Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Virus: Website kann nicht angezeigt werden.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 29.07.2012, 19:46   #1
LiquidBlaze
 
Virus: Website kann nicht angezeigt werden. - Ausrufezeichen

Virus: Website kann nicht angezeigt werden.



Also ich habe folgendes Problem als ich auf diversen Seiten rumgesurft habe, schloss sich aufeinmal der gesamte Explorer und alle Programme 2 Sekunden später wurde der Bildschirm weiß und es kam in Vollbild die Nachricht: ''Website kann nicht angezeigt werden.'' Ich versuchte es zuerst mit dem Taskmanager der öffnete sich, jedoch schloss er sich eine gleich wieder. Ich versuchte es immer wieder und wieder, ohne Erfolg.

Drive by Infektion vermute ich.

Alt+F4 Funktionierte auch nicht.

Was funktiort hat: Strg+Alt+Entf von dort aus ging ich dan in den Taskmanager, erfolglos.

Ich benutze Windows 7 Ultimate x64. Und habe mit einer Anti Malware Software bereits infizierte Dateien gelöscht. Kein Erfolg. Die Malware Software findet nun keine Dateien mehr.

Nun stehe ich hier ganz verzweifelt, ohne jeden Plan im Abgesicherten Modus und bin völlig am verzweifeln. Zum Wahnsinnig werden

Bitte Helft mir.


PS: Ich bin Schüler, habe kein Geld. Und bitte kommt mir nicht mit solchen Sachen wie Daten sichern System neu Draufhauen, weil ich keine Externe Festplatte habe und auch kein geld dafür. UND NEIN ich habe auch keinen Freund der mir eine leihen kann. Also bitte nur Hilfen die keine Neuinstallation des Systeme erfordern.

Geändert von LiquidBlaze (29.07.2012 um 19:59 Uhr)

Alt 29.07.2012, 20:55   #2
markusg
/// Malware-holic
 
Virus: Website kann nicht angezeigt werden. - Standard

Virus: Website kann nicht angezeigt werden.



neustart, f8 drücken abgesicherter modus mit netzwerk wählen.
im betroffenen konto anmelden, wenn das klappt:
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 29.07.2012, 22:03   #3
LiquidBlaze
 
Virus: Website kann nicht angezeigt werden. - Standard

Virus: Website kann nicht angezeigt werden.



Alles schon gemacht ich weiß nur nicht wie man sone textbox erstellt
__________________

Alt 29.07.2012, 22:05   #4
markusg
/// Malware-holic
 
Virus: Website kann nicht angezeigt werden. - Standard

Virus: Website kann nicht angezeigt werden.



dann kopier die logs einfach rein.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 29.07.2012, 22:22   #5
LiquidBlaze
 
Virus: Website kann nicht angezeigt werden. - Standard

Virus: Website kann nicht angezeigt werden.



OTL.TXTOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 29.07.2012 22:06:05 - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = G:\Downloads\Firefox Download
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 58,02% Memory free
6,00 Gb Paging File | 4,58 Gb Available in Paging File | 76,32% Paging File free
Paging file location(s): c:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 75,04 Gb Total Space | 11,24 Gb Free Space | 14,98% Space Free | Partition Type: NTFS
Drive D: | 4,79 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 390,62 Gb Total Space | 44,86 Gb Free Space | 11,48% Space Free | Partition Type: NTFS
 
Computer Name: JOHNNY-PC | User Name: Johnny | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.29 18:20:00 | 000,597,504 | ---- | M] (OldTimer Tools) -- G:\Downloads\Firefox Download\OTL.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.26 23:14:20 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.19 18:08:04 | 000,738,152 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- G:\Programme\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012.07.10 13:46:16 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- G:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.06.14 11:37:10 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- G:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.01 17:37:22 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.04.27 22:13:24 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.12.14 13:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Stopped] -- G:\Programme\Tune Up Utility 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.12.13 15:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- G:\Programme\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.04.18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.28 18:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011.03.30 13:05:55 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.12 11:42:16 | 000,016,376 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TVMonitor.sys -- (MonitorFunction)
DRV:64bit: - [2010.12.13 15:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.07.01 15:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009.09.16 09:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV - [2011.12.12 20:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- G:\Programme\Tune Up Utility 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/webhp?hl=de&tab=ww"
FF - prefs.js..keyword.URL: "hxxp://www.google.de/#q"
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "195.210.28.21"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "195.210.28.21"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "195.210.28.21"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "195.210.28.21"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: G:\Programme\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Johnny\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Johnny\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Johnny\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Johnny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Johnny\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 14.0a1\extensions\\Components: G:\PROGRAMME\MOZILLA\NIGHTLY\COMPONENTS [2012.04.15 22:02:58 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 14.0a1\extensions\\Plugins: G:\PROGRAMME\MOZILLA\NIGHTLY\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.05.03 19:28:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: G:\Programme\Mozilla\components [2012.07.24 03:31:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: G:\Programme\Mozilla\plugins [2012.05.03 19:28:17 | 000,000,000 | ---D | M]
 
[2011.10.17 20:21:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johnny\AppData\Roaming\Mozilla\Extensions
[2012.07.20 13:43:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\bg417n96.default\extensions
[2012.07.20 13:43:05 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\bg417n96.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2012.06.21 01:12:50 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\bg417n96.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.10.19 13:34:56 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\bg417n96.default\extensions\battlefieldplay4free@ea.com
[2012.07.20 01:28:10 | 000,000,000 | ---D | M] ("RewardsArcade") -- C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\bg417n96.default\extensions\crossriderapp498@crossrider.com
[2012.05.22 15:19:47 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\bg417n96.default\extensions\foxyproxy@eric.h.jung
[2012.05.17 18:36:41 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\bg417n96.default\extensions\ich@maltegoetz.de
[2012.02.18 18:14:55 | 000,000,000 | ---D | M] ("Facebook: Rosa Themen-Plugin") -- C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\bg417n96.default\extensions\pink@rosafarbe.info
[2012.02.18 18:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\bg417n96.default\extensions\pink@rosafarbe.info\resources\jrd0-g48yojdcu5i9a8n0j2se5vmy76e-at-jetpack-pink-theme-extension-data
[2012.02.18 18:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\bg417n96.default\extensions\pink@rosafarbe.info\resources\jrd0-g48yojdcu5i9a8n0j2se5vmy76e-at-jetpack-pink-theme-extension-lib
[2012.07.25 00:48:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\nuoqhlzr.Standard-Benutzer\extensions
[2012.05.03 19:28:18 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2011.10.17 22:45:23 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://s.die-paten.com/google.de
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&client=ubuntu&channel=cs&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://s.die-paten.com/google.de
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Johnny\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Johnny\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Johnny\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Johnny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Johnny\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - Extension: Google Translate = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.3.1_0\
CHR - Extension: di.slik.es = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmlfebmbccbmdaihmpefcfehaodlecb\1.3.0.3_0\
CHR - Extension: Bejeweled = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Phown = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aggglfijkcingkneddnmgkckefghfnbo\1.7_0\
CHR - Extension: Minimalist for Facebook\u2122 (DEPRECATED!) = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmiiblnmmnijkhboligioinfchkeagi\0.5.21_0\
CHR - Extension: Nightly Chromium Updater = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\akabngbddgpigiemjhkblleffkbpmpfc\2.0_0\
CHR - Extension: RapidShare Extension for Google Chrome\u2122 = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\alnniagnighkjjnaebfggchaaagfjocb\2.2_0\
CHR - Extension: Google Drive = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6_0\
CHR - Extension: Facebook Emotionenmaschine = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\baidofcbhhfddopoadebjdcmlignfdlf\1.1_0\
CHR - Extension: Facebook :D = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdnkafbajklkjjjaecmigibjallbjjpo\1.0.1_0\
CHR - Extension: Facebook :D = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdnkafbajklkjjjaecmigibjallbjjpo\1.0.1_0\~
CHR - Extension: YouTube Options for Google Chrome\u2122 = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.80_0\
CHR - Extension: Web Developer = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.4.1_0\
CHR - Extension: SocialReviver = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald\3.8_0\
CHR - Extension: Facebook Formatter = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhhadmhaogeobdkgojlafkbbmcnmagon\0.0.2_0\
CHR - Extension: YouTube = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Webmail Ad Blocker = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp\2.30_0\
CHR - Extension: Memonic Web Clipper = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdonhidhobjahdhlcegfakicbcgnkokh\1.3.2_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: AddThis - Share & Bookmark (new) = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde\2.9.9_0\
CHR - Extension: AdBlock+ = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao\1.1.9.18_0\
CHR - Extension: Facebook Ticker Killer = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cldlgamhccbdjcieljdijepmkphadnfo\1.1_0\
CHR - Extension: RescueTime Chrome Productivity Meter = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnggaadmcamdjiimdhelidfgolafbiej\1.0.5_0\
CHR - Extension: Weebly - Website Builder = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb\1.0.4_0\
CHR - Extension: Google-Suche = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RewardsArcade = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcmagccbogebndpoodhhhafmofelpffh\1.18.89_1\crossrider
CHR - Extension: RewardsArcade = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcmagccbogebndpoodhhhafmofelpffh\1.18.89_1\
CHR - Extension: Tampermonkey = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\2.5.29_0\
CHR - Extension: Facebook Token Retriever = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\eabohfkjjlnccebijnnonjghpdemodmj\0.0.1_0\
CHR - Extension: ICQ Web Messenger = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\eagemkjocgabfmaalblbmobhimdponpg\1.0.0_0\
CHR - Extension: Web Time Tracker = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\eapcgmjeoeajojpnedbjhgnfbpikcmjn\0.6.4.0_0\
CHR - Extension: Gmail offline = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.19_0\
CHR - Extension: Facebook Ads Blocker = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\eommhojjeeaapcofdjleiamnokcfdnna\1.1.0_0\
CHR - Extension: PanicButton = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0\
CHR - Extension: Mixcloud = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcenekolminfbkcbchinlcgfhpmggpk\0.0.0.3_0\
CHR - Extension: Facemoods = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdedppfdlabckijfnpikinclkgmdkdkb\1.0.4_0\
CHR - Extension: Facebook Classic = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdodpcdalagnkbkojidmmcehlnhniad\0.0.0.9_0\
CHR - Extension: Stylish = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\
CHR - Extension: Facebook Friends Rank = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcencgaaephljfnhdkcafbfoaefeegop\1.1_0\
CHR - Extension: Facebook Chat Notification = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggekjaligipajhljkbemifjgmlpcfkao\2.30_0\
CHR - Extension: AdBlock = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.38_0\
CHR - Extension: FBstalk chat stalker and notifications = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkiidenbgoaaihpemljppecjkfbilkma\2.4_0\
CHR - Extension: Poke All for Chrome = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmghnjflbmdhmjnclnjpbikjbhppfmdj\2.6.1_0\
CHR - Extension: Webseite Blocher (Beta) = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.1.9_0\
CHR - Extension: Speichere Deine Facebook Inhalte = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfckmeedhllmgbaccdjflacpepfaeooi\1.0.3_0\
CHR - Extension: Vimeo Couch Mode = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjkdhkejcnlmkfdodbkdkelefnkobfif\1.0_0\
CHR - Extension: Mixlr = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjoehbeckeeihcdofnlgbbjnionbbbkf\0.2.8_0\
CHR - Extension: bitly | \u2665  your bitmarks = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.15_0\
CHR - Extension: Facebook Blocker = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieohahnnccniajelojoanhpfppgincod\1.1.1_0\
CHR - Extension: Social Fixer = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb\6.741_0\
CHR - Extension: Pretty Facebook Chat = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihamlfilbdodiokndlfmmlpjlnopaobi\1.3.1.1_0\
CHR - Extension: fbQuickLogin for multiple Facebook\u2122 accounts = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihpcdjelcodenkpfkbaficnkgkmljjbf\0.0.2.3_0\
CHR - Extension: Countdown to FB Timeline = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipncpgbpipphpmdepjblddfjdghlbaba\0.1.0_0\
CHR - Extension: Facebook Posted Via = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfopiccombecfpmhaedbdmihalplgmmn\1.3_0\
CHR - Extension: What's Up! for Facebook = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpagmmlamidmboalapfceemnalecboh\3.5.2_0\
CHR - Extension: Google +1-Schaltfl\u00E4che = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp\1.1.2.424_0\
CHR - Extension: Google Tracks Me = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnhalfgbfhigibeagmkpnnnfolpebgig\1.0.0_0\
CHR - Extension: IP-Adresse = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml\7.0_0\
CHR - Extension: Open Frame = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdhjgkkaacdhdioocfbpmhjidbinfajj\5_0\
CHR - Extension: ShareSquare - Mobile Website Builder = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\klmmndamlccpdelmdgpimpnbbjmchfmf\1_0\
CHR - Extension: SocialPlus! for Facebook = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lepmijpaeefbdjgpmhdigellepjgeabj\2.6.5_0\
CHR - Extension: Facebook Counter = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfonahfbhidckbhhogajbdkkndmellae\1.5_0\
CHR - Extension: TV for Google Chrome\u2122 = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe\1.8.3_0\
CHR - Extension: Skype Click to Call = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\
CHR - Extension: FlashControl = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe\3.0.7_0\
CHR - Extension: Google Mail-Checker = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.3.1_0\
CHR - Extension: Facebook Notifications = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
CHR - Extension: Facebook Runner = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmhcemnjmajcmijidnbceceahgfpdalg\1.0.6_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Facebook Friends Checker = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\odcabkhkikmdjejbhfnpincbcjgdahnn\1.1.2_0\
CHR - Extension: Facebook Link Cleaner Extended = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojbeaoconphplacejcikggdmhcglebfb\2.4_0\
CHR - Extension: Remove Facebook Redirections = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhdomkbnapoacbialllfpbcckckidck\1.1_0\
CHR - Extension: Facebook Popup Chat = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\peoacpcbpljiegfhaebpefebmpofedaj\1.0_0\
CHR - Extension: Send from Gmail (by Google) = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc\1.12_0\
CHR - Extension: iCloud = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjfjiepcafjlmaopmmdfcmdjldjfhlki\1.0.0_0\
CHR - Extension: Google Mail = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Facebook Link Cleaner = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmbjaglelghgabkoicmcecjjofimofjg\1.3_0\
CHR - Extension: Facebook Theme: TIMELINE Theme Dark Everplex = C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppnoananacbdlmjddicclihfphkgpado\4.3_0\
 
O1 HOSTS File: ([2012.05.11 23:10:27 | 000,000,153 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 0.0.0.0 91.206.200.221
O1 - Hosts: 0.0.0.0 bidtraffic.ru
O1 - Hosts: 0.0.0.0 bir3yka.narod2.ru
O1 - Hosts: 0.0.0.0 enet.vn.ua
O1 - Hosts: 0.0.0.0 rax.ru
O1 - Hosts: 0.0.0.0 yandex.ru
O1 - Hosts: 0.0.0.0 ukraine.com.ua
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [mikrpkuhednfjbj] C:\ProgramData\mikrpkuh.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Johnny\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [mikrpkuhednfjbj] C:\ProgramData\mikrpkuh.exe ()
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Johnny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27224240-00FA-4DDC-AB98-817F168E2E51}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EC2AA89-DF56-4F1D-8C45-57C0173955FA}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.02 20:17:47 | 000,132,016 | R--- | M] (InstallShield Software Corporation) - D:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.03.26 01:35:42 | 000,004,286 | R--- | M] () - D:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2008.03.26 01:35:42 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008.03.26 01:35:57 | 000,000,382 | R--- | M] () - D:\autorun.ini -- [ UDF ]
O33 - MountPoints2\{15c19aee-f8e5-11e0-8c27-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{15c19aee-f8e5-11e0-8c27-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2008.04.02 20:17:47 | 000,132,016 | R--- | M] (InstallShield Software Corporation)
O33 - MountPoints2\{5b093440-f973-11e0-9205-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5b093440-f973-11e0-9205-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\autorun.exe -- [2008.04.02 20:17:47 | 000,132,016 | R--- | M] (InstallShield Software Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.29 16:41:38 | 000,000,000 | ---D | C] -- C:\Users\Johnny\AppData\Roaming\Malwarebytes
[2012.07.29 16:41:29 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.29 16:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.29 16:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.29 16:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\lvezxbcpeygiqxe
[2012.07.27 08:34:15 | 000,000,000 | ---D | C] -- C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012.07.27 08:34:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.07.27 02:15:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012.07.27 02:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2012.07.24 03:31:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.07.24 03:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Toolz
[2012.07.22 08:12:25 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.07.14 02:29:11 | 000,000,000 | ---D | C] -- C:\Users\Johnny\AppData\Roaming\HexChat
[2012.07.14 02:29:11 | 000,000,000 | ---D | C] -- C:\Users\Johnny\Documents\Downloads
[2012.07.14 02:29:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
[2012.07.14 02:29:01 | 000,000,000 | ---D | C] -- C:\Program Files\HexChat
[2012.07.12 17:25:24 | 000,000,000 | ---D | C] -- C:\Users\Johnny\temp
[2012.07.10 23:46:52 | 000,000,000 | ---D | C] -- C:\Users\Johnny\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.07.06 23:41:38 | 000,000,000 | ---D | C] -- C:\Users\Johnny\AppData\Roaming\FileZilla
[2012.07.06 23:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2012.07.06 23:41:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2012.07.04 10:33:30 | 000,000,000 | ---D | C] -- C:\Users\Johnny\AppData\Local\Spotify
[2012.07.04 10:33:05 | 000,000,000 | ---D | C] -- C:\Users\Johnny\AppData\Roaming\Spotify
[2012.06.30 02:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skyrim Online
[2012.06.29 23:52:31 | 000,000,000 | ---D | C] -- C:\Users\Johnny\AppData\Roaming\Subversion
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.29 18:20:24 | 000,000,020 | ---- | M] () -- C:\Users\Johnny\defogger_reenable
[2012.07.29 18:07:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.29 18:06:58 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.29 18:05:15 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.29 16:49:51 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.29 16:49:51 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.29 16:41:29 | 000,000,741 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.29 16:23:30 | 000,000,051 | ---- | M] () -- C:\ProgramData\onaqqgeuwpljpym
[2012.07.29 16:22:35 | 000,061,440 | ---- | M] () -- C:\ProgramData\mikrpkuh.exe
[2012.07.29 16:14:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.29 16:11:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2207117133-1807797786-3764408827-1000UA.job
[2012.07.29 15:36:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.29 14:34:00 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2207117133-1807797786-3764408827-1000UA.job
[2012.07.29 11:11:01 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2207117133-1807797786-3764408827-1000Core.job
[2012.07.28 07:06:56 | 004,503,728 | ---- | M] () -- C:\ProgramData\zak_lo0i7g.pad
[2012.07.27 23:34:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2207117133-1807797786-3764408827-1000Core.job
[2012.07.27 16:45:11 | 000,107,832 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.07.27 16:45:11 | 000,107,832 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.07.27 02:17:43 | 004,894,480 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.27 02:15:40 | 000,000,655 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012.07.27 01:48:11 | 002,337,865 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.07.26 21:09:04 | 000,000,517 | ---- | M] () -- C:\Users\Johnny\Documents\ax_files.xml
[2012.07.26 00:46:32 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.07.24 15:40:46 | 000,015,872 | ---- | M] () -- C:\Users\Johnny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.24 03:22:13 | 046,503,051 | ---- | M] () -- C:\Users\Johnny\Documents\Amateur Blonde German girl fuck (good doggystyle)  xHamster.com.flv
[2012.07.22 01:13:14 | 000,054,899 | ---- | M] () -- C:\Users\Johnny\Desktop\Unbenannt.png
[2012.07.22 01:13:13 | 000,000,132 | ---- | M] () -- C:\Users\Johnny\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.07.21 06:33:44 | 004,503,728 | ---- | M] () -- C:\ProgramData\kp_0loor.pad
[2012.07.19 23:12:13 | 000,001,362 | ---- | M] () -- C:\Users\Johnny\Desktop\pwz.exe - Verknüpfung.lnk
[2012.07.19 23:11:31 | 000,001,437 | ---- | M] () -- C:\Users\Johnny\Desktop\Clone Wars.lnk
[2012.07.19 23:11:24 | 000,001,500 | ---- | M] () -- C:\Users\Johnny\Desktop\Space Addon.lnk
[2012.07.18 01:38:27 | 000,018,453 | ---- | M] () -- C:\Users\Johnny\Desktop\chinese-symbol-for-freedom.jpg
[2012.07.15 00:23:39 | 000,001,576 | ---- | M] () -- C:\Users\Johnny\Desktop\Google Chrome.lnk
[2012.07.14 02:36:47 | 000,001,336 | ---- | M] () -- C:\Users\Johnny\Desktop\HEXCHAT-IRC.lnk
[2012.07.06 23:41:33 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2012.07.04 01:13:18 | 000,000,352 | ---- | M] () -- C:\Users\Johnny\AppData\Roaming\Network Meter_Settings.ini
[2012.07.04 01:10:52 | 000,000,241 | ---- | M] () -- C:\Users\Johnny\AppData\Roaming\GPU Meter_Settings.ini
[2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.01 21:30:36 | 001,619,132 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.01 21:30:36 | 000,698,748 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.01 21:30:36 | 000,654,066 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.01 21:30:36 | 000,148,944 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.01 21:30:36 | 000,121,898 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.29 18:20:23 | 000,000,020 | ---- | C] () -- C:\Users\Johnny\defogger_reenable
[2012.07.29 16:41:29 | 000,000,741 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.29 16:23:29 | 000,061,440 | ---- | C] () -- C:\ProgramData\mikrpkuh.exe
[2012.07.29 16:22:37 | 000,000,051 | ---- | C] () -- C:\ProgramData\onaqqgeuwpljpym
[2012.07.28 07:06:56 | 004,503,728 | ---- | C] () -- C:\ProgramData\zak_lo0i7g.pad
[2012.07.27 02:15:40 | 000,000,655 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012.07.26 16:57:53 | 000,140,914 | ---- | C] () -- C:\Users\Johnny\Desktop\TESV 2012-01-20 20-23-45-68.jpg
[2012.07.26 16:56:54 | 000,100,051 | ---- | C] () -- C:\Users\Johnny\Desktop\Mafia2 2012-04-07 23-47-04-04.jpg
[2012.07.24 03:31:47 | 000,000,708 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.07.24 03:12:59 | 046,503,051 | ---- | C] () -- C:\Users\Johnny\Documents\Amateur Blonde German girl fuck (good doggystyle)  xHamster.com.flv
[2012.07.21 06:33:44 | 004,503,728 | ---- | C] () -- C:\ProgramData\kp_0loor.pad
[2012.07.19 23:12:13 | 000,001,362 | ---- | C] () -- C:\Users\Johnny\Desktop\pwz.exe - Verknüpfung.lnk
[2012.07.19 23:11:31 | 000,001,437 | ---- | C] () -- C:\Users\Johnny\Desktop\Clone Wars.lnk
[2012.07.19 23:11:24 | 000,001,500 | ---- | C] () -- C:\Users\Johnny\Desktop\Space Addon.lnk
[2012.07.19 14:50:09 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.18 01:38:26 | 000,018,453 | ---- | C] () -- C:\Users\Johnny\Desktop\chinese-symbol-for-freedom.jpg
[2012.07.16 23:08:23 | 000,054,899 | ---- | C] () -- C:\Users\Johnny\Desktop\Unbenannt.png
[2012.07.14 02:36:47 | 000,001,336 | ---- | C] () -- C:\Users\Johnny\Desktop\HEXCHAT-IRC.lnk
[2012.07.06 23:41:33 | 000,002,004 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2012.07.04 01:10:52 | 000,000,241 | ---- | C] () -- C:\Users\Johnny\AppData\Roaming\GPU Meter_Settings.ini
[2012.06.25 01:31:12 | 060,278,189 | ---- | C] () -- C:\Users\Johnny\AppData\Roaming\.minecraft.rar
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.04.06 22:01:16 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012.03.14 21:40:42 | 000,017,836 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2012.03.14 21:40:40 | 006,904,040 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2012.03.11 19:15:32 | 000,151,836 | ---- | C] () -- C:\Users\Johnny\GEDC2435.JPG
[2012.03.11 19:15:32 | 000,137,062 | ---- | C] () -- C:\Users\Johnny\GEDC2426.JPG
[2012.02.17 00:50:21 | 000,043,009 | ---- | C] () -- C:\Users\Johnny\gay_hitler.jpg
[2012.02.03 21:36:06 | 000,015,872 | ---- | C] () -- C:\Users\Johnny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.27 23:43:19 | 000,000,949 | ---- | C] () -- C:\Program Files (x86)\Programme (x86) - Verknüpfung.lnk
[2012.01.14 21:24:21 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.01.14 21:21:12 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2011.12.15 06:39:42 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.11.24 20:01:02 | 000,051,270 | ---- | C] () -- C:\Users\Johnny\AppData\Roaming\room_v3.dat
[2011.11.14 19:50:03 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.11.07 00:28:50 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011.11.05 22:34:05 | 000,000,132 | ---- | C] () -- C:\Users\Johnny\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.10.23 08:56:16 | 004,738,560 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011.10.21 23:30:21 | 000,007,593 | ---- | C] () -- C:\Users\Johnny\AppData\Local\Resmon.ResmonCfg
[2011.10.18 12:33:48 | 001,640,718 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.17 22:19:23 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.10.17 22:19:22 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.10.17 22:19:22 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.10.17 21:26:57 | 000,000,352 | ---- | C] () -- C:\Users\Johnny\AppData\Roaming\Network Meter_Settings.ini
[2011.10.17 20:57:19 | 000,000,412 | ---- | C] () -- C:\Users\Johnny\AppData\Roaming\All CPU Meter_Settings.ini
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.25 18:56:26 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011.07.12 17:56:50 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.01.04 15:28:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
 
========== LOP Check ==========
 
[2012.06.29 21:37:11 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\.minecraft
[2012.06.28 20:55:38 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\.Nitrous
[2012.06.13 20:41:51 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Audacity
[2012.07.24 17:18:23 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Azureus
[2012.07.10 23:46:52 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.06.09 15:18:00 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\DVDVideoSoft
[2012.07.19 23:10:55 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\FileZilla
[2011.11.05 21:20:52 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\FireShot
[2012.01.14 21:33:47 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\FreeVideoConverter
[2012.07.14 02:44:18 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\HexChat
[2012.04.13 15:38:26 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\HyperLobby
[2012.05.19 15:46:05 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\MAXON
[2011.12.18 21:02:44 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\OpenOffice.org
[2012.02.21 21:53:43 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Origin
[2012.03.05 00:48:23 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Petroglyph
[2011.11.05 16:00:00 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Publish Providers
[2011.10.18 13:12:51 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\PunkBuster
[2012.03.22 21:08:21 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Rovio
[2011.11.20 00:30:24 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Screaming Bee
[2011.11.05 14:12:25 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Shark007
[2012.04.18 02:52:12 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Software Informer
[2011.11.05 18:21:22 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Sony
[2011.11.05 18:30:28 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Sony Creative Software Inc
[2012.07.04 19:59:21 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Spotify
[2011.10.22 02:55:25 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.06.29 23:52:31 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Subversion
[2012.06.06 19:07:36 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\SynthMaker
[2011.10.22 07:07:38 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\System
[2012.04.18 20:11:02 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\TeamViewer
[2012.01.27 23:39:38 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\The Creative Assembly
[2011.12.29 20:55:36 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\ts3overlay
[2011.12.26 16:26:56 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\TuneUp Software
[2012.07.27 18:06:02 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Tunngle
[2012.04.14 19:08:14 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Ubisoft
[2011.11.29 16:54:07 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Unity
[2012.03.06 17:45:26 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\wargaming.net
[2011.11.05 14:11:37 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Win7codecs
[2011.10.22 07:43:10 | 000,000,000 | -HSD | M] -- C:\Users\Johnny\AppData\Roaming\wyUpdate AU
[2012.07.27 23:34:00 | 000,001,120 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2207117133-1807797786-3764408827-1000Core.job
[2012.07.29 14:34:00 | 000,001,142 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2207117133-1807797786-3764408827-1000UA.job
[2012.06.11 12:51:08 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

Extra.TXT

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 29.07.2012 22:06:05 - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = G:\Downloads\Firefox Download
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 58,02% Memory free
6,00 Gb Paging File | 4,58 Gb Available in Paging File | 76,32% Paging File free
Paging file location(s): c:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 75,04 Gb Total Space | 11,24 Gb Free Space | 14,98% Space Free | Partition Type: NTFS
Drive D: | 4,79 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 390,62 Gb Total Space | 44,86 Gb Free Space | 11,48% Space Free | Partition Type: NTFS
 
Computer Name: JOHNNY-PC | User Name: Johnny | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- G:\Programme\Mozilla\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "G:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- G:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "G:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "G:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- G:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "G:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7522EA5D-8AEB-4FAB-A0B3-4A893A8059ED}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{756568D3-C012-4925-9354-A888D193FE06}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{DF12C5F2-C1D1-402B-91E9-03500D4F0027}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C15972-C60C-4FE7-943E-E905C7A445EE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{03FE0D73-F38F-49C0-B84B-1754A902D199}" = protocol=17 | dir=in | app=g:\programme\spiele\mass effect 3\binaries\win32\masseffect3.exe | 
"{061F1AC2-2572-426A-94CD-87E1C4C747C4}" = protocol=17 | dir=in | app=g:\programme\spiele\mass effect\masseffectlauncher.exe | 
"{06206C6B-6109-4CF2-94E9-42333B000875}" = protocol=6 | dir=in | app=g:\programme\steam(c)\steamapps\johnnyhaas\half-life 2 deathmatch\hl2.exe | 
"{0F5FE273-A4C0-4215-B733-C921561F28F5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 
"{1163DC33-E68E-4916-BD0C-71AB4B3D6CAF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 
"{11C7A929-57C1-4B6A-8C36-EB486601B79C}" = dir=out | app=g:\programme\spiele\max payne 3\playmaxpayne3.exe | 
"{121A11B9-16C3-4E28-8C75-54A705C27B50}" = protocol=6 | dir=in | app=g:\programme\spiele\empire at war - forces of corruption\swfoc.exe | 
"{127964A0-AD9C-415E-A62F-BB8EB4F2009E}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{150D5B67-A883-41D3-A947-E052D12F3F33}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe | 
"{19147BD2-14A2-4CCA-B847-412B300D62D1}" = protocol=6 | dir=in | app=g:\programme\spiele\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{20CA8463-0CFB-475F-AFC3-31E0CB9C73C5}" = protocol=6 | dir=in | app=g:\programme\spiele\css\counter-strike source\hl2.exe | 
"{239B140D-01BB-4FE0-9A06-435C2353E62F}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed ii\assassinscreediigame.exe | 
"{263EEE8F-C551-41C7-B497-DBD2658A8D42}" = protocol=6 | dir=in | app=g:\programme\spiele\empire at war\gamedata\sweaw.exe | 
"{26A2C2C3-C3A0-4530-9534-AA192A92F5A7}" = protocol=17 | dir=in | app=g:\programme\steam(c)\steamapps\common\universe sandbox\universe sandbox.exe | 
"{26A99933-9CC0-4057-86A7-DC4E00AC422A}" = dir=in | app=g:\programme\skype\phone\skype.exe | 
"{271CE6D0-A72F-4C96-8656-CA8104340FB4}" = protocol=17 | dir=in | app=g:\programme\spiele\dead island\deadislandgame.exe | 
"{28C2C92C-E380-4C3E-862A-EB14AA22130A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{2A5EB3BE-0F04-41E0-BCBD-80F9AF3B3378}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed relevations\assassinscreedrevelations.exe | 
"{2A764233-00B1-427B-866E-A0C0D6F967C4}" = protocol=17 | dir=in | app=g:\programme\spiele\empire at war - forces of corruption\swfoc.exe | 
"{2EFE500D-E041-46C7-A222-B2CFB86486F8}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{32227D6B-F0D9-401B-BAE3-65A6DF498573}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 
"{334093DF-FA73-4421-BE75-5E25B59E6295}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\mass effect 3 demo\binaries\win32\masseffect3demo.exe | 
"{341E037C-D41E-4A3C-AFE3-7C24223B7895}" = protocol=6 | dir=in | app=g:\programme\steam(c)\steam.exe | 
"{35B4371D-5CD2-4ED7-84BE-98C8901CB983}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed ii\assassinscreedii.exe | 
"{372EE8BA-C6E5-49CC-A68C-4462066E3AD4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{37D41861-BBA9-4A1D-8853-4FD7012AF188}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 
"{3807C82A-D3B7-491E-A18D-6F09302FAE7B}" = dir=in | app=c:\users\johnny\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{39AE4E6F-AEEE-4E57-B959-FE50B0AA487B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{3DEAD756-3B7D-4AFA-9D47-0C199B9847FE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{3E837CB0-471C-4470-A476-A24721FBBF8E}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed brotherhood\acbsp.exe | 
"{41A96AEB-7736-4C7A-B902-BD48B3FEFF2D}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{4314097D-F527-4C9B-9341-3D6F481B7050}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed brotherhood\acbmp.exe | 
"{475420E6-65B0-473A-9852-9B824A4CE982}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed relevations\acrsp.exe | 
"{48247425-408A-4FBC-9098-6046FD7A76F0}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed ii\uplaybrowser.exe | 
"{4A94FA6C-3EBD-4450-8A8A-0C88DE5B73D8}" = protocol=6 | dir=in | app=g:\programme\teamviewer\version6\teamviewer.exe | 
"{4AF0B933-19C9-494F-8312-BD5F477B5030}" = protocol=17 | dir=in | app=g:\programme\spiele\james bond 007 - blood stone\bond.exe | 
"{4C206C82-FBB0-4B0A-B492-9BE6DFD1B829}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed ii\server.exe | 
"{4F7CF2E6-A75C-4850-9469-735396526F60}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 
"{51E80856-A815-49EB-944D-9D012A4CDD90}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed brotherhood\uplaybrowser.exe | 
"{52111031-5B7C-4BD8-BF14-9B6B3ECD14E8}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{53EE7477-FB42-4076-BC07-F5A67304D5F7}" = dir=out | app=g:\programme\spiele\dirt showdown\showdown.exe | 
"{5B6DC474-99FC-4D0C-9F2F-84FDD81FC37C}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{5EA1B428-6C06-4D64-B0EF-575E13A72221}" = dir=out | app=g:\programme\spiele\dirt 3\dirt3.exe | 
"{5F1AE978-4DDE-4E0F-8B03-C24AFB674AA7}" = protocol=17 | dir=in | app=g:\programme\spiele\battlefield 3\bf3.exe | 
"{602583B0-B7F8-419F-8FF4-72E045EED544}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed relevations\acrmp.exe | 
"{603F0741-5D1A-425C-92DE-0D919C8A7E16}" = protocol=17 | dir=in | app=g:\programme\spiele\world of tanks\world_of_tanks\worldoftanks.exe | 
"{6356B095-54C8-48AE-9ED1-06CAD9F444AA}" = protocol=17 | dir=in | app=g:\programme\spiele\skype\phone\skype.exe | 
"{64383BDA-9748-4621-983C-D69ED312BD8F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{64589533-0FD0-4C35-893F-43E24E111362}" = protocol=6 | dir=in | app=g:\programme\spiele\bohemia interactive\arma 2\arma2oa.exe | 
"{65AD3CCA-6EAF-42BA-89EC-15623DD7CC67}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 
"{665C2555-8478-444D-B7CD-AF3D9B15CA87}" = protocol=6 | dir=in | app=g:\programme\tunngle\tnglctrl.exe | 
"{6F95F2D4-7D50-4DA3-B38B-EA7577E2BF27}" = protocol=17 | dir=in | app=g:\programme\spiele\mass effect 2\masseffect2launcher.exe | 
"{728D5ABE-409D-473C-951C-CEEC20D8A9E8}" = protocol=6 | dir=in | app=g:\programme\spiele\mass effect 3\binaries\win32\masseffect3.exe | 
"{72D2F72B-6C56-43B2-A03D-8E53735886D5}" = protocol=17 | dir=in | app=g:\programme\spiele\dirt 3\dirt3_game.exe | 
"{7541501E-12DB-4F24-B5B3-00480B2D74A8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 
"{76A339C8-32F1-4D61-995D-FD6BEE8DCA4F}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | 
"{78113406-0E46-41CC-B1AD-1180C9B0C4A5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{78EF28BB-4CE3-474E-AB7B-636D379580F3}" = protocol=6 | dir=in | app=g:\programme\spiele\battlefield 3\bf3.exe | 
"{790103A5-DF4E-4FFE-A65E-8B9B2DCF2DEC}" = protocol=6 | dir=in | app=g:\programme\spiele\mass effect 2\masseffect2launcher.exe | 
"{79CB381E-32D2-41F9-B9A1-ED9D3EF1F8A1}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe | 
"{7D585604-A8CE-48CC-A330-88CC421CB9BC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{7DBA8ED4-2273-48F0-9419-36D67409DFBA}" = protocol=6 | dir=in | app=g:\programme\spiele\warzone 2100-3.1_beta2\warzone2100.exe | 
"{7F082FAE-4AC9-4D90-87CA-3D442B48B385}" = protocol=6 | dir=in | app=g:\programme\spiele\world of tanks\world_of_tanks\worldoftanks.exe | 
"{8061161A-2C37-4B6F-B44C-8C2D763BA44C}" = protocol=6 | dir=in | app=g:\programme\spiele\mass effect 2\binaries\masseffect2.exe | 
"{86348143-599E-40DA-8012-F6B0527400A9}" = protocol=17 | dir=in | app=g:\programme\spiele\battlefield bad company 2\bfbc2updater.exe | 
"{874DD55C-F8C3-48E7-9672-A7022C2D3727}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{88A48E8C-B031-4152-AA46-C8827147EC56}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 
"{8A24A664-FA09-41DC-AA46-9B9A36C4A02A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\mass effect 3 demo\binaries\win32\masseffect3demo.exe | 
"{8CDE33ED-93C0-49D1-AC57-81D6FB89E272}" = protocol=6 | dir=in | app=g:\programme\tunngle\tnglctrl.exe | 
"{9269BCFD-0956-4C00-B664-542B7051632F}" = protocol=17 | dir=in | app=g:\programme\spiele\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{929F4659-359C-4DE5-BC5E-C935F28849C6}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed ii\assassinscreediigame.exe | 
"{95884813-AD97-4CC7-ADDB-F1B1D0CAE8A6}" = protocol=6 | dir=in | app=g:\programme\spiele\james bond 007 - blood stone\bond.exe | 
"{978FA8F4-571F-4CEE-A741-234C518FA752}" = protocol=6 | dir=in | app=g:\programme\spiele\mass effect\masseffectlauncher.exe | 
"{9E921D97-813B-4D08-90AE-D757FA3A202A}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | 
"{9F0CBB59-7AEB-411C-B348-43EAFF62B7A1}" = dir=out | app=g:\programme\spiele\max payne 3\maxpayne3.exe | 
"{9F30FA94-884D-46CC-B898-F82ECEC28B91}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed ii\assassinscreedii.exe | 
"{9F9BD414-2EF7-4FAF-B1BE-FBED6FBBA423}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{A15935D1-DE1E-49CB-916A-6059239220D3}" = protocol=6 | dir=in | app=g:\programme\spiele\skype\phone\skype.exe | 
"{A15A8215-93C1-4795-BD53-F5A8171B32F4}" = protocol=6 | dir=in | app=g:\programme\teamviewer\version6\teamviewer_service.exe | 
"{A27FD3C1-8DB2-42BA-8CC1-084AAAC1D840}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe | 
"{A3508D0C-20C8-42FB-A778-9ED70409B46A}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed ii\uplaybrowser.exe | 
"{A3EC7CC5-7CFB-41B1-AD30-ED1C96672068}" = protocol=17 | dir=in | app=g:\programme\teamviewer\version6\teamviewer.exe | 
"{AA44B0B8-49AA-417F-903B-4DED905EA0BA}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe | 
"{ABABB208-BDE3-4439-A08B-3626F72B7479}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed brotherhood\uplaybrowser.exe | 
"{ABEAC59E-7CF8-4A76-87FF-E0AB691BE77A}" = protocol=17 | dir=in | app=g:\programme\tunngle\tnglctrl.exe | 
"{B205285D-FFBD-4F09-9FB2-CF1F10A49BFB}" = protocol=17 | dir=in | app=g:\programme\spiele\bohemia interactive\arma 2\arma2oa.exe | 
"{B2269394-58CC-4EF5-9733-8ED107D856BE}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{B6863466-BF99-48C9-9DCF-DC6DB41D9ECC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{B814E876-C5A5-4FDA-9F33-F2D06A92721D}" = protocol=17 | dir=in | app=g:\programme\steam(c)\steamapps\johnnyhaas\half-life 2 deathmatch\hl2.exe | 
"{BA3FF501-99AB-4F83-8691-EE6AB3254B42}" = protocol=6 | dir=in | app=g:\programme\spiele\dead island\deadislandgame.exe | 
"{BBCB07F0-0605-4D30-93E6-C9C94F203A1C}" = protocol=17 | dir=in | app=g:\programme\tunngle\tnglctrl.exe | 
"{BC87D696-F7D1-4A20-AE63-732659D8A04C}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\far cry 2\bin\fc2editor.exe | 
"{BCDDC384-8077-47B2-A682-32EE8BC57C64}" = protocol=17 | dir=in | app=g:\programme\spiele\mass effect 2\binaries\masseffect2.exe | 
"{C2EB7166-9B31-4E82-A53F-7AA8E5259201}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed relevations\acrmp.exe | 
"{C5F954B6-1378-4C6C-ABFD-48452DA95385}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{C6842E32-62FD-4870-99F6-1140400000A6}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\far cry 2\bin\farcry2.exe | 
"{C688B3AB-FDFC-4698-856D-B69FDD32B043}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed ii\server.exe | 
"{C7F6DC46-F95D-4E6B-9DDF-A12A5349D38A}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed brotherhood\acbsp.exe | 
"{C8A9A40B-3057-41FF-9D9E-AEB88227379D}" = protocol=6 | dir=in | app=g:\programme\spiele\battlefield bad company 2\bfbc2updater.exe | 
"{D268DBD7-1800-4A89-9934-842F207877EC}" = protocol=6 | dir=in | app=g:\programme\spiele\dirt 3\dirt3_game.exe | 
"{D298E5C9-4E64-42B6-A8E6-30BB49BCA525}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\far cry 2\bin\farcry2.exe | 
"{D4CB7926-1CCA-4609-B357-2EE3BB94957F}" = protocol=6 | dir=in | app=g:\programme\spiele\world of tanks\world_of_tanks\wotlauncher.exe | 
"{D4E35219-AC41-4FDC-B629-7DD2205358E7}" = dir=out | app=g:\programme\spiele\dirt 3\dirt3_game.exe | 
"{D5B1D7FF-86D4-4103-9E3D-94BBC096F914}" = protocol=6 | dir=in | app=g:\programme\tunngle\tunngle.exe | 
"{D6163373-DC01-49D5-BE79-8B0C3E27F300}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed brotherhood\acbmp.exe | 
"{D8AE88C2-4595-4E43-81E8-FF7235596458}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\far cry 2\bin\fc2editor.exe | 
"{D943271A-8CCD-4E5F-97E1-1CF11F73695B}" = protocol=17 | dir=in | app=g:\programme\tunngle\tunngle.exe | 
"{DDAD0306-0AA7-42F6-8BBE-BC6481C36FD7}" = protocol=6 | dir=in | app=g:\programme\spiele\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{DE094267-0C70-4D14-B9A0-735DDC57B2D9}" = protocol=6 | dir=in | app=g:\programme\tunngle\tunngle.exe | 
"{DE6B6484-0FB0-4978-8CE3-713EE70D9E56}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{DFA4488C-9FB8-4089-B381-BE24D3918794}" = protocol=17 | dir=in | app=g:\programme\spiele\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{E0B7DD06-A864-4C3A-8D18-3453BF895236}" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{E14F887D-6A7F-443D-B20C-094A20BFC69A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 
"{E206F713-5969-418E-A55D-D6C4111BDA0E}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed relevations\assassinscreedrevelations.exe | 
"{E50E5D1F-2738-4CF5-BC5C-E4A4C51850EE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{E5133C03-F277-4D2E-AFA1-91E555486579}" = protocol=17 | dir=in | app=g:\programme\steam(c)\steam.exe | 
"{E5A4BBE4-2245-4296-AAC3-2935C95936F9}" = protocol=17 | dir=in | app=g:\programme\tunngle\tunngle.exe | 
"{E6379AB4-3D8E-4227-9166-4CA0E48CF0F6}" = protocol=17 | dir=in | app=g:\programme\teamviewer\version6\teamviewer_service.exe | 
"{E6D92A0B-4DEC-4906-B972-865D9B410D97}" = protocol=17 | dir=in | app=g:\programme\spiele\world of tanks\world_of_tanks\wotlauncher.exe | 
"{E9069CE2-F447-4E73-9068-23F121A9F222}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{EEBBCD5F-B7A3-492E-8CC8-989A5A2A0432}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe | 
"{EF4A282E-4DAF-4219-BB9D-D04AFDDF7885}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{F27C72C5-4CA9-429F-B082-95DEC2DF5161}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 
"{F50F4A3E-A6BE-4454-8F00-192E93E9D3E0}" = protocol=17 | dir=in | app=g:\programme\spiele\empire at war\gamedata\sweaw.exe | 
"{F60333E6-907F-4238-8B7E-CD0758EDDD03}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 
"{F6CCF8A4-C609-4FCB-B1EF-756C511B3BEA}" = protocol=17 | dir=in | app=g:\programme\spiele\css\counter-strike source\hl2.exe | 
"{F7400F63-6289-4E41-9F2B-132FC955599D}" = protocol=17 | dir=in | app=g:\programme\spiele\mass effect\binaries\masseffect.exe | 
"{FB812371-62A8-434C-9024-D49CEE3A9C14}" = protocol=6 | dir=in | app=g:\programme\spiele\mass effect\binaries\masseffect.exe | 
"{FC8B8B6F-D4A1-4E2B-A0F7-09BDB976EFA5}" = protocol=6 | dir=in | app=g:\programme\steam(c)\steamapps\common\universe sandbox\universe sandbox.exe | 
"{FE2F27E6-CB91-4334-896B-ED79C667AA11}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed relevations\acrsp.exe | 
"{FE6366CE-6177-4536-B4D5-163266B59F5E}" = protocol=17 | dir=in | app=g:\programme\spiele\warzone 2100-3.1_beta2\warzone2100.exe | 
"{FEE43ABC-1A50-4B4E-A5FA-B66751B00FD1}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 
"{FF9EEF12-43CB-476E-A4FA-8AE57D7115F2}" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe | 
"TCP Query User{047E30E7-9374-4C3A-A845-A620BCD129E9}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"TCP Query User{07129B8A-2556-4E36-9CD0-9AE8CCB00CB5}G:\programme\spiele\battlefield play 4 free\bfp4f.exe" = protocol=6 | dir=in | app=g:\programme\spiele\battlefield play 4 free\bfp4f.exe | 
"TCP Query User{1F21EF37-22C7-4F0F-8136-F4D9D4A76797}G:\programme\spiele\spec ops the line\binaries\win32\specopstheline.exe" = protocol=6 | dir=in | app=g:\programme\spiele\spec ops the line\binaries\win32\specopstheline.exe | 
"TCP Query User{29DDD8E9-A89F-4FBD-80EB-1FCB201472D5}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"TCP Query User{3005D61C-1E59-4C6A-9937-603B31A469FE}G:\programme\spiele\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=g:\programme\spiele\battlefield bad company 2\bfbc2game.exe | 
"TCP Query User{3A0C8DD8-36AC-4E96-B602-E85AF2DFF42D}G:\programme\spiele\warzone 2100-2.3.9\warzone2100.exe" = protocol=6 | dir=in | app=g:\programme\spiele\warzone 2100-2.3.9\warzone2100.exe | 
"TCP Query User{50C8088E-AD8C-4EEB-A9FC-EFE8E05CF683}G:\programme\spiele\saints row the third\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=g:\programme\spiele\saints row the third\saintsrowthethird_dx11.exe | 
"TCP Query User{52CBE89C-E151-4B82-8131-E46971DBDA4F}G:\programme\spiele\warzone 2100-3.1_beta2\warzone2100.exe" = protocol=6 | dir=in | app=g:\programme\spiele\warzone 2100-3.1_beta2\warzone2100.exe | 
"TCP Query User{5E65232C-13B4-4E97-8985-C621A4C1B9E2}G:\programme\spiele\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=g:\programme\spiele\rockstar games\grand theft auto iv\gtaiv.exe | 
"TCP Query User{701EEFB1-F50F-43E6-B676-9630196B81B9}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{7C3E5FC7-6DC1-4DF9-83A5-39B8D4C6E550}G:\programme\spiele\ubisoft\tom clancy's rainbow six vegas 2\binaries\rainbowsixvegas2_sads.exe" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\tom clancy's rainbow six vegas 2\binaries\rainbowsixvegas2_sads.exe | 
"TCP Query User{7DD548AA-4CD6-4F18-AFA0-421DA1172486}G:\programme\spiele\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=g:\programme\spiele\battlefield bad company 2\bfbc2game.exe | 
"TCP Query User{9858547D-1E27-41C9-B548-67D4D1B7E47C}C:\users\johnny\appdata\local\temp\7zo9453.tmp\tcct.exe" = protocol=6 | dir=in | app=c:\users\johnny\appdata\local\temp\7zo9453.tmp\tcct.exe | 
"TCP Query User{B0A3887C-EB6E-4E5D-A33D-98E113F41B9D}C:\program files\hexchat\hexchat.exe" = protocol=6 | dir=in | app=c:\program files\hexchat\hexchat.exe | 
"TCP Query User{B8472349-E82D-4375-BA02-604340134785}G:\programme\spiele\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=g:\programme\spiele\call of duty - black ops\blackops.exe | 
"TCP Query User{BA6A6038-6562-4D83-8687-B790B17A3CAF}G:\programme\spiele\il-2 sturmovik 1946\il2fb.exe" = protocol=6 | dir=in | app=g:\programme\spiele\il-2 sturmovik 1946\il2fb.exe | 
"TCP Query User{C24EC1D7-98B0-4348-B274-1420480FEC5A}G:\programme\spiele\world of tanks\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=g:\programme\spiele\world of tanks\world_of_tanks\worldoftanks.exe | 
"TCP Query User{D30EB6A4-F782-404D-8ADB-260D1C980E6A}G:\programme\morphvox\morphvoxpro.exe" = protocol=6 | dir=in | app=g:\programme\morphvox\morphvoxpro.exe | 
"TCP Query User{E0F60D23-BA0A-45D3-8FA3-D994810FDA6F}G:\programme\spiele\il-2 cliffs of dover\launcher.exe" = protocol=6 | dir=in | app=g:\programme\spiele\il-2 cliffs of dover\launcher.exe | 
"TCP Query User{E26C60C6-0BA7-4363-B42D-8BB23EC44682}G:\programme\spiele\skype\phone\skype.exe" = protocol=6 | dir=in | app=g:\programme\spiele\skype\phone\skype.exe | 
"TCP Query User{E7E93603-4E5B-4AC8-859D-4AAF53B80C90}G:\programme\spiele\world of tanks\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=g:\programme\spiele\world of tanks\world_of_tanks\wotlauncher.exe | 
"TCP Query User{E9230689-63B9-4ED0-8F03-BF6F7F5C9A1B}G:\programme\spiele\ubisoft\assassin's creed brotherhood\acbsp.exe" = protocol=6 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed brotherhood\acbsp.exe | 
"TCP Query User{F3BFD6DC-1812-435E-BE90-A42FBFD08C5F}G:\programme\xfire\xfire.exe" = protocol=6 | dir=in | app=g:\programme\xfire\xfire.exe | 
"UDP Query User{07DF4094-0221-4114-A999-176F7A9391E2}G:\programme\spiele\spec ops the line\binaries\win32\specopstheline.exe" = protocol=17 | dir=in | app=g:\programme\spiele\spec ops the line\binaries\win32\specopstheline.exe | 
"UDP Query User{0C81A4A3-FA88-43AD-99A8-1014641A4FA7}G:\programme\xfire\xfire.exe" = protocol=17 | dir=in | app=g:\programme\xfire\xfire.exe | 
"UDP Query User{1D4C3340-5A4E-4BA9-B209-D8673C896F0F}G:\programme\spiele\saints row the third\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=g:\programme\spiele\saints row the third\saintsrowthethird_dx11.exe | 
"UDP Query User{309ED689-259E-4C10-8A35-8A355EF33548}G:\programme\spiele\battlefield play 4 free\bfp4f.exe" = protocol=17 | dir=in | app=g:\programme\spiele\battlefield play 4 free\bfp4f.exe | 
"UDP Query User{31ADA288-B0DE-4797-A609-28487F71D850}G:\programme\spiele\world of tanks\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=g:\programme\spiele\world of tanks\world_of_tanks\wotlauncher.exe | 
"UDP Query User{37840065-71E0-4B96-83CB-3E1AE60FB165}G:\programme\spiele\world of tanks\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=g:\programme\spiele\world of tanks\world_of_tanks\worldoftanks.exe | 
"UDP Query User{4F8387A9-2256-48A1-85BC-CC21E27DD085}G:\programme\spiele\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=g:\programme\spiele\call of duty - black ops\blackops.exe | 
"UDP Query User{531B154D-580E-4224-84CE-E2784B37B592}G:\programme\spiele\ubisoft\assassin's creed brotherhood\acbsp.exe" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\assassin's creed brotherhood\acbsp.exe | 
"UDP Query User{540FEA47-7B43-4A4A-B5CA-9DF577AED043}G:\programme\spiele\ubisoft\tom clancy's rainbow six vegas 2\binaries\rainbowsixvegas2_sads.exe" = protocol=17 | dir=in | app=g:\programme\spiele\ubisoft\tom clancy's rainbow six vegas 2\binaries\rainbowsixvegas2_sads.exe | 
"UDP Query User{66A5ABE7-8DEE-4DFF-8C74-FC775EA0ED4B}C:\users\johnny\appdata\local\temp\7zo9453.tmp\tcct.exe" = protocol=17 | dir=in | app=c:\users\johnny\appdata\local\temp\7zo9453.tmp\tcct.exe | 
"UDP Query User{7B6095E2-99D7-47CC-A139-D46079680122}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{9761872E-3A25-43AD-AE1E-415494BF102B}G:\programme\spiele\skype\phone\skype.exe" = protocol=17 | dir=in | app=g:\programme\spiele\skype\phone\skype.exe | 
"UDP Query User{9E4A4A8A-7A6F-4E0A-8BF1-4508606A9E4D}G:\programme\spiele\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=g:\programme\spiele\rockstar games\grand theft auto iv\gtaiv.exe | 
"UDP Query User{9FC98891-D9BC-418D-BFC6-61CFA96FB296}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{B365978F-C3B3-40C5-B18B-A95B104127E3}G:\programme\spiele\warzone 2100-2.3.9\warzone2100.exe" = protocol=17 | dir=in | app=g:\programme\spiele\warzone 2100-2.3.9\warzone2100.exe | 
"UDP Query User{B7F50A13-A428-480F-9D95-A0F422D8160F}G:\programme\spiele\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=g:\programme\spiele\battlefield bad company 2\bfbc2game.exe | 
"UDP Query User{C098C003-7C9E-4A11-A0DA-781E5AD1FDB8}C:\program files\hexchat\hexchat.exe" = protocol=17 | dir=in | app=c:\program files\hexchat\hexchat.exe | 
"UDP Query User{C1606200-8E5F-4FFC-A1A7-0215CDA12F21}G:\programme\spiele\warzone 2100-3.1_beta2\warzone2100.exe" = protocol=17 | dir=in | app=g:\programme\spiele\warzone 2100-3.1_beta2\warzone2100.exe | 
"UDP Query User{D0DC5E46-9D9C-40DE-B75B-9D41BA4BBE18}G:\programme\spiele\il-2 cliffs of dover\launcher.exe" = protocol=17 | dir=in | app=g:\programme\spiele\il-2 cliffs of dover\launcher.exe | 
"UDP Query User{F084A129-8CF6-4803-97FF-9BBFC25B0481}G:\programme\spiele\il-2 sturmovik 1946\il2fb.exe" = protocol=17 | dir=in | app=g:\programme\spiele\il-2 sturmovik 1946\il2fb.exe | 
"UDP Query User{F47DBB5E-C3C8-4806-BF6C-8866FF505D16}G:\programme\spiele\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=g:\programme\spiele\battlefield bad company 2\bfbc2game.exe | 
"UDP Query User{FA05D50B-1A32-4182-88F0-42238251547A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{FD374210-B970-48D0-8B90-B5EAD434F60E}G:\programme\morphvox\morphvoxpro.exe" = protocol=17 | dir=in | app=g:\programme\morphvox\morphvoxpro.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HexChat (x64)_is1" = HexChat (x64)
"MAXONFB05E576" = CINEMA 4D 13.058
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Nightly 14.0a1 (x64 en-US)" = Nightly 14.0a1 (x64 en-US)
"x64 Components_is1" = x64 Components v3.2.0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}" = Nero Kwik Media
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216E21F4-0489-4311-92D6-20D1FB950FCE}" = Sci-Fi Voice Pack
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 Platinum HD
"{29C042AB-059B-414C-840E-94775E3F24A8}" = Personality Voices
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{336E1A2D-E3EB-4846-B7D0-BD75BBBBC0A4}" = Deep Space Voices
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
"{434D0FA0-1558-4D8E-AC3D-BD1000008400}" = DiRT 3
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Kwik Themes 1
"{45BF4F8E-7BE7-4384-94C6-60AC70C401C6}" = Male Voice Pack
"{47957648-B46A-4211-85E1-01A15B6A1B45}" = Ace of Spades
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{578485F8-60F3-4C61-9183-0698E581B902}" = From Dust
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{602A1471-063B-4E03-9DCE-0210B914EFF5}" = Translator Fun Voice Pack
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{6592FDEC-2C1A-413A-9985-25FEC2F0848D}" = Star Wars Empire at War Forces of Corruption
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{675DD1E6-637A-4F0E-B6DE-26F45CC26092}_is1" = AC2 server emulator 0.44 by Dormine
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7083067F-42F5-41AF-8422-E22EA391791C}" = World In Conflict Editor
"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Kwik Themes 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71F8C486-8A13-468E-8B73-06051075556A}" = Female Voice Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7BB5E925-A3DD-48C2-9A82-017AF5982FFE}" = Facebook Messenger 2.1.4590.0
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{8061C2C9-C2A3-4550-A3FC-585B646840CB}" = Fantasy Voice Pack
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{85BEC8F6-9AA3-43FF-B56B-8276277137B3}" = Nero 10 Video TransitionPack 1
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A56A332-F833-45CF-9A20-6F3524054843}" = James Bond 007(TM) - Blood Stone
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1683CA7-4850-4A21-982B-C6D853C79AF7}" = Mass Effect™ 3 Demo
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}" = Nero 10 Kwik Themes 4
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A869FEA9-B223-4324-B130-008AC50B054B}" = HyperLobby client
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack
"{AEE602B3-C188-4A90-9F75-2B164A7D37F5}_is1" = Skyrim Online Version 1.0
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}" = Nero 10 Kwik Themes 3
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}" = MorphVOX Pro
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF3FE308-58F2-45E2-9BB0-6A993794AD5C}" = Galactic Voices
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}" = Nero 10 PiP EffectPack 1
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT: SOVIET ASSAULT
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FCFCFCFC-FCFC-FCFC-FCFC-FCFCFCFCFCFC}_is1" = DiRT 3 Profile Import version 1.0
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"ArmA2" = ArmA2 Uninstall
"ArtMoney SE_is1" = ArtMoney SE v7.38
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0
"Battlelog Web Plugins" = Battlelog Web Plugins
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DivX Setup" = DivX-Setup
"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v5.50
"FileZilla Client" = FileZilla Client 3.5.3
"FL Studio 10" = FL Studio 10
"Fraps" = Fraps (remove only)
"GAMI (Gta-Action Mod-Installer)" = GAMI (Gta-Action Mod-Installer)
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008400}" = DiRT 3
"InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"InstallShield_{8A56A332-F833-45CF-9A20-6F3524054843}" = James Bond 007(TM) - Blood Stone
"Just Cause 2_is1" = Just Cause 2
"LAME_is1" = LAME v3.99.3 (for Windows)
"Mafia 2 - All in On DLC Pack 1.00" = Mafia 2 - All in On DLC Pack 1.00
"Mafia II DLC Jimmy's Vendetta_is1" = Mafia II DLC Jimmy's Vendetta
"Mafia II_is1" = Mafia II DLC Joe's Adventures
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 13.0 (x86 de)" = Mozilla Firefox 13.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Massive" = Native Instruments Massive
"No23 Recorder" = No23 Recorder
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"RewardsArcade" = RewardsArcade
"Rockstar Games Social Club" = Rockstar Games Social Club
"Saints Row The Third_is1" = Saints Row The Third
"Spec Ops The Line_is1" = Spec Ops The Line
"SpeedFan" = SpeedFan (remove only)
"Star Wars - Empire at War - Forces of Corrution ~10C30A58_is1" = Version 3.0
"TeamViewer 7" = TeamViewer 7
"The Elder Scrolls V Skyrim - High Resolution Texture Pack_is1" = The Elder Scrolls V Skyrim - High Resolution Texture Pack
"The Walking Dead (c) 3_is1" = The Walking Dead (c) 3 version 1
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Tunngle beta_is1" = Tunngle beta
"VLC media player" = VLC media player 2.0.1
"Warzone 2100-2.3.9" = Warzone 2100-2.3.9
"Warzone 2100-3.1_beta2" = Warzone 2100-3.1_beta2
"WinLiveSuite" = Windows Live Essentials
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Xfire" = Xfire (remove only)
"xHamster Video Downloader_is1" = xHamster Video Downloader 3.26
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Black Hawk Down Map Pack v0.22b" = Black Hawk Down Map Pack v0.22b
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
"World in Conflict MW Mod 2.5" = World in Conflict MW Mod 2.5
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 26.07.2012 19:25:57 | Computer Name = Johnny-PC | Source = Application Hang | ID = 1002
Description = Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: b24    Startzeit: 01cd6b3ec38690cc    Endzeit: 60000    Anwendungspfad:
 C:\Windows\explorer.exe    Berichts-ID: 13103e84-d779-11e1-a92b-0025221be419  
 
Error - 26.07.2012 21:41:36 | Computer Name = Johnny-PC | Source = Application Hang | ID = 1002
Description = Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 588    Startzeit: 01cd6b8dd27374c6    Endzeit: 6    Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID:
 3098712a-d78c-11e1-805a-0025221be419  
 
Error - 26.07.2012 23:00:11 | Computer Name = Johnny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: R6Vegas2_Game.exe, Version: 0.0.0.0,
 Zeitstempel: 0x484efa91  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0x4000001f  Fehleroffset: 0x000a25d2  ID des fehlerhaften
 Prozesses: 0x31c  Startzeit der fehlerhaften Anwendung: 0x01cd6b9d3ee43488  Pfad der
 fehlerhaften Anwendung: G:\Programme\Spiele\Ubisoft\Tom Clancy's Rainbow Six Vegas
 2\Binaries\R6Vegas2_Game.exe  Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung:
 2dfbcd81-d797-11e1-a1d3-0025221be419
 
Error - 27.07.2012 10:33:18 | Computer Name = Johnny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 13.0.0.4535,
 Zeitstempel: 0x4fc8de63  Name des fehlerhaften Moduls: NPSWF32_11_3_300_268.dll_unloaded,
 Version: 0.0.0.0, Zeitstempel: 0x500addb8  Ausnahmecode: 0xc0000005  Fehleroffset: 
0x6a6dad23  ID des fehlerhaften Prozesses: 0x5b4  Startzeit der fehlerhaften Anwendung:
 0x01cd6c0455b5bfb3  Pfad der fehlerhaften Anwendung: G:\Programme\Mozilla\plugin-container.exe
Pfad
 des fehlerhaften Moduls: NPSWF32_11_3_300_268.dll  Berichtskennung: 01be26d5-d7f8-11e1-b10b-0025221be419
 
Error - 27.07.2012 14:18:06 | Computer Name = Johnny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 13.0.0.4535,
 Zeitstempel: 0x4fc8de63  Name des fehlerhaften Moduls: NPSWF32_11_3_300_268.dll_unloaded,
 Version: 0.0.0.0, Zeitstempel: 0x500addb8  Ausnahmecode: 0xc0000005  Fehleroffset: 
0x6d24ad23  ID des fehlerhaften Prozesses: 0xee0  Startzeit der fehlerhaften Anwendung:
 0x01cd6c23bd788802  Pfad der fehlerhaften Anwendung: G:\Programme\Mozilla\plugin-container.exe
Pfad
 des fehlerhaften Moduls: NPSWF32_11_3_300_268.dll  Berichtskennung: 68d5b845-d817-11e1-95db-0025221be419
 
Error - 27.07.2012 14:51:07 | Computer Name = Johnny-PC | Source = Application Hang | ID = 1002
Description = Programm NO$GBA.EXE, Version 0.0.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: b38    Startzeit: 
01cd6c28911b204d    Endzeit: 2    Anwendungspfad: G:\Programme\Spiele\NO GBA\NO$GBA_2.6a\NO$GBA.EXE

Berichts-ID:
 fb750f0a-d81b-11e1-95db-0025221be419  
 
Error - 27.07.2012 14:51:51 | Computer Name = Johnny-PC | Source = Application Hang | ID = 1002
Description = Programm NO$GBA.EXE, Version 0.0.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 91c    Startzeit: 
01cd6c28d0fd98fd    Endzeit: 1    Anwendungspfad: G:\Programme\Spiele\NO GBA\NO$GBA_2.6a\NO$GBA.EXE

Berichts-ID:
 1e490501-d81c-11e1-95db-0025221be419  
 
Error - 28.07.2012 03:22:53 | Computer Name = Johnny-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 28.07.2012 03:26:12 | Computer Name = Johnny-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "g:\downloads\firefox
 download\SoftonicDownloader_fuer_skyrim-deathstar-moon.exe". Fehler in  Manifest-
 oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 28.07.2012 03:26:16 | Computer Name = Johnny-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "g:\downloads\firefox
 download\SoftonicDownloader_fuer_skyrim-deathstar-moon.exe". Fehler in  Manifest-
 oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
[ System Events ]
Error - 29.07.2012 15:57:03 | Computer Name = Johnny-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.07.2012 16:02:04 | Computer Name = Johnny-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.07.2012 16:02:04 | Computer Name = Johnny-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.07.2012 16:04:10 | Computer Name = Johnny-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.07.2012 16:04:10 | Computer Name = Johnny-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.07.2012 16:06:02 | Computer Name = Johnny-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 29.07.2012 16:09:10 | Computer Name = Johnny-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.07.2012 16:09:10 | Computer Name = Johnny-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.07.2012 16:11:18 | Computer Name = Johnny-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.07.2012 16:11:18 | Computer Name = Johnny-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
 
< End of report >
         
--- --- ---


Und leider glaube ich das ich die Ausschlaggebenden Dateien schon mit einer anti malware gelöscht habe -.- anstatt sie in quarantäne zu setzen es könnte sein das die logs nichts aufweisen


Alt 29.07.2012, 22:31   #6
markusg
/// Malware-holic
 
Virus: Website kann nicht angezeigt werden. - Standard

Virus: Website kann nicht angezeigt werden.



dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [mikrpkuhednfjbj] C:\ProgramData\mikrpkuh.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
[2012.07.29 16:22:37 | 000,000,051 | ---- | C] () -- C:\ProgramData\onaqqgeuwpljpym
[2012.07.28 07:06:56 | 004,503,728 | ---- | C] () -- C:\ProgramData\zak_lo0i7g.pad
 :Files
C:\ProgramData\mikrpkuh.exe
:Commands
[Reboot]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus


gendes.
c:\Users\name\AppData\LocalLow\Sun\Java\Deployment\cache
dort rechtsklick auf den ordner cache, diesen mit winrar oder einem anderen programm packen, und im upload channel hochladen bitte
Trojaner-Board Upload Channel
__________________
--> Virus: Website kann nicht angezeigt werden.

Alt 29.07.2012, 22:52   #7
LiquidBlaze
 
Virus: Website kann nicht angezeigt werden. - Standard

Virus: Website kann nicht angezeigt werden.



Ich bin komplett neu hier .... was ist der upchannel und wie hilft mir das jetzt?

Zitat:
Zitat von LiquidBlaze Beitrag anzeigen
Ich bin komplett neu hier .... was ist der upchannel und wie hilft mir das jetzt?
Ich finde im C ordner keinen ordner Namens _OTL .... ich habe das programm auf dem Desktop also gibt es auch kein installtionsordner -.- naja un ich weiß nicht was ich machen soll

Alt 30.07.2012, 17:06   #8
markusg
/// Malware-holic
 
Virus: Website kann nicht angezeigt werden. - Standard

Virus: Website kann nicht angezeigt werden.



sorry, bei dir ist es d:
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Virus: Website kann nicht angezeigt werden.
abgesicherten, bildschirm, bildschirm weiß, daten, diverse, explorer, externe festplatte, festplatte, folge, freund, helft, infizierte dateien, modus, neu, neuinstallation, platte, problem, programme, seite, seiten, sekunden, strg, system, system neu, systeme, taskmanager, virus, virus website kann nicht angezeigt werden, website kann nicht angezeigt werden



Ähnliche Themen: Virus: Website kann nicht angezeigt werden.


  1. Website kann nicht angezeigt werden - dns_probe_finished_nxdomain
    Log-Analyse und Auswertung - 16.10.2015 (3)
  2. Diese Website kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 30.03.2015 (51)
  3. Weißer Bildschirm, "Website kann nicht angezeigt werden
    Log-Analyse und Auswertung - 05.02.2013 (26)
  4. Diese Website kann nicht angezeigt werden-Virus?
    Log-Analyse und Auswertung - 19.12.2012 (2)
  5. Virus: "Website kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 12.12.2012 (3)
  6. "Website kann nicht angezeigt werden" Virus (OTL Dateien vorhanden)
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (4)
  7. Website kann nicht angezeigt werden - Desktop blockiert
    Log-Analyse und Auswertung - 29.10.2012 (9)
  8. Virus ! Website kann nicht angezeigt werden
    Log-Analyse und Auswertung - 17.10.2012 (2)
  9. weißer bildschirm und diese website kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 16.10.2012 (16)
  10. Bildschirm blockiert: Website kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 04.10.2012 (1)
  11. Administratorkonto nicht mehr benutzbar, Meldung "Website kann nicht angezeigt werden"
    Log-Analyse und Auswertung - 16.08.2012 (15)
  12. Website kann nicht angezeigt werden -Virus
    Log-Analyse und Auswertung - 14.08.2012 (3)
  13. Ich kann nicht auf meinen Desktop zugreifen Meldung Die Website kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 07.08.2012 (1)
  14. beim oeffnen einer website wird eine weitere site geoeffnet die nicht angezeigt werden kann
    Plagegeister aller Art und deren Bekämpfung - 23.09.2011 (6)
  15. Beim öffnen einer Website wird eine weitere site geöffnet die nicht angezeigt werden kann
    Plagegeister aller Art und deren Bekämpfung - 10.01.2011 (14)
  16. Die Website kann nicht angezeigt werden
    Log-Analyse und Auswertung - 05.07.2009 (18)
  17. Hotmail. Die website kann nicht angezeigt werden
    Log-Analyse und Auswertung - 24.11.2007 (0)

Zum Thema Virus: Website kann nicht angezeigt werden. - Also ich habe folgendes Problem als ich auf diversen Seiten rumgesurft habe, schloss sich aufeinmal der gesamte Explorer und alle Programme 2 Sekunden später wurde der Bildschirm weiß und es - Virus: Website kann nicht angezeigt werden....
Archiv
Du betrachtest: Virus: Website kann nicht angezeigt werden. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.