| |
| |||||||
Log-Analyse und Auswertung: Computer Infiziert?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
28.02.2011, 21:20
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Computer Infiziert? Da ist doch ein Screenshot in der Anleitung...ist das sooo unklar  
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
28.02.2011, 21:27
| #2 |
 | Computer Infiziert? Sorry hab ich übersehen raufzuklicken
__________________ OTL Logfile:Code:
ATTFilter OTL Extras logfile created on: 28.02.2011 21:22:08 - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Users\Emre\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,51 Gb Total Space | 599,24 Gb Free Space | 65,74% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 9,80 Gb Free Space | 49,04% Space Free | Partition Type: FAT32
Computer Name: EMRE-PC | User Name: Emre | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06F22075-3278-47FD-934B-A9DFC9B1686B}" = lport=8304 | protocol=17 | dir=in | name=moon |
"{08A4A875-8633-4EF9-97E5-4D0908200C28}" = lport=8303 | protocol=17 | dir=in | name=teeworlds |
"{0D8F72DB-7034-4043-930E-AAC0BDFA6F88}" = lport=6971 | protocol=17 | dir=in | name=league of legends launcher |
"{1A642C6A-F7AD-4A0A-B0E1-CCAC02842F50}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2065AF49-8546-4907-95F1-6D04FC0C18F7}" = lport=6912 | protocol=6 | dir=in | name=league of legends launcher |
"{2EE30678-C158-4EB1-B540-58084EC3590A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{304D1812-D317-4E6E-A7A4-091C7A40EEB7}" = lport=6911 | protocol=17 | dir=in | name=league of legends launcher |
"{318DC72E-0C1F-4CD5-AFC9-8E5783F1C81A}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{3BFCF98E-F594-4DC5-BA82-64CAD86C9A39}" = lport=8304 | protocol=17 | dir=in | name=emre |
"{3CC2A49F-77BD-4112-8053-8B28D84F4F68}" = lport=6974 | protocol=6 | dir=in | name=league of legends launcher |
"{416333B8-B1B2-44CF-9743-76D5548D309E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{42B80740-BF50-4FF8-9187-B0B4510DDA33}" = lport=6905 | protocol=17 | dir=in | name=league of legends launcher |
"{448BBFE1-83F7-466C-A885-89D462525594}" = lport=6886 | protocol=6 | dir=in | name=league of legends launcher |
"{45DEC221-AA8C-4A84-AE58-309E782D62E8}" = lport=6901 | protocol=6 | dir=in | name=league of legends launcher |
"{47C5BE74-F32A-4197-8826-F7BB0ADE25A7}" = lport=6910 | protocol=17 | dir=in | name=league of legends launcher |
"{4A56F495-8985-411C-8E91-85703C872E0E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4B07626A-C7F0-434A-B8FA-4155B2A878E4}" = lport=6943 | protocol=17 | dir=in | name=league of legends launcher |
"{4C3B1741-DBE0-47DD-BEC7-7FF16383047A}" = lport=6939 | protocol=17 | dir=in | name=league of legends launcher |
"{4E1F578C-F179-4225-BD03-B3190B319A7C}" = lport=6943 | protocol=6 | dir=in | name=league of legends launcher |
"{4EF2EF85-F80A-4329-9005-A36B1B088BF9}" = lport=6895 | protocol=17 | dir=in | name=league of legends launcher |
"{51D7E321-8FAC-418A-BF1E-7EDFEBFA2231}" = lport=6886 | protocol=17 | dir=in | name=league of legends launcher |
"{5586F745-30D5-45C8-B98E-7535707C281E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5A69385B-338D-49E7-BBFD-99BC21D611EB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{624B7328-06E4-47E1-BE4C-6C4979411EA1}" = lport=6975 | protocol=6 | dir=in | name=league of legends launcher |
"{64439552-2139-4BDC-978B-6FF1741DA2DB}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{6459D3EC-7FAF-4999-B25E-6033FCC1A870}" = lport=6911 | protocol=6 | dir=in | name=league of legends launcher |
"{648E89F2-70D0-4C06-ACC7-597EC5BBA6DB}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{6527AA69-8924-41DE-A121-14046973864F}" = lport=6929 | protocol=17 | dir=in | name=league of legends launcher |
"{657F6A06-B2D8-432E-A301-596D3E66E924}" = lport=6902 | protocol=17 | dir=in | name=league of legends launcher |
"{71F6BAC3-98E9-496B-852B-CA9DA624931E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{73801E96-7465-4F10-B0DC-7AC313A10AB2}" = lport=6895 | protocol=6 | dir=in | name=league of legends launcher |
"{76384E23-8A42-48F5-B025-5C2306483F54}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{764309ED-42B6-45C2-909A-ED212474B3AF}" = lport=6944 | protocol=6 | dir=in | name=league of legends launcher |
"{774BA864-BB0E-4318-A06C-ED26185CD319}" = lport=6901 | protocol=17 | dir=in | name=league of legends launcher |
"{7D6C80AA-DF03-4F2C-AC02-8962A22A531E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{85ACF7CD-F9F1-4C95-8CBF-D765477B3C83}" = lport=6991 | protocol=17 | dir=in | name=league of legends launcher |
"{895CDD56-80A7-44CF-B983-D5277EF897A0}" = lport=6974 | protocol=17 | dir=in | name=league of legends launcher |
"{8FB034FA-4D15-45FB-9B09-8B032427F247}" = lport=6898 | protocol=17 | dir=in | name=league of legends launcher |
"{954F5BA2-1DB9-46A6-B3EA-4C34BC3310A8}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{973E0FC0-90C3-40A2-84F2-F5184BDE1AE2}" = lport=8304 | protocol=6 | dir=in | name=emre2 |
"{97FD16C8-A0F9-4E43-8D0E-B2B731C43D3C}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{9F892019-9726-422E-B9A3-CEA766FB9122}" = lport=6910 | protocol=6 | dir=in | name=league of legends launcher |
"{A1CD65E4-6B6E-4FD9-88A9-B145673C31F4}" = lport=6905 | protocol=6 | dir=in | name=league of legends launcher |
"{A22E79EC-44E8-40CB-B391-70A1158E0574}" = lport=6939 | protocol=6 | dir=in | name=league of legends launcher |
"{A374AD17-89E4-4A3F-9D8E-7DDDE6B5E77F}" = lport=6971 | protocol=6 | dir=in | name=league of legends launcher |
"{A48129C8-82EC-46FE-94B9-8957190B73A8}" = lport=6949 | protocol=6 | dir=in | name=league of legends launcher |
"{A67A94AB-4372-40FA-9C74-04C85A4DFD1C}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{A6896A87-FC15-41FF-AB53-57768ED207FA}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{A98FE933-7173-4DE6-9A77-4FE7FA96B8D4}" = lport=6975 | protocol=17 | dir=in | name=league of legends launcher |
"{AD18E4BE-B588-41FE-8F4E-B589A4A9C97D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B208C7BD-20C9-454D-9747-3A4D2C289EC5}" = lport=6929 | protocol=6 | dir=in | name=league of legends launcher |
"{C781E243-6C2B-4CB4-B34A-95F47876B105}" = lport=6944 | protocol=17 | dir=in | name=league of legends launcher |
"{CC6A7119-A1AD-4546-B568-9DA95601C7BC}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{D333D88C-488F-4128-A7B7-46734ADB2F6B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D355AC3E-9A5D-4495-9AE2-4906FD8492F6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D7148D0D-8BCD-4A8F-B952-5C3A66990A9D}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{D98054C0-C13F-4381-B56A-8A5D98B8B8AC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DEC46373-2F29-4A1F-A1B9-067884A398DC}" = lport=6991 | protocol=6 | dir=in | name=league of legends launcher |
"{DF9C2773-A001-4F50-BEDA-52387ECBC441}" = lport=6912 | protocol=17 | dir=in | name=league of legends launcher |
"{E5CFDC9D-1F53-4716-B725-6912E454E32A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E90DF6DA-509D-41C8-8ED4-CE3BB73BF816}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{F051D31D-E7D8-45C1-9208-938CE284A53B}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=c:\windows\system32\svchost.exe |
"{F2989585-C1D3-4F75-919C-ED1F22CBF27D}" = lport=6902 | protocol=6 | dir=in | name=league of legends launcher |
"{F5588D4B-D06F-4973-9367-D76502C34081}" = lport=6898 | protocol=6 | dir=in | name=league of legends launcher |
"{F8104352-0FFA-4655-93FA-4E2FA5B9D8E7}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{FBA902DB-5B33-47C5-9ED0-F5BFE49A5FD2}" = lport=6949 | protocol=17 | dir=in | name=league of legends launcher |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{031461AC-C491-4958-A2F3-A6B7EC35C959}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{044461E3-EC88-4A43-A136-046B2CFF80F5}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{056B5762-B96A-4180-BEA6-0165473847F8}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{05CC675B-D2BC-4687-8F9B-BFE9DE27953A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{06C467C4-1E5A-4B07-80C6-47AC69002881}" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars empire at war forces of corruption\swfoc.exe |
"{1248C22B-9650-46E9-8D55-E9749B1C5994}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{16D71CB9-9331-4657-B598-0DC98094586E}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{18C00437-03D6-4034-B7CA-75473C1D8C33}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{196BF418-EC72-4845-A016-F7DBB88B153B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{19DB3DAF-7628-4EE1-927A-054F9E66B09A}" = protocol=17 | dir=in | app=c:\program files\warcraft iii\frozen throne.exe |
"{1AD2536A-6C90-4EB6-83B5-87D26C827F1C}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{1C81D48B-E19E-4601-BF54-00BF86292959}" = protocol=6 | dir=in | app=c:\users\emre\desktop\l4d\l4d\oburis launcher.exe |
"{1CB79998-F609-448C-8931-2CC998B76D37}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{1E207146-F4FC-466E-957F-708410DDC04B}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{1F52F5CF-E8C6-4DDF-BAA2-8029F33BC403}" = protocol=6 | dir=in | app=c:\program files\eidos interactive\frontline attack\fa.exe |
"{29BF73FD-B907-4027-88FE-7C51CA7BF75C}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{2B51998C-5840-4498-BC0B-4D6E17A74B04}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\killingfloorbeta\system\ucc.exe |
"{3101DDFA-BB16-4FA9-BEED-F0FFA1950C2F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{3499A51F-7FE9-4625-B95A-FBFB95A8A14D}" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe |
"{353015E8-9627-45EF-AC9E-1CC192920A78}" = protocol=6 | dir=in | app=c:\program files\warcraft iii\frozen throne.exe |
"{3567DAFE-AA64-4293-8E15-A8D8DDA78A6B}" = protocol=6 | dir=in | app=c:\program files\diablo ii\diablo ii.exe |
"{3A2D6DFA-F8CF-4EE8-A494-245C8D3067A8}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{3CF9DD17-9C5D-4113-BA4E-A7DB098B8E71}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{3F4FC4BC-46A7-4A4D-B57D-964E59DF207D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{3F96FCED-99BF-4C25-8A75-80B844E2776B}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{4A0C0263-4708-468D-A0A4-055DDDB31B3E}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{4CF558EF-8AD1-4B62-87BE-8FC9A19F0211}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{51203D94-3C16-4F3D-8922-BC41B9F0EC49}" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars empire at war forces of corruption\swfoc.exe |
"{54971FAD-415D-42E4-802B-39AE80C594C5}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{58B2C680-DC7C-4F03-A05E-D9170E71D834}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\grim_reaper1810\dedicated server\hlds.exe |
"{58EE3F7E-1F07-4E42-890B-1241DB00EFCA}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{5F938815-C94E-46A5-BB8A-57FE2EE23906}" = protocol=17 | dir=in | app=c:\program files\diablo ii\diablo ii.exe |
"{630FD276-4B0B-4125-A11C-AA8347E9D8BC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{65DD71C0-A67E-4DC3-8288-65053662A724}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{67EFEE44-8EF1-499F-8321-BB0DA692E236}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6EE1BE12-D53A-491C-970F-7D071B4AF2FA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\killingfloor\system\kfed.exe |
"{71FADE23-5E59-4798-955E-6578821B2421}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold legends\strongholdlegends.exe |
"{7539E11F-889B-4E86-BC00-5CCC3F15EBA2}" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{767C2A98-24E1-47D0-A8EF-311A01C3DD34}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7790F524-1E5F-4E56-B9DC-0E95540480D4}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{7B9CC091-AE30-4345-86E4-46E4B01337DD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7F7ACF90-46E8-4CD0-A431-D351BFEDD8D5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{81CBD2B0-BBEC-4B14-879B-9A4E0998A31E}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{83F7F806-9B03-4A0E-BF8E-8C54B1242061}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{8C6E0736-5B62-4CDE-AA63-60D4DB55B719}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{90733DAC-406A-440C-8FFF-B99F33E76728}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{90A166A2-3DFC-4A3A-A1E2-8A7DB17D2602}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{90A97B94-2C19-4BBA-9E97-EF36BD296CF5}" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars empire at war\gamedata\sweaw.exe |
"{924AC97B-BE54-4147-BBA9-C88C9D7F6801}" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{92536C95-F501-4284-9574-E3270A753D72}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{92D437F8-89B3-451C-84FC-C1F70ABED918}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{97480666-F709-408C-B68D-74364585F0B0}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{9B4CA228-492C-4AAB-B629-436967C06910}" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars empire at war\gamedata\sweaw.exe |
"{9E85AC7E-6654-42D9-8D19-8E4980F2137A}" = protocol=17 | dir=in | app=c:\users\emre\desktop\l4d\l4d\oburis launcher.exe |
"{9EEA93BA-79FD-4E8A-933C-451057593069}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{A0E2CB15-AA5A-4791-AF4B-23D895EB6E9D}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{A1BAC31E-2E7C-4159-B4D9-877DCE5CC39C}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{A42E993B-4DFC-4265-B9B7-25881C5C545E}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{A5514620-C58A-4A1D-9F1C-DBC95AE575FF}" = protocol=17 | dir=in | app=c:\program files\eidos interactive\frontline attack\fa.exe |
"{A778D287-3527-4556-B07A-E7DCE9BACD8B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AE05EFAF-8C88-41DC-AAF5-2F3054E7A8F9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{AF3EE6CB-FB81-4AD6-A529-E61CDE67FE6C}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B127DB9E-EF22-4BB3-8285-6443FD83E239}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B5D1C0C3-7F47-4386-AB55-AE87251FEC41}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B82660AC-44F2-42AE-85DD-DB9A80B33310}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BAE021F3-2703-4930-917D-3F8878AAF1CE}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{BCD25CDD-2ED3-4D12-9959-84AFF75BC08D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{BD190AA2-5CF1-4139-ACC9-5CD4AA8200F0}" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{BD31194C-6200-4105-978A-6F8D19502F47}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\killingfloorbeta\system\ucc.exe |
"{C109C170-B616-4F38-9DAA-8FA53C20DBAA}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C25909FD-7823-4F4D-B126-F684AA0D7389}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\grim_reaper1810\dedicated server\hlds.exe |
"{CA2534B8-F8F0-4819-AD95-D475D01E340E}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{CAD9FA56-8B99-4C63-BA05-9A2350A355F3}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold legends\strongholdlegends.exe |
"{D5708924-D6B5-4F21-A36D-10E6F69F5E02}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\killingfloor\system\kfed.exe |
"{D63C4C15-B866-4044-9C47-9D678BBF21AE}" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe |
"{D8165E46-90FD-412D-8487-BFF614A225DF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E26374C9-DB30-4152-8FD4-561516CE73B0}" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{E9E10DFB-CE19-4208-8690-3437D78DD7FF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{EC54A344-D396-4B09-BB63-53C742AE912C}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{ECAD26C4-E15B-4078-9CF1-0B42BD991F23}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F322D628-2DB9-4E37-899D-D7BF4590503E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{F43D9620-E37E-49C2-97F8-C85F7FF26A02}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{F6EC8A5B-997E-4A3F-8A70-67B658B2EFEB}" = protocol=6 | dir=in | app=c:\windows\system32\msdtc.exe |
"{F8D70598-B24B-409F-A995-2526A1B9D8D6}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{FCC130B4-5018-4D05-8019-7AAAD0B22056}" = protocol=6 | dir=out | app=c:\windows\system32\msdtc.exe |
"{FF85FBA6-9790-40DF-850F-E04228B08647}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"TCP Query User{01BC267D-F70E-4520-A933-4CC99DD8F6F9}C:\program files\microsoft games\mechwarrior vengeance\mw4.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\mechwarrior vengeance\mw4.icd |
"TCP Query User{01F7EC1F-80A4-40D1-9386-72081FF0E890}C:\program files\urbanterror\iourbanterror.exe" = protocol=6 | dir=in | app=c:\program files\urbanterror\iourbanterror.exe |
"TCP Query User{049D65AA-3A07-4E30-8DCE-1795909808C3}C:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv_nrace.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv_nrace.exe |
"TCP Query User{053E38B0-375D-41F3-9F9B-6BCF975926B9}C:\program files\steam\steamapps\grim_reaper1810\dedicated server\hlds.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\grim_reaper1810\dedicated server\hlds.exe |
"TCP Query User{0A8BED1C-C635-4BB1-A34A-79282FD77A2B}C:\program files\sudden strike - release 1.0\suddenstrike.exe" = protocol=6 | dir=in | app=c:\program files\sudden strike - release 1.0\suddenstrike.exe |
"TCP Query User{0B9E14A5-18E3-45EE-A843-18140717F908}C:\users\emre\desktop\games\cs\cs 1.6\hl.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\games\cs\cs 1.6\hl.exe |
"TCP Query User{0BD3CA9F-00A9-4DE7-82D9-373D2CD87595}C:\sierra\ee-zde\ee-aoc.exe" = protocol=6 | dir=in | app=c:\sierra\ee-zde\ee-aoc.exe |
"TCP Query User{0EDFD629-B463-4B09-A6E8-457236576DA4}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{1B436C26-C1B9-4BDB-ACEC-7B92C69D6043}C:\soldat\soldat.exe" = protocol=6 | dir=in | app=c:\soldat\soldat.exe |
"TCP Query User{1BF545A7-5AE8-4957-8FD4-F2296ECE9DE3}C:\program files\urbanterror\iourbanterror.exe" = protocol=6 | dir=in | app=c:\program files\urbanterror\iourbanterror.exe |
"TCP Query User{2415DEBA-38EE-4066-B403-5598B1E3323A}C:\program files\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files\hamachi\hamachi.exe |
"TCP Query User{243B5F96-0C94-43A9-90A5-B9E71B34E8E6}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{27B3F39D-506D-425C-AF9B-80FA914C49EF}C:\users\emre\desktop\games\wc3\war3.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\games\wc3\war3.exe |
"TCP Query User{283468E0-AF6C-447D-87CF-E70F27914463}C:\users\emre\desktop\games\wc3\war3.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\games\wc3\war3.exe |
"TCP Query User{2ED8C533-4BB2-4830-B57F-68B4E0962618}C:\program files\thq\company of heroes\reliccoh.exe" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe |
"TCP Query User{35876C8A-5D90-43F7-80EF-852C6BF573A4}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{3D22C753-976A-4D51-AC5D-E973C21E2243}C:\program files\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2client.bin |
"TCP Query User{40385FB8-5C59-49F3-847E-E1F984CCB8AF}C:\program files\firefly studios\stronghold 2\stronghold2.exe" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"TCP Query User{41709B0F-2280-461C-B292-9EB945E45075}C:\games\dune 2000\dune2000.dat" = protocol=6 | dir=in | app=c:\games\dune 2000\dune2000.dat |
"TCP Query User{44B30AD7-49DE-4DBA-8D74-550B04F41280}C:\users\emre\appdata\local\temp\173c6dce5da34a3799a1616fe642eba1\relicdownloader.exe" = protocol=6 | dir=in | app=c:\users\emre\appdata\local\temp\173c6dce5da34a3799a1616fe642eba1\relicdownloader.exe |
"TCP Query User{45D21392-3020-4408-B151-AD9C9B9E75F2}C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold crusader.exe |
"TCP Query User{4AB392F7-E4DB-448A-A0D5-746F33A37475}C:\program files\half-life-counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files\half-life-counter-strike\hl.exe |
"TCP Query User{4AB49CF4-3213-447B-972B-58B5FCD23ED2}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{4C9E094B-C7A2-4D8D-9D49-25ED30A700FE}C:\program files\electronic arts\der herr der ringe® - die eroberung™\conquest.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\der herr der ringe® - die eroberung™\conquest.exe |
"TCP Query User{56FE968D-66F8-4553-AFBD-E75FE5DC1D21}C:\program files\icq7.1\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"TCP Query User{6065C319-251D-437E-AF18-C079F363086F}C:\program files\eidos interactive\pyro studios\praetorians\praetorians.exe" = protocol=6 | dir=in | app=c:\program files\eidos interactive\pyro studios\praetorians\praetorians.exe |
"TCP Query User{65A6C593-15C2-49FD-9506-199240D1DF2F}C:\program files\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"TCP Query User{682AAF55-2F1E-450B-BB84-7DBA87C1D55D}C:\users\emre\appdata\local\temp\rar$ex06.709\wodn2 client\wodn2.exe" = protocol=6 | dir=in | app=c:\users\emre\appdata\local\temp\rar$ex06.709\wodn2 client\wodn2.exe |
"TCP Query User{68793119-0F64-48AB-8EDD-307C0C56C14D}C:\program files\microsoft games\impossible creatures\ic.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\impossible creatures\ic.exe |
"TCP Query User{6B1F5CF7-61F7-4E4D-BB87-D82661258EB4}C:\program files\cossacks - the art of war\dmcr.exe" = protocol=6 | dir=in | app=c:\program files\cossacks - the art of war\dmcr.exe |
"TCP Query User{6FF26AD3-635B-4515-9A6F-8459C431862C}C:\games\call of duty modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=c:\games\call of duty modern warfare 2\iw4mp.exe |
"TCP Query User{705ED2AD-C5FC-4A65-B231-68555E9892B5}C:\users\emre\desktop\l4d\l4d\hl2.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\l4d\l4d\hl2.exe |
"TCP Query User{7AFD1083-979A-4145-8E73-8D80DBA0FE9C}C:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv.exe |
"TCP Query User{7B902AC9-D17B-48D5-B5B3-EC830E7BDE0A}C:\program files\microsoft games\mechwarrior vengeance\mw4.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\mechwarrior vengeance\mw4.icd |
"TCP Query User{7E7BDA59-F089-4CD4-87FA-20401CDEFC58}C:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe |
"TCP Query User{7EB715B0-416B-4979-98B6-436EC1D9C5CB}C:\program files\urbanterror\iourtded.exe" = protocol=6 | dir=in | app=c:\program files\urbanterror\iourtded.exe |
"TCP Query User{7F2D296D-0637-4F7F-A660-5B913FECA304}C:\users\emre\desktop\wodn2 client\wodn2.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\wodn2 client\wodn2.exe |
"TCP Query User{7F68F025-8A9B-4583-AD5E-7357825EC163}C:\program files\counter strike source 2.5 full türkçe\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter strike source 2.5 full türkçe\hl2.exe |
"TCP Query User{835FFD92-89B2-40DA-8292-9960294FFEBE}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{843B0868-F28C-4240-B2FA-0F060BE41E9B}C:\program files\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files\diablo ii\game.exe |
"TCP Query User{867220C9-7C64-4BB6-ADB1-B35975214FCF}C:\users\emre\desktop\wodn2 client\wodn2.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\wodn2 client\wodn2.exe |
"TCP Query User{8A9B4487-D5FB-4361-8716-E4B159F688E8}C:\users\emre\downloads\lobbyclient.exe" = protocol=6 | dir=in | app=c:\users\emre\downloads\lobbyclient.exe |
"TCP Query User{8C89A1F7-9AC2-45D5-AFDF-16BC1DA4C53E}C:\program files\rockstar games\gta san andreas\samp-server.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\gta san andreas\samp-server.exe |
"TCP Query User{8FE64573-CEC2-4268-BEB9-3A51A075CA1A}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{904037DC-CE85-488D-8621-B1E76D6EBABE}C:\users\emre\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\emre\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{93AD18CC-1E06-47B0-BF6A-B0F761BE868F}C:\program files\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin |
"TCP Query User{93EB9039-9090-4A0B-A9F8-B5330D753C50}C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold crusader.exe |
"TCP Query User{95486F58-4C08-4DE9-8795-17E6D3CB8315}C:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv.exe |
"TCP Query User{9B595F1B-54E9-406E-90FB-B76F6AF47C63}C:\sierra\empire earth\empire earth.exe" = protocol=6 | dir=in | app=c:\sierra\empire earth\empire earth.exe |
"TCP Query User{A1A72A76-6307-4E1F-B2B5-A6E0DD4D00E5}C:\program files\sudden strike - resource war\run\code\release\game_exe.exe" = protocol=6 | dir=in | app=c:\program files\sudden strike - resource war\run\code\release\game_exe.exe |
"TCP Query User{A6727C83-9EA4-4242-8726-3B8DE54FA277}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{AB8D4706-F07F-40F7-8CFE-8500F2F2DDDB}C:\program files\firefly studios\stronghold legends\strongholdlegends.exe" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold legends\strongholdlegends.exe |
"TCP Query User{BCED3515-20E3-48AC-AD48-3331D7ECE400}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{BD5D29FC-00AF-45FF-A77E-4CECB216E411}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{D07FAAB3-C17C-4B06-AA8F-883AB89DC20B}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{D295CE14-8208-4FBD-ACFC-FA0138FCC65F}C:\program files\cossacks - the art of war\dmcr.exe" = protocol=6 | dir=in | app=c:\program files\cossacks - the art of war\dmcr.exe |
"TCP Query User{D96EADEE-CCB7-4217-B642-835A18B481E3}C:\users\emre\desktop\games\sonstiges\teeworlds-0.4.3-win32\teeworlds_srv.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\games\sonstiges\teeworlds-0.4.3-win32\teeworlds_srv.exe |
"TCP Query User{DA288875-60B7-4819-BBDF-D590410328A7}C:\games\dune 2000\dune2000.dat" = protocol=6 | dir=in | app=c:\games\dune 2000\dune2000.dat |
"TCP Query User{DC9EAC18-2398-484B-93D0-0A8B7F6DB4BE}C:\users\emre\desktop\games\cs\cs 1.6\hl.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\games\cs\cs 1.6\hl.exe |
"TCP Query User{E060818F-43D6-454F-BA60-8BE5D407EB3D}C:\sierra\ee-zde\ee-aoc.exe" = protocol=6 | dir=in | app=c:\sierra\ee-zde\ee-aoc.exe |
"TCP Query User{E15B302A-67EB-494E-A366-374282955DD9}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{E1B85E9F-AB68-48C0-9517-5F8BE525E088}C:\users\emre\desktop\wodn2 client\mc.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\wodn2 client\mc.exe |
"TCP Query User{E268D22C-A1F0-4DD3-B033-27D7F96EA4AB}C:\program files\eidos interactive\frontline attack\fa.ex2" = protocol=6 | dir=in | app=c:\program files\eidos interactive\frontline attack\fa.ex2 |
"TCP Query User{E4331875-CA3B-4E4D-86A6-118D485A7EDB}C:\games\call of duty modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=c:\games\call of duty modern warfare 2\iw4mp.exe |
"TCP Query User{E7F65E17-87EF-4104-929B-483C68737FE6}C:\program files\counter strike source 2.5 full türkçe\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter strike source 2.5 full türkçe\hl2.exe |
"TCP Query User{E80D138A-60E6-4DB6-9E8F-D21CBE169555}C:\program files\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files\diablo ii\game.exe |
"TCP Query User{EA730568-3C71-429B-81A7-D14365DB023C}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{EC7A5556-5EB5-4785-8E35-742738BF5C05}C:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv_nrace.exe" = protocol=6 | dir=in | app=c:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv_nrace.exe |
"TCP Query User{EF81ED5E-D99C-4F8B-BAEF-D4DEB76C7006}C:\program files\counter strike source tr\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter strike source tr\hl2.exe |
"TCP Query User{EFBB8894-F66F-4ECA-8145-977DC32C15EF}C:\program files\rockstar games\gta san andreas\samp-server.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\gta san andreas\samp-server.exe |
"TCP Query User{F106033A-681D-462F-8335-BA0A63FBBDDC}C:\program files\lucasarts\star wars empire at war forces of corruption\swfoc.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars empire at war forces of corruption\swfoc.exe |
"UDP Query User{026BBC2A-0A24-46A8-8EF3-7DD2EAE2506F}C:\program files\microsoft games\mechwarrior vengeance\mw4.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\mechwarrior vengeance\mw4.icd |
"UDP Query User{03A6B0C2-E4DD-4A9A-B8A0-4C935605D7B7}C:\games\call of duty modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=c:\games\call of duty modern warfare 2\iw4mp.exe |
"UDP Query User{07017987-A129-43C0-AE51-1A610D8F2C35}C:\program files\microsoft games\mechwarrior vengeance\mw4.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\mechwarrior vengeance\mw4.icd |
"UDP Query User{0C9250AD-EF8C-4F34-84F1-2555874327D4}C:\program files\sudden strike - release 1.0\suddenstrike.exe" = protocol=17 | dir=in | app=c:\program files\sudden strike - release 1.0\suddenstrike.exe |
"UDP Query User{0DF00EBD-5E5F-4DFE-8A35-F6EE77983D2F}C:\games\dune 2000\dune2000.dat" = protocol=17 | dir=in | app=c:\games\dune 2000\dune2000.dat |
"UDP Query User{0FDBDA33-0D99-4F2E-8BDB-753F6B0F3B61}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{1035E140-54AD-4D73-AD33-7785241741D1}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"UDP Query User{16A38AB0-9B49-48E1-B060-84961ECE0557}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{18C0AEFE-8331-4DA1-BC86-9F8FC0F7C57D}C:\users\emre\desktop\games\wc3\war3.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\games\wc3\war3.exe |
"UDP Query User{1A239B34-E9E1-455D-BB8D-4DB76962D4F3}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{2002B4E7-6AB9-46C4-AF66-8C4CE6D9800A}C:\program files\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin |
"UDP Query User{23B0FA9D-6E7E-42E2-9ABC-FB9708645CAD}C:\program files\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"UDP Query User{2535BCB6-C644-4FE6-BC5B-36F211B7FB42}C:\program files\thq\company of heroes\reliccoh.exe" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe |
"UDP Query User{27A48F73-817E-4253-AA3C-9A902B26CA77}C:\program files\urbanterror\iourbanterror.exe" = protocol=17 | dir=in | app=c:\program files\urbanterror\iourbanterror.exe |
"UDP Query User{2A9F3643-F678-473D-BC88-7BEA68B082F5}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{2BECDE0C-A54A-4BAB-B7CB-4A455598660D}C:\sierra\ee-zde\ee-aoc.exe" = protocol=17 | dir=in | app=c:\sierra\ee-zde\ee-aoc.exe |
"UDP Query User{2EA3A88D-66B1-4DCA-8F3E-FDC2E23C2C58}C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold crusader.exe |
"UDP Query User{3192FE2A-A06E-4EE7-8BEE-A94C05F71F6E}C:\program files\lucasarts\star wars empire at war forces of corruption\swfoc.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars empire at war forces of corruption\swfoc.exe |
"UDP Query User{416E88F4-0D25-4FF7-B5F0-4ED90D0357AE}C:\program files\rockstar games\gta san andreas\samp-server.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\gta san andreas\samp-server.exe |
"UDP Query User{43D106F9-6D5F-456F-8EE9-E5A7C7A0A580}C:\program files\counter strike source tr\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter strike source tr\hl2.exe |
"UDP Query User{45665697-DBF6-4F2A-8BC5-8BCDEBEE3E49}C:\program files\cossacks - the art of war\dmcr.exe" = protocol=17 | dir=in | app=c:\program files\cossacks - the art of war\dmcr.exe |
"UDP Query User{466CCB66-26C5-427F-9A79-E9D8405CCDAA}C:\soldat\soldat.exe" = protocol=17 | dir=in | app=c:\soldat\soldat.exe |
"UDP Query User{46FFF757-75AA-4146-95A6-E05D64F70D5C}C:\program files\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files\diablo ii\game.exe |
"UDP Query User{470E3364-CFE2-4DC4-AFAB-A0FFF013A1F9}C:\program files\sudden strike - resource war\run\code\release\game_exe.exe" = protocol=17 | dir=in | app=c:\program files\sudden strike - resource war\run\code\release\game_exe.exe |
"UDP Query User{474D66DD-2EA1-47F5-8241-9562F25685F9}C:\sierra\empire earth\empire earth.exe" = protocol=17 | dir=in | app=c:\sierra\empire earth\empire earth.exe |
"UDP Query User{479CD5DC-60B2-4A97-8453-7E2A40B2E2EB}C:\program files\half-life-counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files\half-life-counter-strike\hl.exe |
"UDP Query User{5308253F-D489-4F6F-8DA0-15073D883E0A}C:\users\emre\desktop\l4d\l4d\hl2.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\l4d\l4d\hl2.exe |
"UDP Query User{531F6E24-896C-4892-8A12-3F9FDDD2D335}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{558B09BB-FA13-413E-B0BB-49A8A70A6978}C:\users\emre\desktop\games\cs\cs 1.6\hl.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\games\cs\cs 1.6\hl.exe |
"UDP Query User{56F0C0C9-40EF-47C3-8019-A3AE0162FF64}C:\program files\eidos interactive\pyro studios\praetorians\praetorians.exe" = protocol=17 | dir=in | app=c:\program files\eidos interactive\pyro studios\praetorians\praetorians.exe |
"UDP Query User{5A30A3A4-E16F-4AE6-81CE-627602D2C037}C:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv_nrace.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv_nrace.exe |
"UDP Query User{6279D6FE-6255-4C03-BF60-2324F4F497BD}C:\program files\electronic arts\der herr der ringe® - die eroberung™\conquest.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\der herr der ringe® - die eroberung™\conquest.exe |
"UDP Query User{63021A5F-2A38-4193-9E64-8B452FE639C3}C:\users\emre\desktop\games\wc3\war3.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\games\wc3\war3.exe |
"UDP Query User{6BE4368A-AAF2-43F4-9E7D-EF6F3563EF9A}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"UDP Query User{6C3BDBBE-D3E6-4E68-959E-D1D6FBB7D613}C:\games\call of duty modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=c:\games\call of duty modern warfare 2\iw4mp.exe |
"UDP Query User{70FA3CCD-BF22-48F7-A464-A97A2F7E30FC}C:\program files\cossacks - the art of war\dmcr.exe" = protocol=17 | dir=in | app=c:\program files\cossacks - the art of war\dmcr.exe |
"UDP Query User{73658D4D-D91F-4760-AE73-9B51F33700D9}C:\program files\urbanterror\iourtded.exe" = protocol=17 | dir=in | app=c:\program files\urbanterror\iourtded.exe |
"UDP Query User{76FB7AC8-B13F-4220-8E00-550C58148465}C:\program files\steam\steamapps\grim_reaper1810\dedicated server\hlds.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\grim_reaper1810\dedicated server\hlds.exe |
"UDP Query User{7C780340-1FDD-49A0-952D-60ECFF3F307B}C:\program files\eidos interactive\frontline attack\fa.ex2" = protocol=17 | dir=in | app=c:\program files\eidos interactive\frontline attack\fa.ex2 |
"UDP Query User{8365B082-248D-4926-96DE-C3C15325EC48}C:\users\emre\desktop\games\cs\cs 1.6\hl.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\games\cs\cs 1.6\hl.exe |
"UDP Query User{89BC73F4-D443-4536-BFE6-6B2ED25A451F}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{8A88120F-71DE-4EDC-B03C-D9CD973D81BA}C:\users\emre\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\emre\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{8EEB5FBB-FF0A-424A-A7C7-F35568C4D0F6}C:\program files\firefly studios\stronghold 2\stronghold2.exe" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"UDP Query User{92AA4F21-3D11-42C0-AE5C-76C5B1C2E474}C:\program files\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files\hamachi\hamachi.exe |
"UDP Query User{94D295BB-12FF-4B9A-B4F5-3EC22BC87301}C:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe |
"UDP Query User{97EEC7AC-7BF3-41CB-8577-CA14FA2836A6}C:\program files\counter strike source 2.5 full türkçe\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter strike source 2.5 full türkçe\hl2.exe |
"UDP Query User{9A3C22E7-6451-4214-B61C-5374378B4815}C:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv.exe |
"UDP Query User{9DC6A63D-8538-4AED-B8E0-3B3AF094F066}C:\users\emre\downloads\lobbyclient.exe" = protocol=17 | dir=in | app=c:\users\emre\downloads\lobbyclient.exe |
"UDP Query User{A23412AE-47B6-4B5C-B8F8-309F94CD545B}C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold crusader.exe |
"UDP Query User{A9A72F9B-23F5-418B-9C82-3E44B95AF38D}C:\program files\urbanterror\iourbanterror.exe" = protocol=17 | dir=in | app=c:\program files\urbanterror\iourbanterror.exe |
"UDP Query User{B412D482-67DD-489C-AAF6-F27475D0D56B}C:\program files\microsoft games\impossible creatures\ic.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\impossible creatures\ic.exe |
"UDP Query User{B795D091-5632-4935-9B4E-8ABFC1BFD853}C:\games\dune 2000\dune2000.dat" = protocol=17 | dir=in | app=c:\games\dune 2000\dune2000.dat |
"UDP Query User{B8538426-448C-4F6B-8479-220C205C9519}C:\program files\firefly studios\stronghold legends\strongholdlegends.exe" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold legends\strongholdlegends.exe |
"UDP Query User{B9F223B4-116D-4B63-A1E9-D82ECC06FA03}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{BEDA26D1-0FEA-429E-92C6-BDD0357E505E}C:\sierra\ee-zde\ee-aoc.exe" = protocol=17 | dir=in | app=c:\sierra\ee-zde\ee-aoc.exe |
"UDP Query User{C005542C-2F9A-4CD9-80A9-81374738C609}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{C281776B-9E83-4878-8AA1-84C0AFE654B9}C:\program files\rockstar games\gta san andreas\samp-server.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\gta san andreas\samp-server.exe |
"UDP Query User{C4C25BAD-7A09-404F-93AF-EE07B78DC1CF}C:\users\emre\appdata\local\temp\rar$ex06.709\wodn2 client\wodn2.exe" = protocol=17 | dir=in | app=c:\users\emre\appdata\local\temp\rar$ex06.709\wodn2 client\wodn2.exe |
"UDP Query User{C8930CCA-1454-4089-8F07-F15C99463261}C:\program files\icq7.1\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"UDP Query User{CC3CED14-41EE-41F1-A607-780D4B02EF15}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{D13B634F-1F3F-478E-A7AF-76874A848BE2}C:\users\emre\desktop\wodn2 client\wodn2.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\wodn2 client\wodn2.exe |
"UDP Query User{D1D6C8B5-1CC2-4CEA-847C-DDFD0FD21A21}C:\users\emre\desktop\wodn2 client\wodn2.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\wodn2 client\wodn2.exe |
"UDP Query User{D3D2C01C-79D8-443F-A86C-AAB9C61DD918}C:\program files\counter strike source 2.5 full türkçe\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter strike source 2.5 full türkçe\hl2.exe |
"UDP Query User{D7E985E3-14A8-4F64-917A-90721FE27D8E}C:\users\emre\appdata\local\temp\173c6dce5da34a3799a1616fe642eba1\relicdownloader.exe" = protocol=17 | dir=in | app=c:\users\emre\appdata\local\temp\173c6dce5da34a3799a1616fe642eba1\relicdownloader.exe |
"UDP Query User{E5AE7F75-72D6-480C-A7F9-1A059593B479}C:\program files\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files\diablo ii\game.exe |
"UDP Query User{EEF62281-40E2-4DF4-9AE2-A7DD71168222}C:\users\emre\desktop\games\sonstiges\teeworlds-0.4.3-win32\teeworlds_srv.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\games\sonstiges\teeworlds-0.4.3-win32\teeworlds_srv.exe |
"UDP Query User{F0365B6D-7203-4F31-B048-7CA5580D035E}C:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv.exe |
"UDP Query User{F17D9BDF-9B4F-4A0A-A1E4-AC1E8D133C1E}C:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv_nrace.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\games\sonstiges\xd\teeworlds_srv_nrace.exe |
"UDP Query User{F52722F9-4003-41A9-AE6B-5B0940E46FC3}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{FBFBA27D-FEF7-47AD-9882-F739DCFA4305}C:\users\emre\desktop\wodn2 client\mc.exe" = protocol=17 | dir=in | app=c:\users\emre\desktop\wodn2 client\mc.exe |
"UDP Query User{FD7FEFD0-08FB-43F3-B58B-861FB8D61EE9}C:\program files\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2client.bin |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"12345_is1" = WeGame Client Beta 2.1.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoHotkey" = AutoHotkey 1.0.48.05
"AutoItv3" = AutoIt v3.3.6.1
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CABAL Online_is1" = CABAL Online
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"Counter Strike Source TR_is1" = Counter Strike Source TR
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Devil May Cry 4 *Full-Rip* [Team JPN]_is1" = Devil May Cry 4
"Google Chrome" = Google Chrome
"Half-Life-Counter-Strike 1.5 Full" = Half-Life-Counter-Strike 1.5 Full
"League of Legends_is1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MechWarrior Vengeance" = MechWarrior Vengeance
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Softonic_Deutsch Toolbar" = Softonic_Deutsch Toolbar
"SpeedSim" = SpeedSim
"Steam App 1250" = Killing Floor
"Steam App 1260" = Killing Floor SDK
"Steam App 1273" = Killing Floor Beta Dedicated Server
"Steam App 35420" = Killing Floor Mod: Defence Alliance 2
"Steam App 630" = Alien Swarm
"Urban Terror_is1" = Urban Terror 4.1
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13.03.2010 05:58:33 | Computer Name = Emre-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.03.2010 05:59:30 | Computer Name = Emre-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 3.3.3.0, Zeitstempel
0x47c6bd1b, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x12271227, Prozess-ID 0x698, Anwendungsstartzeit
01cac293bec4040f.
Error - 14.03.2010 07:54:55 | Computer Name = Emre-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung rundll32.exe, Version 6.0.6000.16386, Zeitstempel
0x4549b0e1, fehlerhaftes Modul NVSVC.DLL, Version 7.15.11.8120, Zeitstempel 0x4954aa31,
Ausnahmecode 0xc0000005, Fehleroffset 0x00002c6b, Prozess-ID 0x6d0, Anwendungsstartzeit
01cac36d0f255aed.
Error - 14.03.2010 07:55:03 | Computer Name = Emre-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.03.2010 10:59:11 | Computer Name = Emre-PC | Source = Application Hang | ID = 1002
Description = Programm Empire Earth.exe, Version 0.0.0.0 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 540 Anfangszeit: 01cac386d2407e28 Zeitpunkt
der Beendigung: 31
Error - 15.03.2010 09:45:35 | Computer Name = Emre-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung rundll32.exe, Version 6.0.6000.16386, Zeitstempel
0x4549b0e1, fehlerhaftes Modul NVSVC.DLL, Version 7.15.11.8120, Zeitstempel 0x4954aa31,
Ausnahmecode 0xc0000005, Fehleroffset 0x00002c6b, Prozess-ID 0x6d8, Anwendungsstartzeit
01cac445b597f14f.
Error - 15.03.2010 09:45:42 | Computer Name = Emre-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.03.2010 14:17:09 | Computer Name = Emre-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.03.2010 08:26:41 | Computer Name = Emre-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.03.2010 11:30:23 | Computer Name = Emre-PC | Source = Application Hang | ID = 1002
Description = Programm gta_sa.exe, Version 0.0.0.0 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: d28 Anfangszeit: 01cac51b74ac92cc Zeitpunkt der Beendigung:
238
[ OSession Events ]
Error - 18.11.2010 12:44:22 | Computer Name = Emre-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.
Error - 21.11.2010 11:43:19 | Computer Name = Emre-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.
Error - 22.11.2010 12:18:30 | Computer Name = Emre-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.
Error - 22.11.2010 12:20:47 | Computer Name = Emre-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08.12.2010 13:07:24 | Computer Name = Emre-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 27.12.2010 10:47:07 | Computer Name = Emre-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.
Error - 29.12.2010 08:58:54 | Computer Name = Emre-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.
Error - 15.01.2011 07:02:08 | Computer Name = Emre-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.
Error - 15.01.2011 15:26:59 | Computer Name = Emre-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.
Error - 19.02.2011 06:04:32 | Computer Name = Emre-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 27.02.2011 05:52:40 | Computer Name = Emre-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0022436B20B2 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 27.02.2011 05:52:51 | Computer Name = Emre-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0022436B20B2 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 27.02.2011 13:47:03 | Computer Name = Emre-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0022436B20B2 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 27.02.2011 13:48:06 | Computer Name = Emre-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0022436B20B2 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 27.02.2011 13:49:07 | Computer Name = Emre-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0022436B20B2 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 28.02.2011 11:26:47 | Computer Name = Emre-PC | Source = BROWSER | ID = 8032
Description =
Error - 28.02.2011 14:42:34 | Computer Name = Emre-PC | Source = BROWSER | ID = 8032
Description =
Error - 28.02.2011 15:48:05 | Computer Name = Emre-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0022436B20B2 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 28.02.2011 15:48:58 | Computer Name = Emre-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0022436B20B2 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 28.02.2011 15:49:29 | Computer Name = Emre-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0022436B20B2 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 28.02.2011 21:22:08 - Run 1 OTL by OldTimer - Version 3.2.22.2 Folder = C:\Users\Emre\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free 7,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 911,51 Gb Total Space | 599,24 Gb Free Space | 65,74% Space Free | Partition Type: NTFS Drive D: | 19,99 Gb Total Space | 9,80 Gb Free Space | 49,04% Space Free | Partition Type: FAT32 Computer Name: EMRE-PC | User Name: Emre | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools) PRC - C:\Programme\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.) PRC - C:\Windows\System32\PSIService.exe () PRC - C:\Windows\VM303_STI.EXE (Vimicro) PRC - C:\Programme\Saitek\Software\SaiMfd.exe (Saitek) PRC - C:\Programme\Saitek\Software\ProfilerU.exe (Saitek) ========== Modules (SafeList) ========== MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (PCToolsSSDMonitorSvc) -- C:\Programme\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe () ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - (nmwcd) -- C:\Windows\System32\drivers\nmwcd.sys (Nokia) DRV - (nmwcdcm) -- C:\Windows\System32\drivers\nmwcdcm.sys (Nokia) DRV - (nmwcdcj) -- C:\Windows\System32\drivers\nmwcdcj.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\nmwcdc.sys (Nokia) DRV - (SaiNtBus) -- C:\Windows\System32\drivers\SaiBus.sys (Saitek) DRV - (SaiMini) -- C:\Windows\System32\drivers\SaiMini.sys (Saitek) DRV - (SaiH5F0D) -- C:\Windows\System32\drivers\SaiH5F0D.sys (Saitek) DRV - (SaiU5F0D) -- C:\Windows\System32\drivers\SaiU5F0D.sys (Saitek) DRV - (ZSMC303) VIMICRO USB PC Camera (VC0303) -- C:\Windows\System32\drivers\usbVM303.sys (Vimicro Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/hypercam/{8723FF7F-63AE-4FAB-8D0F-EAFC9B444A18} IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.live.com/1rewlive4startup/home IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=" FF - prefs.js..browser.search.order.1: "iMesh Web Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.8.20100713041928 FF - prefs.js..keyword.URL: "hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009.03.26 18:06:32 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.25 13:01:09 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.11 13:53:05 | 000,000,000 | ---D | M] [2010.02.21 12:56:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Emre\AppData\Roaming\Mozilla\Extensions [2011.02.28 16:26:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\extensions [2009.06.28 11:30:08 | 000,000,000 | ---D | M] ("Microsoft .NET Framework Assistant") -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.24 12:13:22 | 000,000,000 | ---D | M] (Winload Toolbar) -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} [2011.01.17 21:25:34 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.04.10 21:07:48 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.11.27 16:52:57 | 000,000,000 | ---D | M] (Softonic Deutsch Toolbar) -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\extensions\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c} [2010.06.30 09:24:44 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\extensions\DTToolbar@toolbarnet.com [2010.06.24 12:13:20 | 000,000,000 | ---D | M] (Mein Gutscheincode Finder) -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\extensions\finder@meingutscheincode.de [2010.06.02 19:30:25 | 000,002,331 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\bigseekpro.xml [2011.01.24 21:23:28 | 000,001,832 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\bing.xml [2010.03.24 15:13:02 | 000,000,917 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\conduit.xml [2010.06.30 09:24:31 | 000,002,059 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\daemon-search.xml [2011.02.21 20:56:56 | 000,000,950 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\icqplugin-1.xml [2010.06.28 10:22:17 | 000,000,950 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\icqplugin-2.xml [2010.07.01 09:33:26 | 000,000,950 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\icqplugin-3.xml [2010.08.06 12:51:47 | 000,000,950 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\icqplugin-4.xml [2010.09.18 18:45:56 | 000,000,950 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\icqplugin-5.xml [2010.10.24 18:50:13 | 000,000,950 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\icqplugin-6.xml [2010.10.29 21:28:17 | 000,000,950 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\icqplugin-7.xml [2010.12.15 15:20:19 | 000,000,950 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\icqplugin-8.xml [2010.04.10 21:07:48 | 000,000,168 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\icqplugin.gif [2010.04.10 21:07:48 | 000,000,618 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\icqplugin.src [2010.04.30 20:11:24 | 000,000,947 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\icqplugin.xml [2010.03.24 10:34:04 | 000,002,456 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\6gdpg2i0.default\searchplugins\iMeshWebSearch.xml [2011.01.17 21:24:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.03.26 18:06:46 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2009.07.02 19:22:07 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.10.17 17:43:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011.01.17 21:24:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2009.07.03 18:14:23 | 000,000,000 | ---D | M] (Mozilla Firefox distributed by RealNetworks) -- C:\Programme\Mozilla Firefox\extensions\realplayer@partners.mozilla.com [2010.10.17 17:43:14 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011.01.17 21:24:10 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.08.06 12:50:30 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.08.06 12:50:30 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.24 10:34:04 | 000,002,456 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\iMeshWebSearch.xml [2010.08.06 12:50:30 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.08.06 12:50:31 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.08.06 12:50:31 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [4StoryPrePatch] C:\Programme\Gameforge4D\4Story\PrePatch.exe (Zamiinc) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BigDog303] C:\Windows\VM303_STI.EXE (Vimicro) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia) O4 - HKLM..\Run: [Profiler] C:\Programme\Saitek\Software\ProfilerU.exe (Saitek) O4 - HKLM..\Run: [SaiMfd] C:\Programme\Saitek\Software\SaiMfd.exe (Saitek) O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [snpstd] File not found O4 - HKLM..\Run: [SSDMonitor] C:\Programme\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKCU..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe (PC Tools ) O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk = C:\Users\Emre\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies) O4 - Startup: C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - File not found O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Emre\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Emre\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{90894d42-f21d-11de-852e-002421062aa0}\Shell - "" = AutoRun O33 - MountPoints2\{90894d42-f21d-11de-852e-002421062aa0}\Shell\AutoRun\command - "" = I:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.02.28 21:12:24 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Emre\Desktop\OTL.exe [2011.02.27 18:44:45 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{04A85D4A-A66A-473A-8856-24EE22CD7A82} [2011.02.27 16:35:54 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Roaming\Malwarebytes [2011.02.27 16:35:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.02.27 16:35:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.02.27 16:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.02.27 16:35:41 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.02.27 16:35:41 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.02.27 10:50:53 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{55053A25-183D-40A3-BE32-66DB21C08FAC} [2011.02.26 09:42:03 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{DB7C8116-0BA3-44E9-88DE-AAD5EAF71D37} [2011.02.24 18:38:05 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{ECEF8982-C900-4852-AA3D-5284F7D30CB2} [2011.02.24 11:42:34 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{EB212CD6-4053-440C-99B4-587969D4C9A4} [2011.02.23 13:07:23 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{BE911923-C770-4D3E-984C-B32014E6814A} [2011.02.22 13:53:02 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{DBF4F4DF-ABAE-4596-A97F-C0B2F78079CA} [2011.02.21 19:25:32 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{1FC15DCA-3AE3-45E9-B864-D5870F017CB9} [2011.02.21 14:33:27 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{EA566E1F-332E-46D3-BE2D-8D03638E59FD} [2011.02.19 17:45:00 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{7D63A2C8-48E3-4223-B7B6-9368A8B564E4} [2011.02.19 10:27:50 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{BFF1B6FD-ADDE-4E3C-B010-2CDB0EE020D1} [2011.02.17 12:46:54 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{0C9EFDF1-3DD0-4E66-8F1B-1B4D30AB81B7} [2011.02.16 13:29:35 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{33B5AE32-7362-4C63-B27B-A68C12F4CCF6} [2011.02.15 13:48:05 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{F44443C8-E261-4ADC-BD55-304F36EBB056} [2011.02.14 20:21:27 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{2AB75A0E-C704-47C8-B5B5-8A72874FD727} [2011.02.13 10:15:11 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{DE88001B-8708-4D80-88F9-90C20C3AD4D9} [2011.02.12 11:35:38 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{A199E499-D9AE-41C6-813F-273E3569EB9B} [2011.02.11 13:48:59 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{9344DA23-B657-4583-AEC1-2DA8B8CD2BB6} [2011.02.09 13:04:54 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{F149E82E-1519-49D7-966D-9CD8FFDE77A2} [2011.02.08 20:38:05 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2011.02.08 20:38:05 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2011.02.08 20:38:05 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011.02.08 20:38:05 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll [2011.02.08 20:38:05 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011.02.08 20:38:05 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2011.02.08 20:38:05 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll [2011.02.08 20:38:05 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011.02.08 20:38:05 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2011.02.08 20:38:05 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2011.02.08 20:38:04 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2011.02.08 20:38:04 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2011.02.08 20:38:04 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll [2011.02.08 20:38:04 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2011.02.08 20:38:03 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2011.02.08 20:38:03 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2011.02.08 20:38:03 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2011.02.08 20:38:03 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2011.02.08 20:38:03 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll [2011.02.08 20:38:03 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2011.02.08 20:38:03 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2011.02.08 20:37:59 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll [2011.02.08 20:37:59 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2011.02.08 20:37:57 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2011.02.08 20:37:44 | 002,039,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.02.08 20:37:40 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011.02.08 20:37:40 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011.02.08 20:32:45 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.02.08 20:32:45 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.02.08 20:32:44 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.02.08 20:32:44 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.02.08 20:32:44 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.02.08 20:32:44 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.02.08 20:32:44 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.02.08 20:32:44 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.02.08 20:32:44 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.02.08 20:32:44 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.02.08 20:32:44 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.02.08 20:32:44 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.02.08 20:32:44 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.02.08 20:32:44 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.02.08 20:32:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.02.08 20:32:44 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.02.08 20:32:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.02.08 20:32:38 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.02.08 20:32:37 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.02.08 15:22:23 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{AAF7286E-566A-4140-88D2-2A609419A119} [2011.02.07 17:21:25 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Roaming\Windows Live Writer [2011.02.07 17:21:25 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\Windows Live Writer [2011.02.07 13:53:50 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{3C98C603-A439-4F78-8FCB-2C1788FB5E0E} [2011.02.06 10:57:08 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{F48CCE7E-ED1D-48DA-9769-883E6EDBC90C} [2011.02.05 09:17:27 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{F5D38BDD-CBF8-4114-A60D-27AFF68D4804} [2011.02.04 22:13:19 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Roaming\GameRanger [2011.02.03 16:42:58 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{35DAC40E-9CDD-4BF5-AFCD-E13137C41EFF} [2011.02.02 20:27:36 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype [2011.02.02 20:27:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.02.01 10:43:49 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{0C795070-0DB4-45B5-A585-148D317DF9EC} [2011.01.31 20:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey [2011.01.31 20:13:20 | 000,000,000 | ---D | C] -- C:\Programme\AutoHotkey [2011.01.31 15:40:46 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\Save-EE [2011.01.31 15:36:55 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Roaming\Save-EE [2011.01.31 12:03:21 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{ADB800A0-89EC-45A5-A176-EAA68A2D3D94} [2011.01.30 11:11:17 | 000,000,000 | ---D | C] -- C:\Users\Emre\AppData\Local\{D280B5AF-EDEE-4FE5-B143-A2477A9A39EA} [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.02.28 21:25:05 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2011.02.28 21:21:25 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.02.28 21:21:25 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.02.28 21:12:26 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Emre\Desktop\OTL.exe [2011.02.28 21:11:04 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.02.28 13:52:10 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.02.28 13:38:41 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8579ADB6-98F4-4D4B-AFA5-D2FFFA62F856}.job [2011.02.28 13:21:57 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.02.28 13:21:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.02.28 13:21:09 | 3487,748,096 | -HS- | M] () -- C:\hiberfil.sys [2011.02.27 16:35:45 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.02.27 14:28:16 | 000,006,442 | ---- | M] () -- C:\Users\Emre\.recently-used.xbel [2011.02.24 15:52:00 | 000,000,680 | ---- | M] () -- C:\Users\Emre\AppData\Local\d3d9caps.dat [2011.02.21 21:04:45 | 000,000,209 | ---- | M] () -- C:\Users\Emre\Desktop\Killing Floor Beta Dedicated Server.url [2011.02.21 19:55:41 | 000,043,520 | ---- | M] () -- C:\Users\Emre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.02.15 21:10:16 | 000,000,214 | ---- | M] () -- C:\Users\Emre\Desktop\Killing Floor SDK.url [2011.02.14 20:15:31 | 000,000,800 | ---- | M] () -- C:\Users\Emre\Desktop\Steam.lnk [2011.02.14 20:08:26 | 000,000,215 | ---- | M] () -- C:\Users\Emre\Desktop\Defence Alliance 2.url [2011.02.14 19:22:19 | 000,000,214 | ---- | M] () -- C:\Users\Emre\Desktop\Killing Floor.url [2011.02.09 13:10:05 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.02.09 13:10:05 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.02.09 13:10:05 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.02.09 13:10:05 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.02.09 13:02:41 | 000,332,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.02.05 23:39:52 | 000,000,361 | ---- | M] () -- C:\Users\Emre\SciTE.session [2011.02.05 19:04:56 | 000,000,023 | ---- | M] () -- C:\Users\Emre\Desktop\Klick.ahk [2011.02.04 22:13:30 | 000,000,993 | ---- | M] () -- C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2011.02.04 22:13:30 | 000,000,979 | ---- | M] () -- C:\Users\Emre\Desktop\GameRanger.lnk [2011.02.04 16:33:00 | 000,000,564 | ---- | M] () -- C:\Users\Emre\Desktop\Spam.ahk [2011.02.02 20:27:36 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2011.02.02 17:11:20 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2011.01.31 22:53:37 | 000,000,697 | ---- | M] () -- C:\Users\Emre\Desktop\Samp.ahk [2011.01.31 22:13:09 | 000,000,198 | ---- | M] () -- C:\Users\Emre\Desktop\Bla.ahk [2011.01.31 20:32:00 | 000,000,850 | ---- | M] () -- C:\Users\Emre\Desktop\AutoHotkey.lnk [2011.01.31 20:13:44 | 000,001,352 | ---- | M] () -- C:\Users\Emre\Documents\AutoHotkey.ahk [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.02.27 16:35:45 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.02.27 14:28:16 | 000,006,442 | ---- | C] () -- C:\Users\Emre\.recently-used.xbel [2011.02.21 21:04:45 | 000,000,209 | ---- | C] () -- C:\Users\Emre\Desktop\Killing Floor Beta Dedicated Server.url [2011.02.15 21:10:16 | 000,000,214 | ---- | C] () -- C:\Users\Emre\Desktop\Killing Floor SDK.url [2011.02.14 20:15:31 | 000,000,800 | ---- | C] () -- C:\Users\Emre\Desktop\Steam.lnk [2011.02.14 20:08:26 | 000,000,215 | ---- | C] () -- C:\Users\Emre\Desktop\Defence Alliance 2.url [2011.02.14 19:22:19 | 000,000,214 | ---- | C] () -- C:\Users\Emre\Desktop\Killing Floor.url [2011.02.05 18:40:44 | 000,000,023 | ---- | C] () -- C:\Users\Emre\Desktop\Klick.ahk [2011.02.04 22:13:30 | 000,000,993 | ---- | C] () -- C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2011.02.04 22:13:30 | 000,000,979 | ---- | C] () -- C:\Users\Emre\Desktop\GameRanger.lnk [2011.02.04 22:13:30 | 000,000,965 | ---- | C] () -- C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk [2011.02.04 16:31:02 | 000,000,564 | ---- | C] () -- C:\Users\Emre\Desktop\Spam.ahk [2011.01.31 22:09:51 | 000,000,198 | ---- | C] () -- C:\Users\Emre\Desktop\Bla.ahk [2011.01.31 20:33:13 | 000,000,697 | ---- | C] () -- C:\Users\Emre\Desktop\Samp.ahk [2011.01.31 20:32:00 | 000,000,850 | ---- | C] () -- C:\Users\Emre\Desktop\AutoHotkey.lnk [2011.01.31 20:13:44 | 000,001,352 | ---- | C] () -- C:\Users\Emre\Documents\AutoHotkey.ahk [2010.11.07 11:01:39 | 000,110,788 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2010.10.06 14:59:28 | 000,000,604 | ---- | C] () -- C:\Users\Emre\AppData\Roaming\wklnhst.dat [2010.08.30 19:55:18 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll [2009.12.13 12:01:14 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2009.11.14 19:52:34 | 000,000,067 | ---- | C] () -- C:\Windows\SpeedGear.INI [2009.07.24 20:02:55 | 000,155,648 | ---- | C] () -- C:\Windows\System32\nY.exe [2009.07.14 19:31:45 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.07.14 19:31:44 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.07.14 08:14:25 | 000,089,430 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2009.07.14 08:14:25 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2009.07.14 08:14:25 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2009.07.14 08:14:25 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2009.07.14 08:14:25 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2009.07.14 08:14:25 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2009.07.14 08:14:25 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2009.07.14 08:14:25 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2009.07.14 08:14:25 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2009.07.14 08:14:25 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2009.07.14 08:14:25 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2009.07.14 08:14:25 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2009.07.14 08:14:25 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2009.07.14 08:14:25 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2009.07.14 08:14:25 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2009.07.14 08:14:25 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2009.07.14 08:14:25 | 000,000,099 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2009.07.14 08:04:38 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX4200EFGIPSD.ini [2009.07.14 08:00:49 | 000,000,680 | ---- | C] () -- C:\Users\Emre\AppData\Local\d3d9caps.dat [2009.06.24 21:55:56 | 000,081,984 | ---- | C] () -- C:\Windows\System32\bdod.bin [2009.06.15 14:19:43 | 000,017,089 | ---- | C] () -- C:\Users\Emre\AppData\Roaming\UserTile.png [2009.05.31 14:36:33 | 000,000,807 | ---- | C] () -- C:\Windows\Ssc.INI [2009.05.29 14:44:52 | 000,108,068 | ---- | C] () -- C:\Windows\War3Unin.dat [2009.04.26 12:44:10 | 000,037,416 | ---- | C] () -- C:\Windows\DIIUnin.dat [2009.04.07 12:26:44 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2009.04.07 12:26:44 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2009.04.07 12:26:44 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2009.03.27 19:58:30 | 000,043,520 | ---- | C] () -- C:\Users\Emre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.03.26 20:19:08 | 000,053,248 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009.03.26 18:38:35 | 000,000,403 | ---- | C] () -- C:\Windows\SIERRA.INI [2009.03.26 18:07:52 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.03.26 18:06:24 | 000,003,942 | ---- | C] () -- C:\Windows\mozver.dat [2009.02.26 14:50:09 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009.01.22 12:33:38 | 000,000,030 | ---- | C] () -- C:\Windows\System32\drivers\version.dat [2009.01.20 23:18:53 | 000,628,504 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.01.20 23:18:53 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.01.20 23:18:53 | 000,126,248 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.01.20 23:18:53 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.01.20 14:50:06 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.10.22 04:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007.06.05 13:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\System32\PSIService.exe [2007.03.29 22:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,332,752 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005.02.25 05:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL ========== LOP Check ========== [2009.06.24 21:31:30 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\BitDefender [2009.12.26 13:56:59 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\DAEMON Tools Lite [2010.11.27 17:14:23 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\Dev-Cpp [2011.02.04 22:13:29 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\GameRanger [2011.01.30 16:23:38 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\gtk-2.0 [2011.02.27 21:46:33 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\ICQ [2010.06.30 17:15:43 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\LolClient [2010.01.27 12:41:32 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\Mumble [2009.08.10 18:50:39 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\Nokia [2010.03.13 13:16:11 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\Nokia Multimedia Player [2010.10.17 17:47:26 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\OpenOffice.org [2009.07.27 19:04:56 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\PC Suite [2009.06.15 14:19:42 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\PeerNetworking [2009.03.28 14:58:12 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\Petroglyph [2011.02.01 20:38:13 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\Save-EE [2010.10.01 16:55:04 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\Soldat [2010.10.19 18:26:14 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\Sony [2010.06.13 17:27:21 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\SpeedSim [2010.10.23 17:07:50 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\TeamViewer [2009.09.22 18:45:25 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\Teeworlds [2010.10.06 14:59:30 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\Template [2010.05.30 16:50:00 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\TS3Client [2009.12.26 14:09:56 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\Ubisoft [2011.02.07 17:21:25 | 000,000,000 | ---D | M] -- C:\Users\Emre\AppData\Roaming\Windows Live Writer [2011.02.27 22:57:15 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.02.28 13:38:41 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{8579ADB6-98F4-4D4B-AFA5-D2FFFA62F856}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:D1B5B4F1 < End of report > |
|
| Themen zu Computer Infiziert? |
| anti-malware, bösartige, client, compu, computer, dateien, desktop, downloader, explorer, gefunde, gescannt, infiziert, infiziert?, loader, logdatei, malwarebytes, minute, pc infiziert, plagegeister aller art und deren bekämpfung, service, stunde, troja, trojandownloader, users, version, verzeichnisse, vollständige, vollständiger |
Hybrid-Darstellung
