21 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-04-23 11:37:21 CESTFATAL:  role "SYSTEM" does not exist 
 
Error - 23.04.2012 05:37:22 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-04-23 11:37:22 CESTFATAL:  role "SYSTEM" does not exist 
 
Error - 23.04.2012 05:37:23 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-04-23 11:37:23 CESTFATAL:  role "SYSTEM" does not exist 
 
Error - 23.04.2012 05:37:24 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-04-23 11:37:24 CESTFATAL:  role "SYSTEM" does not exist 
 
Error - 23.04.2012 05:37:25 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-04-23 11:37:25 CESTFATAL:  role "SYSTEM" does not exist 
 
Error - 23.04.2012 05:37:26 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-04-23 11:37:26 CESTFATAL:  role "SYSTEM" does not exist 
 
[ SitNGoWizard Events ]
Error - 26.02.2012 10:03:25 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description =    bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
 Delegate method, Object[] args, Boolean synchronous)     bei System.Windows.Forms.Control.Invoke(Delegate
 method, Object[] args)     bei System.Windows.Forms.Control.Invoke(Delegate method)

   bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)     
bei System.Windows.Forms.Timer.OnTick(EventArgs e)     bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
 m)     bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
 wparam, IntPtr lparam)
 
Error - 26.02.2012 10:03:29 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
 werden, wenn das Fensterhandle erstellt wurde.
 
Error - 26.02.2012 10:03:29 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description =    bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
 Delegate method, Object[] args, Boolean synchronous)     bei System.Windows.Forms.Control.Invoke(Delegate
 method, Object[] args)     bei System.Windows.Forms.Control.Invoke(Delegate method)

   bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)     
bei System.Windows.Forms.Timer.OnTick(EventArgs e)     bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
 m)     bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
 wparam, IntPtr lparam)
 
Error - 26.02.2012 10:03:39 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
 werden, wenn das Fensterhandle erstellt wurde.
 
Error - 26.02.2012 10:03:39 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description =    bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
 Delegate method, Object[] args, Boolean synchronous)     bei System.Windows.Forms.Control.Invoke(Delegate
 method, Object[] args)     bei System.Windows.Forms.Control.Invoke(Delegate method)

   bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)     
bei System.Windows.Forms.Timer.OnTick(EventArgs e)     bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
 m)     bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
 wparam, IntPtr lparam)
 
Error - 26.02.2012 10:03:49 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
 werden, wenn das Fensterhandle erstellt wurde.
 
Error - 26.02.2012 10:03:49 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description =    bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
 Delegate method, Object[] args, Boolean synchronous)     bei System.Windows.Forms.Control.Invoke(Delegate
 method, Object[] args)     bei System.Windows.Forms.Control.Invoke(Delegate method)

   bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)     
bei System.Windows.Forms.Timer.OnTick(EventArgs e)     bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
 m)     bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
 wparam, IntPtr lparam)
 
Error - 26.02.2012 10:03:59 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
 werden, wenn das Fensterhandle erstellt wurde.
 
Error - 26.02.2012 10:03:59 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description =    bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
 Delegate method, Object[] args, Boolean synchronous)     bei System.Windows.Forms.Control.Invoke(Delegate
 method, Object[] args)     bei System.Windows.Forms.Control.Invoke(Delegate method)

   bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)     
bei System.Windows.Forms.Timer.OnTick(EventArgs e)     bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
 m)     bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
 wparam, IntPtr lparam)
 
Error - 26.02.2012 10:04:43 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
 werden, wenn das Fensterhandle erstellt wurde.
 
[ System Events ]
Error - 20.04.2012 02:03:44 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 20.04.2012 03:22:49 | Computer Name = Kevin-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 20.04.2012 03:24:20 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 21.04.2012 07:12:21 | Computer Name = Kevin-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 21.04.2012 07:13:58 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 21.04.2012 14:10:41 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 22.04.2012 06:43:06 | Computer Name = Kevin-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 22.04.2012 06:44:57 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 23.04.2012 05:35:42 | Computer Name = Kevin-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 23.04.2012 05:37:28 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description = 
 
[ TuneUp Events ]
Error - 18.04.2012 05:21:08 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-18 11:21:08', '\device\harddiskvolume1\program
 files\malwarebytes' anti-malware\mbamservice.exe','5944',0)
 
Error - 18.04.2012 09:01:16 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-18 15:01:16', '\device\harddiskvolume1\program
 files\malwarebytes' anti-malware\mbamservice.exe','3776',0)
 
Error - 19.04.2012 04:01:28 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-19 10:01:28', '\device\harddiskvolume1\program
 files\malwarebytes' anti-malware\mbamservice.exe','5200',0)
 
Error - 19.04.2012 05:54:15 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-19 11:54:15', '\device\harddiskvolume1\program
 files\malwarebytes' anti-malware\mbamservice.exe','5564',0)
 
Error - 20.04.2012 02:05:47 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-20 08:05:47', '\device\harddiskvolume1\program
 files\malwarebytes' anti-malware\mbamservice.exe','4740',0)
 
Error - 20.04.2012 03:26:28 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-20 09:26:28', '\device\harddiskvolume1\program
 files\malwarebytes' anti-malware\mbamservice.exe','1336',0)
 
Error - 21.04.2012 07:16:06 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-21 13:16:06', '\device\harddiskvolume1\program
 files\malwarebytes' anti-malware\mbamservice.exe','4332',0)
 
Error - 22.04.2012 06:47:02 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-22 12:47:02', '\device\harddiskvolume1\program
 files\malwarebytes' anti-malware\mbamservice.exe','5284',0)
 
Error - 22.04.2012 15:19:44 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-22 21:19:44', '\device\harddiskvolume1\program
 files\malwarebytes' anti-malware\mbam.exe','2416',0)
 
Error - 22.04.2012 15:35:45 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-04-22 21:35:45', '\device\harddiskvolume1\programdata\malwarebytes\malwarebytes'
 anti-malware\mbam-setup.exe','4288',0)
 
 
< End of report >
         
--- --- ---


[/code]
__________________


Alt 23.04.2012, 11:03   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Weiterleitung auf URL123.info - Standard

Weiterleitung auf URL123.info



Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________
__________________

Alt 23.04.2012, 16:01   #4
Kowalski1
 
Weiterleitung auf URL123.info - Standard

Weiterleitung auf URL123.info



hier schonmal Malwarebytes

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.04.23.01

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Kevin :: KEVIN-PC [Administrator]

Schutz: Deaktiviert

23.04.2012 12:08:49
mbam-log-2012-04-23 (12-08-49).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 568845
Laufzeit: 3 Stunde(n), 12 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 23.04.2012, 21:02   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Weiterleitung auf URL123.info - Standard

Weiterleitung auf URL123.info



Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Weiterleitung auf URL123.info
0x00000001, ad-aware, antivir, audiodg.exe, autorun, avira, bho, bildschirm, bonjour, conduit, converter, defender, downloader, error, firefox, format, ftp, google, google earth, home, logfile, mozilla, mp3, plug-in, realtek, registry, safer networking, scan, server, software, vdeck.exe, version=1.0, vista, visual studio




Ähnliche Themen: Weiterleitung auf URL123.info


  1. Weiterleitung auf mytoolsapp.info bei firefox und ie
    Log-Analyse und Auswertung - 04.03.2013 (14)
  2. Umleitung auf URL123.info
    Alles rund um Mac OSX & Linux - 26.02.2012 (12)
  3. Google-Umleitung zu Url123.info
    Plagegeister aller Art und deren Bekämpfung - 12.02.2012 (1)
  4. Viren Info
    Mülltonne - 03.01.2007 (0)
  5. trojaner-info.de
    Lob, Kritik und Wünsche - 04.05.2005 (1)
  6. info
    Mülltonne - 06.03.2005 (1)
  7. Re: Thank you! - Info
    Plagegeister aller Art und deren Bekämpfung - 06.11.2004 (1)
  8. searchportal.info help
    Log-Analyse und Auswertung - 06.10.2004 (2)
  9. Searchportal.info
    Log-Analyse und Auswertung - 05.08.2004 (13)
  10. www.trojaner-info.de
    Alles rund um Windows - 10.09.2003 (5)
  11. info: Knoppix vom BSI
    Alles rund um Mac OSX & Linux - 16.12.2002 (1)
  12. info: gentoo 1.4 rc1
    Alles rund um Mac OSX & Linux - 19.09.2002 (11)
  13. info: red hat / mdk
    Alles rund um Mac OSX & Linux - 26.08.2002 (1)
  14. info: KDE 3.03
    Alles rund um Mac OSX & Linux - 22.08.2002 (4)

Zum Thema Weiterleitung auf URL123.info - Hallo, ich wurde gestern von Google auf eine Seite mit dem namen url123.info weitergeleitet, doch das wollte ich garnicht. Es öffnete sich ein weißer Bildschirm und die Seite fragte mich - Weiterleitung auf URL123.info...
Archiv
Du betrachtest: Weiterleitung auf URL123.info auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.