Werbung rechts unten, falsche Weiterleitung

Vrael · 26.05.2012, 12:18

Hallo

Ich habe ein sehr ähnliches Problem wie das in dem Thread beschrieben: http://www.trojaner-board.de/114906-...leitungen.html

Wenn ich meine Browser(Firefox) öffne tauchen nach wenigen Minuten wiederholt rechts unten Kästchen (weißer Hintergrund, schwarz umrandet, schwarze Schrift) auf. In denen irgendwelche Werbung steht. Sobald ich dann auf irgendeinen Link klicke, werde ich falsch Weitergeleitet und dann werde ich gefragt ob ich die Wall2Go.exe downloaden will.
Nachdem ich weitergeleitet wurde, kommt das Kästchen so lange nicht mehr bis ich meinen Pc neu starte.

Dies passiert nur bei meinem Internet zuhause. Als ich aber die Woche im Internat surfte, kam kein einziges mal dieses Kästchen. Im Internat muss ich mich mit einem Benutzernamen und einem pw einloggen.

Ich hatte noch nie einen Virus oder Ähnliches auf meinem pc deshalb habe ich auch keine Ahnung von irgendwelchen Malwarescanns, Logfiles usw.

Hoffe ihr könnt mir helfen.

kira · 26.05.2012, 21:14

Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du durch [X] oder Sternchen (*) ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware Lade Dir Malwarebytes Anti-Malware → von hier herunter

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

3.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:

Download den CCleaner herunter
Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw

gruß
kira

Vrael · 29.05.2012, 13:48

Code:

ATTFilter

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.05.28.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Ich :: PARANOID [Administrator]

29.05.2012 12:11:48
mbam-log-2012-05-29 (12-11-48).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 456313
Laufzeit: 1 Stunde(n), 57 Minute(n), 50 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 14
C:\Users\Ich\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\1000000600002i\verclsid.exe (Trojan.IRCBot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ich\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\10000006e00002i\SearchIndexer.exe (Trojan.IRCBot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ich\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\1000000800002i\svchost.exe (Trojan.IRCBot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ich\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\1000000900003i\imjppdmg.exe (Trojan.IRCBot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ich\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\1000000e00002i\rundll32.exe (Trojan.IRCBot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ich\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\30000000111800002i\EXCEL.EXE (Trojan.IRCBot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ich\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\300000002ca00002i\OffDiag.exe (Trojan.IRCBot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ich\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\300000003f00002i\CLVIEW.EXE (Trojan.IRCBot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ich\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\30000000d900002i\DW20.EXE (Trojan.IRCBot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ich\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\4000001b00002i\E_FARNBVE.EXE (Trojan.IRCBot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ich\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\4000002500002i\E_FAMTBVE.EXE (Trojan.IRCBot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ich\Documents\Spiele\Alcohol 120\Langs\AX_RU.dll (Malware.Packer.GenX) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ich\Downloads\SoftonicDownloader_for_origin.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\System32\drivers\str.sys (Rootkit.Agent) -> Löschen bei Neustart.

(Ende)

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 29.05.2012 14:28:15 - Run 1
OTL by OldTimer - Version 3.2.44.0     Folder = C:\Users\Ich\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 60,16% Memory free
6,21 Gb Paging File | 4,94 Gb Available in Paging File | 79,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,32 Gb Total Space | 76,09 Gb Free Space | 26,39% Space Free | Partition Type: NTFS
 
Computer Name: PARANOID | User Name: Ich | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Ich\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Ich\AppData\Local\Temp\DATAAC4.tmp.exe ()
PRC - C:\Users\Ich\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net)
PRC - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Users\Ich\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerEvent.exe (Acer Incorporated)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Programme\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Programme\Apoint2K\Hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Programme\Acer\WR_PopUp\AcerRegTool.exe (Acer)
PRC - C:\Programme\Acer\WR_PopUp\ProductReg.exe (Acer)
PRC - C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
PRC - C:\Windows\PLFSetI.exe ()
PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Users\Ich\Documents\Spiele\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Users\Ich\Desktop\Schui\DBSY\OracleXE\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\fecd1103dd16dc1192402770caf56575\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\TortoiseSVN\bin\libsasl32.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3314.38784__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3314.38856__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3314.38823__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3314.38769__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3314.38785__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3314.38856__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3314.38857__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3314.38823__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3314.38836__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3314.38776__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3314.38817__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3314.38822__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3314.38855__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3314.38781__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3314.38805__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3314.38776__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3314.38808__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3314.38777__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3314.38786__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3314.38803__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3314.38806__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3314.38831__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3314.38816__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3314.38789__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3314.38785__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3314.38815__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3314.38807__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3314.38806__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3314.38789__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3314.38807__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3314.38815__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3314.38816__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3314.38881__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3314.38864__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3294.18784__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3314.38766__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3314.38773__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3314.38846__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3314.38780__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3314.38851__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3314.38768__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3314.38767__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3314.38849__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3314.38767__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3314.38769__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3314.38766__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3314.38850__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Programme\Launch Manager\PowerUtl.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (omgrmvwllrywwhf) -- C:\Users\Ich\AppData\Local\Temp\DATAAC4.tmp.exe ()
SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_6c825ce.dll ()
SRV - (PassThru Service) -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (NetTcpPortSharing) -- c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (MSSQLServerADHelper100) -- c:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe (Microsoft Corporation)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (SQLAgent$SQLEXPRESS) SQL Server-Agent (SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (Mcx2Svc) -- C:\Windows\System32\Mcx2Svc.dll (Microsoft Corporation)
SRV - (RemoteAccess) -- C:\Windows\System32\mprdim.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (StarWindServiceAE) -- C:\Users\Ich\Documents\Spiele\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (OracleXEClrAgent) -- C:\Users\Ich\Desktop\Schui\DBSY\OracleXE\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe ()
SRV - (OracleXETNSListener) -- C:\Users\Ich\Desktop\Schui\DBSY\OracleXE\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe ()
SRV - (OracleMTSRecoveryService) -- C:\Users\Ich\Desktop\Schui\DBSY\OracleXE\app\oracle\product\10.2.0\server\BIN\omtsreco.exe (Oracle Corporation)
SRV - (OracleJobSchedulerXE) -- c:\users\ich\desktop\schui\dbsy\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe ()
SRV - (OracleServiceXE) -- c:\users\ich\desktop\schui\dbsy\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE (Oracle Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (abvgfte7) --  File not found
DRV - (a85qiy90) --  File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (htcnprot) -- C:\Windows\System32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV - (VSPerfDrv100) -- C:\Users\Ich\Desktop\Schui\3 Schuljahr\PPM\M Visual Studio\Team Tools\Performance Tools\VSPerfDrv100.sys (Microsoft Corporation)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (udfs) -- C:\Windows\System32\drivers\udfs.sys (Microsoft Corporation)
DRV - (RsFx0103) -- C:\Windows\System32\drivers\RsFx0103.sys (Microsoft Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.)
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (ws2ifsl) -- C:\Windows\System32\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV - (MegaSR) -- C:\Windows\System32\drivers\MegaSR.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\System32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\System32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\System32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\System32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (SiSRaid2) -- C:\Windows\System32\drivers\sisraid2.sys (Microsoft Corporation)
DRV - (HpCISSs) -- C:\Windows\System32\drivers\HpCISSs.sys (Hewlett-Packard Company)
DRV - (circlass) -- C:\Windows\System32\drivers\circlass.sys (Microsoft Corporation)
DRV - (adpahci) -- C:\Windows\System32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\System32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\System32\drivers\ql2300.sys (QLogic Corporation)
DRV - (arcsas) -- C:\Windows\System32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (Wd) -- C:\Windows\System32\drivers\wd.sys (Microsoft Corporation)
DRV - (iaStorV) -- C:\Windows\System32\drivers\iaStorV.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\System32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\System32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\System32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\System32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\System32\drivers\arc.sys (Adaptec, Inc.)
DRV - (kbdhid) -- C:\Windows\System32\drivers\kbdhid.sys (Microsoft Corporation)
DRV - (sffdisk) -- C:\Windows\System32\drivers\sffdisk.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\System32\drivers\elxstor.sys (Emulex)
DRV - (IPMIDRV) -- C:\Windows\System32\drivers\IPMIDrv.sys (Microsoft Corporation)
DRV - (adp94xx) -- C:\Windows\System32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\System32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (msdsm) -- C:\Windows\System32\drivers\msdsm.sys (Microsoft Corporation)
DRV - (sdbus) -- C:\Windows\System32\drivers\sdbus.sys (Microsoft Corporation)
DRV - (ohci1394) -- C:\Windows\System32\drivers\ohci1394.sys (Microsoft Corporation)
DRV - (nvstor) -- C:\Windows\System32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\System32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (mpio) -- C:\Windows\System32\drivers\mpio.sys (Microsoft Corporation)
DRV - (fdc) -- C:\Windows\System32\drivers\fdc.sys (Microsoft Corporation)
DRV - (flpydisk) -- C:\Windows\System32\drivers\flpydisk.sys (Microsoft Corporation)
DRV - (sermouse) -- C:\Windows\System32\drivers\sermouse.sys (Microsoft Corporation)
DRV - (pcmcia) -- C:\Windows\System32\drivers\pcmcia.sys (Microsoft Corporation)
DRV - (i2omp) -- C:\Windows\System32\drivers\i2omp.sys (Microsoft Corporation)
DRV - (rdpdr) -- C:\Windows\System32\drivers\rdpdr.sys (Microsoft Corporation)
DRV - (isapnp) -- C:\Windows\System32\drivers\isapnp.sys (Microsoft Corporation)
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys (Microsoft Corporation)
DRV - (AmdK8) -- C:\Windows\System32\drivers\amdk8.sys (Microsoft Corporation)
DRV - (ViaC7) -- C:\Windows\System32\drivers\viac7.sys (Microsoft Corporation)
DRV - (AmdK7) -- C:\Windows\System32\drivers\amdk7.sys (Microsoft Corporation)
DRV - (Processor) -- C:\Windows\System32\drivers\processr.sys (Microsoft Corporation)
DRV - (Crusoe) -- C:\Windows\System32\drivers\crusoe.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\System32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\System32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (intelide) -- C:\Windows\System32\drivers\intelide.sys (Microsoft Corporation)
DRV - (amdide) -- C:\Windows\System32\drivers\amdide.sys (Microsoft Corporation)
DRV - (aliide) -- C:\Windows\System32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (pciide) -- C:\Windows\System32\drivers\pciide.sys (Microsoft Corporation)
DRV - (ErrDev) -- C:\Windows\System32\drivers\errdev.sys (Microsoft Corporation)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ql40xx) -- C:\Windows\System32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\System32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\System32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\System32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (sbp2port) -- C:\Windows\System32\drivers\sbp2port.sys (Microsoft Corporation)
DRV - (aic78xx) -- C:\Windows\System32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\System32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\System32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\System32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\System32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\System32\drivers\Mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\System32\drivers\sym_hi.sys (LSI Logic)
DRV - (BTHMODEM) -- C:\Windows\System32\drivers\bthmodem.sys (Microsoft Corporation)
DRV - (HidBth) -- C:\Windows\System32\drivers\hidbth.sys (Microsoft Corporation)
DRV - (usbcir) eHome Infrared Receiver (USBCIR) -- C:\Windows\System32\drivers\usbcir.sys (Microsoft Corporation)
DRV - (usbohci) -- C:\Windows\System32\drivers\usbohci.sys (Microsoft Corporation)
DRV - (HidIr) -- C:\Windows\System32\drivers\hidir.sys (Microsoft Corporation)
DRV - (WacomPen) -- C:\Windows\System32\drivers\wacompen.sys (Microsoft Corporation)
DRV - (sfloppy) -- C:\Windows\System32\drivers\sfloppy.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\drivers\BrSerId.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\System32\drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\System32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&s=2&o=vp32&d=0809&m=aspire_7735
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&s=2&o=vp32&d=0809&m=aspire_7735
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&s=2&o=vp32&d=0809&m=aspire_7735
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deAT345AT345
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7ACAW_deAT345AT345&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://euw.leagueoflegends.com/de/news"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..network.proxy.http: "204.93.211.219"
FF - prefs.js..network.proxy.http_port: 80
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.07 18:14:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.09 16:16:56 | 000,000,000 | ---D | M]
 
[2009.09.18 17:11:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ich\AppData\Roaming\mozilla\Extensions
[2012.05.19 13:43:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ich\AppData\Roaming\mozilla\Firefox\Profiles\dop2wgbc.default\extensions
[2012.01.30 19:36:50 | 000,001,976 | ---- | M] () -- C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\dop2wgbc.default\searchplugins\duckduckgo.xml
[2011.12.14 15:15:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.01.06 16:29:18 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\ICH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DOP2WGBC.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.01.07 18:14:37 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.05.09 16:16:50 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.09 16:16:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.05.09 16:16:50 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.20 16:38:41 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.05.09 16:16:50 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.05.09 16:16:50 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.09 16:16:50 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.05.18 17:23:58 | 000,001,392 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 69.10.57.36 www.google-analytics.com.
O1 - Hosts: 69.10.57.36 ad-emea.doubleclick.net.
O1 - Hosts: 69.10.57.36 www.statcounter.com.
O1 - Hosts: 108.163.215.51 www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51 www.statcounter.com.
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Programme\BearShareTb\BearShareDx.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Users\Ich\Desktop\Schui\3 Schuljahr\PPM\M Visual Studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Programme\BearShareTb\BearShareDx.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Ich\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\Ich\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm File not found
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Ich\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86275D55-90FA-4A47-B298-0D7F316658AA}: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABF8E6ED-C845-4058-BDA8-ECCE7A08E4A4}: DhcpNameServer = 10.0.0.138 10.0.0.138
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Ich\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Ich\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{19325e3a-713d-11de-8e27-001f16bb02f5}\Shell - "" = AutoRun
O33 - MountPoints2\{19325e3a-713d-11de-8e27-001f16bb02f5}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{79ae567f-c30e-11de-bf2b-001f16bb02f5}\Shell - "" = AutoRun
O33 - MountPoints2\{79ae567f-c30e-11de-bf2b-001f16bb02f5}\Shell\AutoRun\command - "" = E:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{79ae567f-c30e-11de-bf2b-001f16bb02f5}\Shell\dinstall\command - "" = E:\Directx\dxsetup.exe
O33 - MountPoints2\{a963f4fa-9be5-11df-b754-001f16bb02f5}\Shell - "" = AutoRun
O33 - MountPoints2\{a963f4fa-9be5-11df-b754-001f16bb02f5}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2099.07.25 23:10:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2096.07.25 18:09:16 | 000,000,000 | ---D | C] -- C:\Users\Ich\AppData\Roaming\Avira
[2096.07.25 18:04:30 | 000,000,000 | ---D | C] -- C:\Users\Ich\AppData\Roaming\WinRAR
[2012.05.29 14:25:37 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Ich\Desktop\OTL.exe
[2012.05.28 23:17:28 | 000,000,000 | ---D | C] -- C:\Users\Ich\AppData\Roaming\Malwarebytes
[2012.05.28 23:17:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
[2012.05.28 23:17:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.28 23:17:04 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.05.28 23:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\ Malwarebytes Anti-Malware 
[2012.05.27 00:41:40 | 000,000,000 | ---D | C] -- C:\Users\Ich\Documents\Diablo III
[2012.05.26 23:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012.05.24 20:52:07 | 000,000,000 | ---D | C] -- C:\Users\Ich\AppData\Roaming\LolClient2
[2012.05.19 21:37:06 | 000,000,000 | ---D | C] -- C:\Users\Ich\AppData\Roaming\Google
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.29 14:25:41 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Ich\Desktop\OTL.exe
[2012.05.29 14:25:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.05.29 14:16:12 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.05.29 14:15:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\str.sys
[2012.05.29 14:15:46 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.29 14:15:46 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.29 14:15:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.29 14:15:36 | 3215,814,656 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.28 23:17:06 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.27 00:10:19 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012.05.25 13:23:47 | 000,748,278 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.05.25 13:23:47 | 000,707,268 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.25 13:23:47 | 000,174,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.05.25 13:23:47 | 000,148,242 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.19 21:33:46 | 000,006,836 | ---- | M] () -- C:\Users\Ich\AppData\Local\d3d9caps.dat
[2012.05.18 17:23:58 | 000,001,392 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2099.07.25 23:10:10 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2099.07.25 23:09:47 | 000,001,312 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2012.05.29 14:15:50 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\str.sys
[2012.05.28 23:17:06 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.26 23:29:20 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2011.10.13 18:33:03 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll
[2011.08.02 20:01:05 | 000,000,058 | ---- | C] () -- C:\Users\Ich\AppData\Roaming\you.bmp
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.09.27 22:05:37 | 000,095,332 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:B203B914
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:131C0EE9
@Alternate Data Stream - 226 bytes -> C:\ProgramData\Temp:54D4173A
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1982A23
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:814B9485
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:3B3A35EC
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:35759C73
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:ADE16379
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:4F636E25
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:3064D21D
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:9E22BBE8
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:DCAF903C
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:B623B5B8
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:CE0A077E
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:BB24555F
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:8750DCE4

< End of report >

Vrael · 29.05.2012, 13:49

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 29.05.2012 14:28:15 - Run 1
OTL by OldTimer - Version 3.2.44.0     Folder = C:\Users\Ich\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 60,16% Memory free
6,21 Gb Paging File | 4,94 Gb Available in Paging File | 79,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,32 Gb Total Space | 76,09 Gb Free Space | 26,39% Space Free | Partition Type: NTFS
 
Computer Name: PARANOID | User Name: Ich | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- F:\Install\Photoshop 2\Adobe Bridge CS5\Bridge.exe "%L"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08644B19-492D-45B4-A7CB-64CCB712AEC8}" = lport=6992 | protocol=17 | dir=in | name=league of legends launcher | 
"{0A2BCEA2-B266-429D-8BE3-D86C8EF6F349}" = lport=6904 | protocol=6 | dir=in | name=league of legends launcher | 
"{0A5816EF-7998-4B8C-BAF7-E41B2B69449E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{12E84B4B-C904-452E-A627-F8559C0672B5}" = lport=6888 | protocol=17 | dir=in | name=league of legends launcher | 
"{15AFC066-6D5C-42C4-9CCC-879880DF956A}" = lport=6893 | protocol=6 | dir=in | name=league of legends launcher | 
"{15E87E4A-06CC-4028-B630-12ECD0CF4C77}" = lport=6969 | protocol=6 | dir=in | name=league of legends launcher | 
"{1679AF5F-E031-4050-9302-45DF1F2ECE1F}" = lport=6909 | protocol=17 | dir=in | name=league of legends launcher | 
"{181E20BF-5160-46BC-A3C4-60638A3C2B27}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby | 
"{2314A85C-2F61-4FB9-AB4B-65CA35649BC7}" = lport=6997 | protocol=17 | dir=in | name=league of legends launcher | 
"{2E274778-E5CD-4E08-A367-B725FF885BC7}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher | 
"{2F65B46C-0CD3-4F2C-8AB5-EF8CF4BC3BC1}" = lport=6959 | protocol=17 | dir=in | name=league of legends launcher | 
"{2FE0D24D-D76A-4B49-88AB-C024BD61DFD7}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher | 
"{30E46529-58E8-4BB8-B945-D7BC1E26987F}" = lport=6933 | protocol=6 | dir=in | name=league of legends launcher | 
"{358D9F5C-1769-40FD-BF83-99DFBA5E43D0}" = lport=6933 | protocol=17 | dir=in | name=league of legends launcher | 
"{39603B91-35DE-47AC-9E4E-675D246A9A1F}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client | 
"{40716234-0AFF-4376-9C11-40353CF4FF24}" = lport=6921 | protocol=17 | dir=in | name=league of legends launcher | 
"{47907778-19B0-4A91-99C0-1E2E1F1C5296}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher | 
"{4B910067-E92A-49C1-A762-8725134EA312}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | 
"{4BDF6D1D-E93E-49AD-B248-17C3156AF977}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher | 
"{4BFE9F10-D9CA-4184-B03D-DFA529378F92}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{4F11256A-03A5-414A-8A7E-8FC1E41D9272}" = lport=6985 | protocol=17 | dir=in | name=league of legends launcher | 
"{543771DF-84DA-4763-B9EC-E53845C1E226}" = lport=6956 | protocol=6 | dir=in | name=league of legends launcher | 
"{565640D3-0D2B-4870-B227-C25A7D35C4C9}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | 
"{5CB222DB-E46D-497E-B8AF-177B24CAB6F3}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher | 
"{5F138E99-F9B6-4734-92CC-D6B13A7E6921}" = lport=6892 | protocol=6 | dir=in | name=league of legends launcher | 
"{6388F73A-DBDB-4DB8-A04B-C9A6A9D3A482}" = lport=6905 | protocol=17 | dir=in | name=league of legends launcher | 
"{66976E93-342E-4556-8E24-3B35548D8BD7}" = lport=6112 | protocol=17 | dir=in | name=titanquestit | 
"{6F9B4505-2678-4618-A237-170CF449C19F}" = lport=6904 | protocol=17 | dir=in | name=league of legends launcher | 
"{709CFCF2-B995-459C-B56A-3BDD7257F79B}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher | 
"{75797008-B252-4AA4-8D25-86E1685DDE7E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7A060A5F-8B35-48F4-B72E-605423168DAB}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher | 
"{7AC0EA4E-990C-450E-A056-D9B86524D3C9}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | 
"{7B1838F9-B901-4A35-8346-36923A49A3B3}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby | 
"{7CF64834-9E9B-4C43-9183-595B2211B36C}" = lport=6893 | protocol=17 | dir=in | name=league of legends launcher | 
"{7DE0A7C5-DE64-48A6-AD25-C9C9550A88D0}" = lport=6997 | protocol=6 | dir=in | name=league of legends launcher | 
"{7EC66916-2D1F-4B64-8899-29B05021CF59}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client | 
"{829FB25D-6874-4CFA-A5E4-C9796EB35B49}" = lport=6921 | protocol=6 | dir=in | name=league of legends launcher | 
"{84706318-462D-47BF-858F-0892C909DE37}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | 
"{87E81F27-EB6B-40A7-A574-7CA205CBB2C9}" = lport=6909 | protocol=6 | dir=in | name=league of legends launcher | 
"{8956A76E-CC1A-4CB3-9F95-7F7917020A41}" = lport=6892 | protocol=17 | dir=in | name=league of legends launcher | 
"{8E5B5CB0-FF0D-4868-8D0C-2A8D0C3D25B9}" = lport=6986 | protocol=6 | dir=in | name=league of legends launcher | 
"{924FF15D-DD47-4A77-B947-045517229DC5}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{96629EA3-EF8E-45B6-A383-57F6547F2EA2}" = lport=6888 | protocol=6 | dir=in | name=league of legends launcher | 
"{99C2450F-E428-40FE-9DEC-9DC3729ED491}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{A59A9926-987A-4532-B48C-56BAF9E26573}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A9992E7D-A7F2-4D12-91CE-054F4E59527D}" = lport=6956 | protocol=17 | dir=in | name=league of legends launcher | 
"{AA6041AC-CE58-46E7-87CC-3145085634DD}" = lport=6959 | protocol=6 | dir=in | name=league of legends launcher | 
"{B9F08D33-A45D-4EDB-B6DA-B97610B26385}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | 
"{BA30DCE8-2D74-4A1E-A33B-BF8536F899D9}" = lport=6985 | protocol=6 | dir=in | name=league of legends launcher | 
"{BBE52E0C-48F5-4B61-89E0-C81C9B88E7CF}" = lport=6986 | protocol=17 | dir=in | name=league of legends launcher | 
"{C094DA44-7C02-4895-9162-17A1EE8B3616}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{C0CB2BD4-4FD3-4B2E-8884-57B96A1A8D2D}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | 
"{C5BA3977-4624-4480-90C1-8EBD7AF37EB9}" = lport=6969 | protocol=17 | dir=in | name=league of legends launcher | 
"{CD19C0EF-F9EA-4655-AA4E-ADA6BE4E1B57}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | 
"{D20681E6-A524-44A8-9B00-D37412D8D3B2}" = lport=6929 | protocol=6 | dir=in | name=league of legends launcher | 
"{DC5038E8-CEF0-406C-BF6E-FC1A14F9F07E}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher | 
"{DE81AFCD-E0EA-4A59-8CC5-0AC4B4A5D8E1}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher | 
"{DFFBB5D2-51EC-42D3-9A18-0D0CCE7A3AB9}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | 
"{E02F2E3C-65EA-459F-819F-688B0D5C7E26}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{E0A967E9-DF0C-476B-9233-CC168FD50D6B}" = lport=6905 | protocol=6 | dir=in | name=league of legends launcher | 
"{E14F43E2-0188-4DA8-8F73-011961758B5A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EB066731-22CC-4520-803F-A34E50F4130C}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{EEADD37A-2D8D-4D5D-92A2-DA42169B20CA}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | 
"{F39E00C6-0518-48A0-B363-76D24E729CB7}" = lport=6929 | protocol=17 | dir=in | name=league of legends launcher | 
"{FD51D53C-0692-40E5-B6D4-6339D603640C}" = lport=6992 | protocol=6 | dir=in | name=league of legends launcher | 
"{FF78947F-C461-4AD3-B330-36EEDC9324E6}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0409B159-2674-4EAE-8155-E99A02D58A99}" = protocol=17 | dir=in | app=c:\users\ich\desktop\games\diablo iii\diablo iii.exe | 
"{0AD63CA4-E4FB-4FCB-9EE2-9E7B8D955EB7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{0BBB8AD8-97C8-4A6C-B924-FA9743193C19}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{0EDA7F05-269E-4C6E-9B58-B4B74A6633E2}" = protocol=17 | dir=in | app=c:\program files\league of legends\lol.launcher.exe | 
"{119DF9E7-8463-49ED-A528-F2BAD2254574}" = protocol=17 | dir=in | app=h:\spiele\install\ep1\game.dat | 
"{155C3FF4-66A0-413F-BA25-B2CA4FCA9D0E}" = protocol=17 | dir=in | app=i:\spiele\install\ut3\binaries\ut3.exe | 
"{192D0313-83B8-436D-A0CF-9B29F644B3E3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe | 
"{19ED362A-9A09-4BFE-BE41-1846B83F0F47}" = protocol=6 | dir=in | app=c:\users\ich\appdata\local\akamai\netsession_win.exe | 
"{1B48C309-0A8C-4C33-8A04-E63A7C96A04C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{1CC3DEF9-0411-45AA-B359-30F4E39C7E8C}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{21AA25FA-864A-4CD4-B9F5-23753E15CE69}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{22E257E9-6F0F-4C7F-9F2F-5B1B1EAA936D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{2A94C55C-0D91-4DAA-8466-E73620AEED5E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe | 
"{37E038DB-5006-4FDE-9527-60B684E7E498}" = protocol=17 | dir=in | app=h:\wow\wow-3.2.0-dede-downloader.exe | 
"{3D9C9847-E9D5-4077-91FA-23AC5CF7D793}" = protocol=17 | dir=in | app=c:\users\ich\appdata\roaming\dropbox\bin\dropbox.exe | 
"{40A2D729-532A-4F1C-A849-4ADCAF6831F7}" = protocol=6 | dir=in | app=h:\wow\wow-3.2.0-dede-downloader.exe | 
"{42191AE7-3302-45B9-B2EB-6E86C60ADB53}" = protocol=6 | dir=in | app=c:\program files\diablo iii beta\diablo iii.exe | 
"{4402DD63-92A1-4298-B39C-DF3856A5C25E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{4421A389-8320-4BFD-960E-BF3151E73879}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{44313369-55A3-4DAD-880E-2106C1031AB1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{45BD0013-E876-48D2-9049-B8C0E47811CD}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{4665B0D9-F5A1-4F9C-BA68-56B7371E52A8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | 
"{4770EF5B-93E3-4810-8534-90E695CE5BEC}" = protocol=17 | dir=in | app=c:\users\ich\desktop\games\steam\steam.exe | 
"{48CE3910-60EF-4F8B-B57C-32A0139F1619}" = protocol=6 | dir=in | app=i:\spiele\install\anno2\anno4.exe | 
"{4A341173-7159-4F62-9872-F37C7A9BEBEB}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe | 
"{4B357338-1CD3-4BA7-974B-F9DD7285FF23}" = protocol=6 | dir=in | app=i:\spiele\install\anno\tools\anno4web.exe | 
"{4EBCEE84-857A-43DD-9AD9-F79B9B331EFB}" = protocol=6 | dir=in | app=c:\users\ich\desktop\games\diablo iii\diablo iii.exe | 
"{50563360-D4D5-42F8-9047-74F4BC391617}" = protocol=17 | dir=in | app=i:\spiele\install\anno\tools\anno4web.exe | 
"{50FD9AC4-4E90-4FFC-9D08-3BA8B43E16D6}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{51004D64-CC73-45E2-9EC0-E711BABE6E42}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | 
"{565654F8-F40D-4390-93C6-8058E1ACD914}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{590C0619-0518-4595-8DDF-19EF077A6A17}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{59D7ECC3-1D25-4D86-A5C5-E7571576410B}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{5EB952A5-BC2C-40AC-A685-AEC4F82F7006}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | 
"{61983184-AF43-471F-90D9-C7E135A78C26}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe | 
"{61C942E0-028B-4EB8-8353-0DA1E89C0B5F}" = protocol=6 | dir=in | app=h:\wow\wow-3.2.0-dede-downloader.exe | 
"{69137DF4-E833-4B3C-8F82-D824C2FD64B7}" = protocol=17 | dir=in | app=c:\users\ich\appdata\local\akamai\netsession_win.exe | 
"{6E3A109D-AC1A-485F-800A-32582D09EFA8}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | 
"{701FA810-B791-403A-8CFB-1CFA7D6EEAF0}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.0\sonarhost.exe | 
"{763F5E67-36E2-44FA-B037-B18A2F7547F6}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{79159A41-78A1-49B6-BECE-A851F0FC465A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | 
"{85174FCD-D0EE-4BA5-9986-7EE909328915}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{87023528-C612-4669-A24C-9DA1357BB25C}" = protocol=6 | dir=in | app=c:\users\ich\appdata\roaming\dropbox\bin\dropbox.exe | 
"{8A7E50EA-3858-4E4B-A35E-943EBEF24570}" = protocol=6 | dir=in | app=h:\wow\wow.exe | 
"{8BC55146-BE70-47BB-AD62-23901A2DF2E7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | 
"{8D514C19-9B7F-4B3D-9039-760270250D49}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{8E5C8759-A56C-4F05-A2E6-C2954CDE2070}" = protocol=6 | dir=in | app=h:\spiele\install\game.dat | 
"{96F227BA-E386-4BCC-8CD6-D6667C2067E8}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{9770E2E1-CD51-45EE-B8A5-0052B20FB0E9}" = protocol=6 | dir=in | app=c:\program files\league of legends\lol.launcher.exe | 
"{998CD03D-7FE7-4728-8DB8-B39CD761405B}" = protocol=6 | dir=in | app=i:\spiele\install\ut3\binaries\ut3.exe | 
"{A01BF305-018B-45EB-842E-813EECDB5722}" = protocol=6 | dir=in | app=c:\users\ich\desktop\games\steam\steam.exe | 
"{A1CC6282-ACF9-47FF-933E-74A4DEF1B96B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | 
"{A934EF41-DA4F-476A-9573-E338F90FD4CC}" = protocol=17 | dir=in | app=h:\spiele\install\game.dat | 
"{AE4AF426-0752-41FE-A533-F7886DE302D8}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{B28D6DA4-F9DB-46DA-8D15-F6597C3D67D5}" = protocol=17 | dir=in | app=i:\spiele\install\anno2\tools\anno4web.exe | 
"{B2F04533-6B04-4197-BD12-60564924DD9C}" = protocol=17 | dir=in | app=h:\wow\wow-3.2.0-dede-downloader.exe | 
"{B3093169-265A-48DC-BA0D-EC67266AD498}" = protocol=17 | dir=in | app=i:\spiele\install\anno2\anno4.exe | 
"{B35275BD-286A-4E9F-B156-AF4FF74F53BB}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{B439EF75-3F43-42FA-9ACD-54B1F17FAAC6}" = protocol=6 | dir=in | app=i:\spiele\install\anno2\tools\anno4web.exe | 
"{B4549094-CC98-47F1-8866-92239099E0E8}" = protocol=17 | dir=in | app=c:\program files\diablo iii beta\diablo iii.exe | 
"{B583EC83-FBC7-41B4-B306-03DB7A342114}" = protocol=6 | dir=in | app=i:\spiele\install\aoe3\age3.exe | 
"{BEA626B6-140C-4DC4-AD06-572D004D03BF}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
"{C19DF3E6-DB25-4ADC-909D-064AB8BCDF7C}" = protocol=17 | dir=in | app=i:\spiele\install\aoe3\age3.exe | 
"{C4954706-40A9-40BD-B429-E63FC6D717D0}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{C6CA4AC1-EF9A-4745-AF7F-BE05DA78F207}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{C9CA6B5D-1734-461F-A1E8-4C108073FDF1}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe | 
"{D6299372-5055-46F1-89B9-E7A5096AFCF1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | 
"{D9A21DB5-EDEC-40B0-BB5F-5825FCEA03F6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{DCEF2D7A-A601-48F6-ABBA-70B3334E285B}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | 
"{DF7884DD-D054-4676-AC75-D65AAE8C4D42}" = protocol=17 | dir=in | app=h:\wow\wow.exe | 
"{E91848FC-97B8-4D67-9678-76D87DB77C35}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe | 
"{EA5590C0-2FD5-4D5B-9984-1AB0F4D39ED8}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{F043E8A2-0E52-4F55-B22C-532FAA6D71CB}" = protocol=6 | dir=in | app=h:\spiele\install\ep1\game.dat | 
"{FBEF273E-DDE0-4F9E-87AC-E04E239CF7C1}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{FD1DEE40-53CA-4DB2-8FD2-AA3180E6A14C}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.0\sonarhost.exe | 
"{FDDB3F64-35B2-4EBF-B0AC-1109508403A5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{FF45C4F2-1D8C-458A-B1E4-9B5EA11BA09C}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"TCP Query User{0009372D-4FE0-489D-AEF7-49F878423643}I:\spiele\install\cod4\iw3mp.exe" = protocol=6 | dir=in | app=i:\spiele\install\cod4\iw3mp.exe | 
"TCP Query User{02C05D08-2C48-4384-9203-7891A17A7C42}I:\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe" = protocol=6 | dir=in | app=i:\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe | 
"TCP Query User{0355FA1C-709A-4C94-B81E-BF96B51FBC94}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{0539D84C-702F-46B3-8B0A-540CC26B1386}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe | 
"TCP Query User{06856683-2781-4476-8188-ED4EE6470358}F:\spiele\left4dead2\left4dead2.exe" = protocol=6 | dir=in | app=f:\spiele\left4dead2\left4dead2.exe | 
"TCP Query User{0D383B9B-F236-481F-847A-9F9C3A3C54B0}C:\users\ich\desktop\games\mw3-lan\iw5mp.exe" = protocol=6 | dir=in | app=c:\users\ich\desktop\games\mw3-lan\iw5mp.exe | 
"TCP Query User{0D401F92-30E8-47D7-AA0B-A35F31173D34}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe | 
"TCP Query User{118CE68C-2C87-43AE-B22E-3A4EEFD00DAF}F:\wow - kopie\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=6 | dir=in | app=f:\wow - kopie\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe | 
"TCP Query User{14073F6F-A752-41FB-A63E-C3FDC93C18C8}I:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat" = protocol=6 | dir=in | app=i:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat | 
"TCP Query User{142BF236-A2E0-42EF-A91A-CA1EDCF42D24}C:\users\ich\desktop\games\steam\steamapps\nyx98\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\users\ich\desktop\games\steam\steamapps\nyx98\team fortress 2\hl2.exe | 
"TCP Query User{16512491-A8B5-43CB-8327-E637945630B4}C:\program files\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files\diablo ii\game.exe | 
"TCP Query User{1AC3EF94-ADB9-4F5B-82B5-C5BE58CC7334}H:\wow\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=6 | dir=in | app=h:\wow\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe | 
"TCP Query User{1DFC9FF0-9CAD-4A58-892C-D4204DD3105E}C:\program files\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe | 
"TCP Query User{1E3B50E9-CD4A-4B6F-83A1-15E4793AE62B}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe | 
"TCP Query User{1FC28468-7D4F-4E17-979D-A5907280C9A0}H:\wow\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=6 | dir=in | app=h:\wow\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe | 
"TCP Query User{1FE8B18F-3EE2-4A74-8311-A44FE96B1AD4}I:\sid meier's civilization 4 complete\warlords\civ4warlords.exe" = protocol=6 | dir=in | app=i:\sid meier's civilization 4 complete\warlords\civ4warlords.exe | 
"TCP Query User{235AECD2-55A7-4783-81C9-EF6C686C5723}C:\users\ich\desktop\games\halo\halo.exe" = protocol=6 | dir=in | app=c:\users\ich\desktop\games\halo\halo.exe | 
"TCP Query User{24EAD2F5-70EC-4304-BC36-D5BAAE79CB61}F:\wow - kopie\launcher.exe" = protocol=6 | dir=in | app=f:\wow - kopie\launcher.exe | 
"TCP Query User{26A67F30-A8CE-4CD6-8469-559454CFAB19}C:\users\ich\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\ich\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{294D1BE1-A66C-421C-A884-E6011C0E5CB8}F:\wow p\launcher.exe" = protocol=6 | dir=in | app=f:\wow p\launcher.exe | 
"TCP Query User{29612424-D69F-4CD8-8AE7-F307F86E89F9}H:\spiele\install\tqit\tqit.exe" = protocol=6 | dir=in | app=h:\spiele\install\tqit\tqit.exe | 
"TCP Query User{2E9DE1DD-B640-4ACF-A09C-0E851070E030}I:\halo 2\halo2.exe" = protocol=6 | dir=in | app=i:\halo 2\halo2.exe | 
"TCP Query User{30674A52-C878-4611-BEDF-6D990F616AF3}F:\spiele\age of mythology\aomx.exe" = protocol=6 | dir=in | app=f:\spiele\age of mythology\aomx.exe | 
"TCP Query User{308F7F24-AEA8-475C-B667-54826E5E9D74}H:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat" = protocol=6 | dir=in | app=h:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat | 
"TCP Query User{3254CA4D-AA5A-4DCE-A05B-ABDF1D456170}F:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe" = protocol=6 | dir=in | app=f:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe | 
"TCP Query User{33689B01-5748-499C-BAB7-010AB61F0243}F:\spiele\install\siedler\bin\settlershok.exe" = protocol=6 | dir=in | app=f:\spiele\install\siedler\bin\settlershok.exe | 
"TCP Query User{33ACA08D-9EAD-4135-8B45-8A0DB8119965}I:\halo 2\halo2.exe" = protocol=6 | dir=in | app=i:\halo 2\halo2.exe | 
"TCP Query User{33D22EEB-4641-4C9F-8373-114E516A162C}F:\spiele\left4dead2\left4dead2.exe" = protocol=6 | dir=in | app=f:\spiele\left4dead2\left4dead2.exe | 
"TCP Query User{3E0FC761-0D97-45F8-9462-2E0F9C018605}H:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat" = protocol=6 | dir=in | app=h:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat | 
"TCP Query User{44C29D7F-E27F-43FB-872D-36D88E2263E6}I:\spiele\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=i:\spiele\age of empires ii\empires2.exe | 
"TCP Query User{452AECCE-E945-4E86-BCB1-C3D7BC68DA3A}H:\flatout 2\flatout2.exe" = protocol=6 | dir=in | app=h:\flatout 2\flatout2.exe | 
"TCP Query User{49D572F2-C82E-4444-9999-CC2116E288B5}\\paranoid\public\quake3 an armin - laptop (192.168.0.145)\quake3.exe" = protocol=6 | dir=in | app=\\paranoid\public\quake3 an armin - laptop (192.168.0.145)\quake3.exe | 
"TCP Query User{51D51DB7-E3CE-43B5-B6A6-48189283367B}F:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat" = protocol=6 | dir=in | app=f:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat | 
"TCP Query User{55ABC758-473B-466A-9CB3-97A2E4A3CDF6}C:\program files\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16755\sc2.exe | 
"TCP Query User{5879FE00-B803-484D-BA3D-503EACAE13E0}E:\spiele\cs\hl.exe" = protocol=6 | dir=in | app=e:\spiele\cs\hl.exe | 
"TCP Query User{5A7D220B-1526-4C54-B802-38C50A5190D0}F:\spiele\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=f:\spiele\age of empires ii\empires2.exe | 
"TCP Query User{5AA061C2-6300-43D5-AC8E-CE11D39771F9}F:\spiele\cs\hl.exe" = protocol=6 | dir=in | app=f:\spiele\cs\hl.exe | 
"TCP Query User{5B7F99CF-1F6B-4399-A763-A82F1478DEEA}H:\wow\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe" = protocol=6 | dir=in | app=h:\wow\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe | 
"TCP Query User{5BDDF259-DDC8-4763-8A68-0DC134613802}I:\spiele\age of mythology\aomx.exe" = protocol=6 | dir=in | app=i:\spiele\age of mythology\aomx.exe | 
"TCP Query User{5C6AC8DF-553B-4C8C-9C2B-35E449B270D2}C:\users\ich\desktop\games\anno2\tools\anno4web.exe" = protocol=6 | dir=in | app=c:\users\ich\desktop\games\anno2\tools\anno4web.exe | 
"TCP Query User{5E400885-AA33-4A0C-9FE0-AB0F4069D8BB}C:\program files\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16605\sc2.exe | 
"TCP Query User{6238233F-F6AD-4D81-9F97-BE1C6D9665AC}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{638E2881-D6E2-4FB7-8358-8881345E65BA}C:\program files\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe | 
"TCP Query User{65B52611-3ED8-4AF7-8D90-46F96499FB3D}I:\spiele\age of mythology\aomx.exe" = protocol=6 | dir=in | app=i:\spiele\age of mythology\aomx.exe | 
"TCP Query User{672FBD8C-40FD-47B7-B99A-497CA7D7D19F}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"TCP Query User{6B41F020-CEFB-4418-AABA-313E235657FF}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe | 
"TCP Query User{6B7628A8-F374-4922-8000-4D091CCEB777}C:\program files\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16755\sc2.exe | 
"TCP Query User{6E847B0C-724E-4E65-B2D5-141D95852D3F}C:\program files\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe | 
"TCP Query User{7006D190-0102-4829-B606-21E735936B23}C:\users\ich\desktop\games\mw3-lan\iw5sp.exe" = protocol=6 | dir=in | app=c:\users\ich\desktop\games\mw3-lan\iw5sp.exe | 
"TCP Query User{71530999-EAEC-4F47-905E-41D104CE6357}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | 
"TCP Query User{74099C63-67C3-4D8D-99F4-660D22690A71}C:\users\ich\desktop\games\halo\halo.exe" = protocol=6 | dir=in | app=c:\users\ich\desktop\games\halo\halo.exe | 
"TCP Query User{77E72037-E7F7-42B3-961C-1061DACFD38C}H:\spiele\install\titan quest\titan quest.exe" = protocol=6 | dir=in | app=h:\spiele\install\titan quest\titan quest.exe | 
"TCP Query User{7A64EB98-E221-4B4E-BD8E-C509F0075B44}H:\wow\launcher.exe" = protocol=6 | dir=in | app=h:\wow\launcher.exe | 
"TCP Query User{7ACB81CE-4213-4DF0-928E-073447911EE6}F:\wow - kopie\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=6 | dir=in | app=f:\wow - kopie\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe | 
"TCP Query User{7D6F5D0F-8F5D-4315-A1AA-DA4A883CB3A6}H:\spiele\install\anno2\tools\anno4web.exe" = protocol=6 | dir=in | app=h:\spiele\install\anno2\tools\anno4web.exe | 
"TCP Query User{8421E555-E98C-443D-AF52-4A2D7B87277C}H:\spiele\age of mythology\aomx.exe" = protocol=6 | dir=in | app=h:\spiele\age of mythology\aomx.exe | 
"TCP Query User{89E7B275-25FB-42E2-A8BE-1F27E4021F87}F:\spiele\cs\hl.exe" = protocol=6 | dir=in | app=f:\spiele\cs\hl.exe | 
"TCP Query User{8B177795-7AFF-4D55-ABA7-61672942CB0B}I:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe" = protocol=6 | dir=in | app=i:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe | 
"TCP Query User{8DC2F242-62A8-48F3-B69F-92611ADCADDD}E:\spiele\cs\hltv.exe" = protocol=6 | dir=in | app=e:\spiele\cs\hltv.exe | 
"TCP Query User{9121751D-26F5-4009-B7B5-223FCDA9557C}C:\program files\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files\diablo ii\game.exe | 
"TCP Query User{9D46F902-3145-41E5-AC96-D1A4EB5C0232}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"TCP Query User{A26EF2D4-B2DF-42CD-B677-4440CD5729FD}H:\games\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=h:\games\the witcher 2\bin\witcher2.exe | 
"TCP Query User{A494BB91-DC71-4141-8AA2-38C2E9571A9B}C:\users\ich\desktop\games\mw3-lan\iw5mp_server.exe" = protocol=6 | dir=in | app=c:\users\ich\desktop\games\mw3-lan\iw5mp_server.exe | 
"TCP Query User{A67F0C46-6F52-4087-B473-12EC17824EB9}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"TCP Query User{AA481EA9-A6F0-4D97-A204-F9E39A48123C}I:\spiele\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=i:\spiele\the witcher 2\bin\witcher2.exe | 
"TCP Query User{AAB3C892-081A-4753-BA91-DC2756934DEC}F:\wow - kopie\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=6 | dir=in | app=f:\wow - kopie\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe | 
"TCP Query User{B0D43443-154C-481E-BE68-59C23492A678}C:\users\ich\desktop\games\steam\steamapps\nyx98\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\users\ich\desktop\games\steam\steamapps\nyx98\team fortress 2\hl2.exe | 
"TCP Query User{B64109F2-5088-40C1-92A7-52AB0746A690}C:\program files\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base18092\sc2.exe | 
"TCP Query User{B9441883-F8D5-447C-8AEB-F4575BA3534B}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe | 
"TCP Query User{C0B4A7F5-A866-490E-A1B3-7AD0D7134232}I:\spiele\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=i:\spiele\age of empires ii\empires2.exe | 
"TCP Query User{D034B1F6-5B27-49EC-A04A-1FEB1C4ED442}C:\program files\java\jdk1.6.0_17\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_17\bin\java.exe | 
"TCP Query User{D20B39F5-2DF8-47AC-8219-6CE962086FBA}F:\wow - kopie\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=6 | dir=in | app=f:\wow - kopie\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe | 
"TCP Query User{D38ED2D2-9E58-41DF-9C08-58A1447A5A25}F:\spiele\install\hdr2 1\game.dat" = protocol=6 | dir=in | app=f:\spiele\install\hdr2 1\game.dat | 
"TCP Query User{D4B0776D-C39B-45D8-9AD7-8D62A69C5A6F}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"TCP Query User{D5C4523F-7A8C-40A7-A684-20A8408435A3}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe | 
"TCP Query User{D6D8C72B-2CFE-40FF-A1C7-44F1649B9A4D}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe | 
"TCP Query User{E2B6606E-CC60-42A8-8427-8F0FDB45E357}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe | 
"TCP Query User{E4D44247-B64B-434B-A0E5-C0AD0939C9F2}C:\users\ich\desktop\games\mw3-lan\iw5mp.exe" = protocol=6 | dir=in | app=c:\users\ich\desktop\games\mw3-lan\iw5mp.exe | 
"TCP Query User{EA674F06-61FE-4433-AB18-21509EEB6B39}H:\spiele\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=h:\spiele\the witcher 2\bin\witcher2.exe | 
"TCP Query User{EE1B7C0D-C470-4D0C-B51A-7E99AF01D988}H:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe" = protocol=6 | dir=in | app=h:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe | 
"TCP Query User{EFA71200-3E22-4EAB-AE82-07F3F80DBF47}F:\spiele\age of mythology\aomx.exe" = protocol=6 | dir=in | app=f:\spiele\age of mythology\aomx.exe | 
"TCP Query User{F0B488D0-31E1-4A4F-97A3-E250D6320072}C:\program files\starcraft ii\versions\base16561\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16561\sc2.exe | 
"TCP Query User{F18FCD7D-04B6-4120-B2DC-0CC817A87331}F:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe" = protocol=6 | dir=in | app=f:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe | 
"TCP Query User{F2FAA40B-2631-426D-8121-7B24250EE8AB}H:\wow\launcher.exe" = protocol=6 | dir=in | app=h:\wow\launcher.exe | 
"TCP Query User{F4B350D5-7383-4E67-A2F0-C5CD80F726EC}H:\diablo ii\game.exe" = protocol=6 | dir=in | app=h:\diablo ii\game.exe | 
"TCP Query User{F5CC7491-C2A2-4C06-9309-F88D15B41A33}C:\users\ich\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\ich\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{F6D4B0C1-47F3-451B-870F-6479C1A2464F}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"TCP Query User{F98830AB-5396-4E47-8796-0BE5863C84A8}C:\program files\diablo iii beta\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files\diablo iii beta\diablo iii.exe | 
"TCP Query User{FDB423B8-5205-4467-B604-36A770084945}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{04F56BD9-1C0B-4BE1-AB5F-B6053A8C8915}I:\spiele\install\cod4\iw3mp.exe" = protocol=17 | dir=in | app=i:\spiele\install\cod4\iw3mp.exe | 
"UDP Query User{05EE42B1-C10B-4447-80BA-412710C086DC}H:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe" = protocol=17 | dir=in | app=h:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe | 
"UDP Query User{06A05394-5B6F-4EA7-A4DF-882E8B64B289}C:\program files\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe | 
"UDP Query User{06B81DC6-3794-4772-832B-849ABDC07FC9}C:\program files\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16605\sc2.exe | 
"UDP Query User{07B4CC91-418E-4677-93DC-F1910AAAB985}C:\users\ich\desktop\games\halo\halo.exe" = protocol=17 | dir=in | app=c:\users\ich\desktop\games\halo\halo.exe | 
"UDP Query User{0BF0D2F1-A2D9-4A30-A032-DF0DDDA99645}F:\spiele\age of mythology\aomx.exe" = protocol=17 | dir=in | app=f:\spiele\age of mythology\aomx.exe | 
"UDP Query User{142D9B27-B68E-47F5-A6D2-2B359F0C935D}H:\wow\launcher.exe" = protocol=17 | dir=in | app=h:\wow\launcher.exe | 
"UDP Query User{1CCF9FFE-FB58-4FC6-9EB9-ECC8E0CDAB48}E:\spiele\cs\hl.exe" = protocol=17 | dir=in | app=e:\spiele\cs\hl.exe | 
"UDP Query User{1E8977D8-BF1D-48E4-B54B-0F79AD7C3B3F}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe | 
"UDP Query User{2070FFA7-BCB9-42E9-BC2D-BAD46BC16C21}H:\spiele\install\anno2\tools\anno4web.exe" = protocol=17 | dir=in | app=h:\spiele\install\anno2\tools\anno4web.exe | 
"UDP Query User{253BDE3D-F223-4198-A3C0-CA03FE618947}I:\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe" = protocol=17 | dir=in | app=i:\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe | 
"UDP Query User{2B7AD20D-568E-43C1-81E0-16DB4ED51B84}H:\wow\launcher.exe" = protocol=17 | dir=in | app=h:\wow\launcher.exe | 
"UDP Query User{2D7D7A4F-871C-49E8-AF1F-61CC32D381FC}C:\program files\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16755\sc2.exe | 
"UDP Query User{30A9D7C6-5D54-4F0A-AE8E-92B0EB57BFF2}F:\wow - kopie\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=17 | dir=in | app=f:\wow - kopie\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe | 
"UDP Query User{30E15CBD-0D33-4325-9C9A-BEDDD3B38391}I:\spiele\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=i:\spiele\age of empires ii\empires2.exe | 
"UDP Query User{31B5E8DB-237A-4993-9776-15398B0E0756}F:\spiele\left4dead2\left4dead2.exe" = protocol=17 | dir=in | app=f:\spiele\left4dead2\left4dead2.exe | 
"UDP Query User{32B89B65-0C61-483F-9EC9-4DCEC8D3A466}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{34DDEC94-2EAA-44DA-907A-93F95D5A912D}F:\spiele\install\hdr2 1\game.dat" = protocol=17 | dir=in | app=f:\spiele\install\hdr2 1\game.dat | 
"UDP Query User{3AEB7C25-4192-441B-BA95-AC368D0AB830}C:\program files\starcraft ii\versions\base16561\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16561\sc2.exe | 
"UDP Query User{3C1C96B6-B6E8-45D9-8535-E45B9B8A3A1B}I:\spiele\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=i:\spiele\age of empires ii\empires2.exe | 
"UDP Query User{3CE9F0AA-A1DC-43DB-8983-3DB355EE1A1B}F:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat" = protocol=17 | dir=in | app=f:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat | 
"UDP Query User{3ED23F37-C116-41BD-8F24-4E41383C6104}H:\spiele\age of mythology\aomx.exe" = protocol=17 | dir=in | app=h:\spiele\age of mythology\aomx.exe | 
"UDP Query User{415A5D6A-C9DE-4F3F-970C-D03AE0499667}F:\spiele\cs\hl.exe" = protocol=17 | dir=in | app=f:\spiele\cs\hl.exe | 
"UDP Query User{44D112FB-41B7-4FD2-AE63-BB2BB92593A4}H:\flatout 2\flatout2.exe" = protocol=17 | dir=in | app=h:\flatout 2\flatout2.exe | 
"UDP Query User{45186760-C5F5-4245-9E80-63EAD93C4ED7}I:\spiele\age of mythology\aomx.exe" = protocol=17 | dir=in | app=i:\spiele\age of mythology\aomx.exe | 
"UDP Query User{4890AA2A-0AA4-455D-8F9A-ED4FB9644CE6}C:\users\ich\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\ich\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{5273A29A-BC44-425C-8088-C895713B0DE0}H:\spiele\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=h:\spiele\the witcher 2\bin\witcher2.exe | 
"UDP Query User{52B385D3-0B05-4DCB-B480-80519DDB22CF}I:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe" = protocol=17 | dir=in | app=i:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe | 
"UDP Query User{5394A9E1-DC77-417E-A463-2EE2A6773F22}I:\halo 2\halo2.exe" = protocol=17 | dir=in | app=i:\halo 2\halo2.exe | 
"UDP Query User{550A6AFB-58C3-4280-A8EC-DD62C31FB934}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{5554CDD0-5A7F-4DCA-9F5F-246E8B4864D9}F:\wow - kopie\launcher.exe" = protocol=17 | dir=in | app=f:\wow - kopie\launcher.exe | 
"UDP Query User{5760AA9A-F948-423D-B3E2-C0FB20B8AD5E}C:\users\ich\desktop\games\halo\halo.exe" = protocol=17 | dir=in | app=c:\users\ich\desktop\games\halo\halo.exe | 
"UDP Query User{60617F80-FE36-4556-85EC-00E8304D0E58}C:\users\ich\desktop\games\steam\steamapps\nyx98\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\users\ich\desktop\games\steam\steamapps\nyx98\team fortress 2\hl2.exe | 
"UDP Query User{61267B39-61F1-43AD-8E1F-E3F9870B4D77}\\paranoid\public\quake3 an armin - laptop (192.168.0.145)\quake3.exe" = protocol=17 | dir=in | app=\\paranoid\public\quake3 an armin - laptop (192.168.0.145)\quake3.exe | 
"UDP Query User{61D4ED1C-7293-4EDE-ACF2-772C0ACED7D0}F:\wow - kopie\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=17 | dir=in | app=f:\wow - kopie\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe | 
"UDP Query User{6B9728D6-EE11-41B1-A65B-1BCEADF6B857}F:\spiele\install\siedler\bin\settlershok.exe" = protocol=17 | dir=in | app=f:\spiele\install\siedler\bin\settlershok.exe | 
"UDP Query User{6BF8D75F-317A-4052-9DC4-BAE75C1E0727}I:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat" = protocol=17 | dir=in | app=i:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat | 
"UDP Query User{6E154847-37AE-44B6-B0EF-AA3472D1D1F5}C:\program files\diablo iii beta\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files\diablo iii beta\diablo iii.exe | 
"UDP Query User{71FB4683-D9DB-4D55-A888-7E3344E28A83}C:\users\ich\desktop\games\mw3-lan\iw5mp.exe" = protocol=17 | dir=in | app=c:\users\ich\desktop\games\mw3-lan\iw5mp.exe | 
"UDP Query User{740850A9-1328-48CF-813B-B90128BE3687}I:\spiele\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=i:\spiele\the witcher 2\bin\witcher2.exe | 
"UDP Query User{776521DC-823A-473D-963A-8DD002277355}C:\users\ich\desktop\games\steam\steamapps\nyx98\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\users\ich\desktop\games\steam\steamapps\nyx98\team fortress 2\hl2.exe | 
"UDP Query User{788EC403-C460-4E3C-A87A-67D416CA09AB}C:\program files\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16755\sc2.exe | 
"UDP Query User{78D3A378-E2C6-4261-9433-7AA9277816D9}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"UDP Query User{796553ED-7E1E-427D-B6C0-A14D50BD49F0}C:\program files\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files\diablo ii\game.exe | 
"UDP Query User{79B69673-2EE3-420B-A299-7B6D6535EA9E}F:\wow p\launcher.exe" = protocol=17 | dir=in | app=f:\wow p\launcher.exe | 
"UDP Query User{7BF2D419-4FD2-4954-8C07-F3C606EBD5F9}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe | 
"UDP Query User{7CEE1565-6B17-4D23-A612-2E621DA6D679}F:\spiele\left4dead2\left4dead2.exe" = protocol=17 | dir=in | app=f:\spiele\left4dead2\left4dead2.exe | 
"UDP Query User{8215BFD5-2CAD-45B4-B3FD-D060F47F83F4}F:\spiele\age of mythology\aomx.exe" = protocol=17 | dir=in | app=f:\spiele\age of mythology\aomx.exe | 
"UDP Query User{89D1B590-6C5B-4E16-A28C-9DE978398197}H:\games\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=h:\games\the witcher 2\bin\witcher2.exe | 
"UDP Query User{921AFB13-5D85-42AC-9EE4-CBB34BCDBEC5}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe | 
"UDP Query User{959F78D3-7DC9-43AC-ABAB-B8807378E4BE}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe | 
"UDP Query User{977D9AA5-512D-4F09-9927-F81F24D8A7A4}C:\program files\java\jdk1.6.0_17\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_17\bin\java.exe | 
"UDP Query User{9A408470-C1EC-46E9-88AB-A6B497798763}C:\program files\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe | 
"UDP Query User{9AC3ADA3-DBF8-4DE1-8B8B-58E89882CFAC}C:\program files\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files\diablo ii\game.exe | 
"UDP Query User{A336C9E8-683B-474A-AE90-E397E07D6BAC}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe | 
"UDP Query User{A7AEC12F-3682-44A8-8C10-7BACA1976C0A}C:\users\ich\desktop\games\mw3-lan\iw5mp_server.exe" = protocol=17 | dir=in | app=c:\users\ich\desktop\games\mw3-lan\iw5mp_server.exe | 
"UDP Query User{A99C18B9-F1DA-413C-AEAB-E98B9E81B76D}C:\program files\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base18092\sc2.exe | 
"UDP Query User{B0064781-C186-4575-91D8-24192EBCD399}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe | 
"UDP Query User{B06ED0E6-9AF4-4A41-B23E-ECC0F0C9D30A}E:\spiele\cs\hltv.exe" = protocol=17 | dir=in | app=e:\spiele\cs\hltv.exe | 
"UDP Query User{B19EDEBC-76F6-4AB9-B329-F419F0A98BC2}H:\wow\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe" = protocol=17 | dir=in | app=h:\wow\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe | 
"UDP Query User{B21A09B7-E311-42F4-9DFE-6BF879C8A6D8}F:\spiele\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=f:\spiele\age of empires ii\empires2.exe | 
"UDP Query User{B2D12730-663A-4B7E-AD80-6A65E304278E}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{B5A3C190-F3EB-4836-B99E-3C7FC0337AB0}C:\program files\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe | 
"UDP Query User{B847542C-CCE8-419E-93BC-847330FA0152}H:\wow\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=17 | dir=in | app=h:\wow\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe | 
"UDP Query User{BDD1CF40-B05A-41B5-AE3A-986539B3E43D}C:\users\ich\desktop\games\anno2\tools\anno4web.exe" = protocol=17 | dir=in | app=c:\users\ich\desktop\games\anno2\tools\anno4web.exe | 
"UDP Query User{BF9EF054-8175-48BA-9582-73D1FE2D5897}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{C1A89D23-1FE3-41EF-BD56-9D9DA32FE8A4}H:\wow\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=17 | dir=in | app=h:\wow\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe | 
"UDP Query User{C3E98D4D-B0B2-436E-B6A5-5DA23751BEDE}I:\spiele\age of mythology\aomx.exe" = protocol=17 | dir=in | app=i:\spiele\age of mythology\aomx.exe | 
"UDP Query User{C5030072-EF0E-40C1-99D4-3A36D0CED5E8}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{CC5C5573-53B3-46A1-8AF8-4A1932042D77}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe | 
"UDP Query User{CF497E45-8A4B-4F75-8D8B-9CCAFBA13F07}F:\spiele\cs\hl.exe" = protocol=17 | dir=in | app=f:\spiele\cs\hl.exe | 
"UDP Query User{CF7F00C4-40FD-42C6-9C31-A2F365A7B344}C:\users\ich\desktop\games\mw3-lan\iw5sp.exe" = protocol=17 | dir=in | app=c:\users\ich\desktop\games\mw3-lan\iw5sp.exe | 
"UDP Query User{D3442701-EB80-434E-86E1-45CDE84E60B0}H:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat" = protocol=17 | dir=in | app=h:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat | 
"UDP Query User{D60622E0-5AB5-44A8-87E9-D780B8386957}I:\halo 2\halo2.exe" = protocol=17 | dir=in | app=i:\halo 2\halo2.exe | 
"UDP Query User{D77F4BCF-7691-4294-B95B-7583BCE1147D}F:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe" = protocol=17 | dir=in | app=f:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe | 
"UDP Query User{D7880712-25B4-4D74-846D-10A4E1733BF1}F:\wow - kopie\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=17 | dir=in | app=f:\wow - kopie\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe | 
"UDP Query User{D7A45029-A11B-4E42-93DB-92B28884A2A2}C:\users\ich\desktop\games\mw3-lan\iw5mp.exe" = protocol=17 | dir=in | app=c:\users\ich\desktop\games\mw3-lan\iw5mp.exe | 
"UDP Query User{DC9DC7A3-7141-44BC-8755-26C10C70F2F5}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | 
"UDP Query User{DDF06F63-89E0-4AAC-9BEC-027C43F4BF45}H:\spiele\install\titan quest\titan quest.exe" = protocol=17 | dir=in | app=h:\spiele\install\titan quest\titan quest.exe | 
"UDP Query User{E1F14484-62D3-4B16-904B-5AA37F3119B4}H:\spiele\install\tqit\tqit.exe" = protocol=17 | dir=in | app=h:\spiele\install\tqit\tqit.exe | 
"UDP Query User{E34FC6C6-032A-483F-9C82-97592C45B2B6}H:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat" = protocol=17 | dir=in | app=h:\spiele\command & conquer 3 - tiberium wars\retailexe\1.9\cnc3game.dat | 
"UDP Query User{E982C886-E5CB-4619-A662-A9EAE7CDB129}C:\users\ich\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\ich\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{EB29375C-3E6B-401D-9EE9-BAC3B43CED64}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{EB3A0746-B37C-4A02-8FFC-EC1B7884C251}I:\sid meier's civilization 4 complete\warlords\civ4warlords.exe" = protocol=17 | dir=in | app=i:\sid meier's civilization 4 complete\warlords\civ4warlords.exe | 
"UDP Query User{ECE59C21-4964-4FB8-B7FB-28A6E27D8AA5}H:\diablo ii\game.exe" = protocol=17 | dir=in | app=h:\diablo ii\game.exe | 
"UDP Query User{ED5F9E50-3E4D-4CAD-9590-7BA20C7CE3D6}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe | 
"UDP Query User{FACB6279-C415-4AFA-A0DA-9EB54B3271E3}F:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe" = protocol=17 | dir=in | app=f:\spiele\quake3 an armin - laptop (192.168.0.145)\quake3.exe | 
"UDP Query User{FCCE1D6F-C388-45A1-8FFE-ED19D3CC05F9}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"UDP Query User{FD0EB85F-84EB-405E-83DF-50AC5117094C}F:\wow - kopie\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=17 | dir=in | app=f:\wow - kopie\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{056B935A-A03D-D0D8-4CE0-B4B337753156}" = CCC Help Chinese Standard
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C362375-1FE0-98C0-2C57-F4D772B8A759}" = Catalyst Control Center Graphics Full New
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1570DE88-A78A-37FD-8A05-92620D160CCA}" = Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - DEU
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{17544ACA-6428-424B-926B-8751610836AE}" = TortoiseSVN 1.7.1.22161 (32 bit)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C2B3CEA-482E-4453-B3E2-C9731337828A}" = Microsoft SQL Server 2008 Native Client
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26
"{2C973B8B-1BB3-358B-250C-336C81A1926E}" = CCC Help Polish
"{2F2B002A-8BF5-DF1E-6D36-7900B6F868DE}" = ATI Catalyst Install Manager
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{360872CE-7A87-A4EE-AF69-EF73E5695D40}" = ccc-utility
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CCB314A-B67C-82D0-1CC6-6BC4AE6D053E}" = Catalyst Control Center InstallProxy
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{4135C790-0387-36D7-9C2A-1B09A5900460}" = Microsoft Visual Studio 2010 Ultimate - DEU
"{41A01180-D9FD-3428-9FD6-749F4C637CBF}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{45416928-B205-9812-2065-5794D5AC7338}" = CCC Help French
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F64A46D-67F7-4497-AEA2-313D4305A5F6}" = Torchlight
"{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{526B2AE8-73DF-4CE0-B140-9968677A7C93}" = HTC Sync
"{53E12B77-A8AC-1A15-7690-FAA711AA0B50}" = CCC Help Portuguese
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5A64A288-025C-F952-E4E3-12FA6596922F}" = CCC Help Chinese Traditional
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5D3A59B1-2BBF-66AF-3B5F-FC5BAA42F817}" = CCC Help Italian
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5F19F78E-274D-8E5C-C49E-2ED722ACF70A}" = CCC Help German
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{6078A803-C98F-1F95-CEF7-0132621E6072}" = CCC Help Japanese
"{6234F3C6-F8EF-39FB-AE15-0B88E88B79F0}" = CCC Help Greek
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6A0D64D0-CDF4-9C65-A053-6EC86AEB43CC}" = ccc-core-static
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
"{6A905715-6991-3517-5F04-4392FC18DB76}" = Catalyst Control Center Graphics Previews Vista
"{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}" = Oracle Data Provider for .NET Help
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DF7D549-7BEA-4EA0-BCB9-F7100363BDED}" = VisualSVN 2.5.1
"{6EAA466F-6F35-F3B7-60B9-3D6DCA97EE02}" = Catalyst Control Center Localization All
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{742A17A1-8AA4-4DCE-C881-557AC4EB793D}" = CCC Help Spanish
"{75212523-6E47-BF0F-20FF-B65E940A5DDD}" = CCC Help English
"{765E50AF-5550-4F7E-84F4-524D1BF2C49D}" = MSM2MSI_gstudio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab 3.1.3.1
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8EAA9D70-C912-3708-92DD-0CCC26F386E1}" = Microsoft Visual Studio 2010 Performance Collection Tools - DEU
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{929F5BFC-60F0-34EC-A50B-2001AAC03D56}" = Microsoft Team Foundation Server 2010 Object Model - DEU
"{92C5C058-E941-47C3-B7E8-38A79C605969}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{940F9DF4-A790-EAE9-A4B1-B9F96D3C8CC9}" = CCC Help Finnish
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97BA7028-6FE4-58B5-F254-48C12AA3FBBD}" = CCC Help Swedish
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{987381F2-AA18-EF9C-9DDA-4D403FD7F3E2}" = CCC Help Turkish
"{99C85B2D-DFA4-5704-9A4C-396DDB5C6F1F}" = CCC Help Thai
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA2D735-3375-42D4-9A61-3FFEF82599D6}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup 
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C3B8582-A72A-4835-8903-877A834407BB}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework
"{9E6B5AEA-C8EC-916B-FDFA-91F1274CD695}" = Skins
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A75C2F92-28EC-FE11-3818-81578F3E9596}" = CCC Help Norwegian
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AA9732EB-64DD-DBA5-DFC1-705E64D3FB18}" = CCC Help Russian
"{AAE19E03-87A5-6937-F7D7-6806C5FD1D89}" = Catalyst Control Center Graphics Light
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B15E1629-4B8C-FC02-1118-35034C235F0D}" = CCC Help Korean
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{BE0EC61A-02BF-E3E1-D7A8-3DDB7B58FBDF}" = PX Profile Update
"{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C10DD83A-CB15-DD3A-FE29-89433A68F55D}" = CCC Help Dutch
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}" = Dotfuscator Software Services - Community Edition - DEU
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D0F3E75D-6BE1-E974-2A8E-A449D3374FDB}" = Catalyst Control Center Graphics Full Existing
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DBE8431C-CF9A-38C3-B42D-28B6FCE1EA3B}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E24DBA75-5452-C0A1-4FF3-CB38F8245919}" = CCC Help Czech
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E430067C-7254-40B6-A8F8-5EEF57A68F1A}" = Catalyst Control Center - Branding
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E86CA8CF-F42D-9569-B2ED-5E6A0F591EA5}" = CCC Help Hungarian
"{EC66418E-DAA2-36D5-809E-40BEC94E622A}" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0BC0F9E-C4A8-485C-93ED-424DB9EA3F75}" = Oracle Database 10g Express Edition
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F557AF38-AB37-84A8-0148-C53B5F870373}" = CCC Help Danish
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"{FF7027C7-B001-A144-C83B-03618745E975}" = Catalyst Control Center Core Implementation
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Akamai" = Akamai NetSession Interface Service
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"bearsharetb" = MediaBar
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"ESN Sonar-0.70.0" = ESN Sonar
"Fiesta Online(EU_German)" = Fiesta Online(EU_German) 1.04.000
"Game Booster_is1" = Game Booster 3
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F0BC0F9E-C4A8-485C-93ED-424DB9EA3F75}" = Oracle Database 10g Express Edition
"JA Launcher" = JA Launcher
"JCreator LE_is1" = JCreator LE 5.00
"League of Legends_is1" = League of Legends
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Team Foundation Server 2010 Object Model - DEU" = Microsoft Team Foundation Server 2010-Objektmodell - DEU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU
"Microsoft Visual Studio 2010 Ultimate - DEU" = Microsoft Visual Studio 2010 Ultimate - DEU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Studio Macro Tools - DEU Language Pack" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"SMAC 2.7" = SMAC 2.7
"SMPlayer" = SMPlayer 0.6.9
"StarCraft II" = StarCraft II
"Steam App 440" = Team Fortress 2
"Uninstall_is1" = Uninstall 1.0.0.1
"Warcraft III" = Warcraft III
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 23.10.2011 13:24:36 | Computer Name = Paranoid | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 23.10.2011 13:24:36 | Computer Name = Paranoid | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 23.10.2011 13:24:36 | Computer Name = Paranoid | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 23.10.2011 13:24:36 | Computer Name = Paranoid | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 23.10.2011 13:24:36 | Computer Name = Paranoid | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 23.10.2011 13:25:30 | Computer Name = Paranoid | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ePowerTray.exe, Version 4.1.3016.0, Zeitstempel
 0x4a409dcb, fehlerhaftes Modul ePowerTray.exe, Version 4.1.3016.0, Zeitstempel 
0x4a409dcb, Ausnahmecode 0xc0000005, Fehleroffset 0x0000ca46,  Prozess-ID 0x11c8, 
Anwendungsstartzeit 01cc91a89bffedbe.
 
Error - 23.10.2011 14:28:18 | Computer Name = Paranoid | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung portal2.exe, Version 0.0.0.0, Zeitstempel 0x4d4c804d,
 fehlerhaftes Modul valve_avi.dll, Version 0.0.0.0, Zeitstempel 0x4daa2f8e, Ausnahmecode
 0xc0000005, Fehleroffset 0x00004473,  Prozess-ID 0x62c, Anwendungsstartzeit 01cc91a9986b11be.
 
Error - 24.10.2011 10:47:05 | Computer Name = Paranoid | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 24.10.2011 10:47:05 | Computer Name = Paranoid | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 24.10.2011 10:50:44 | Computer Name = Paranoid | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ePowerTray.exe, Version 4.1.3016.0, Zeitstempel
 0x4a409dcb, fehlerhaftes Modul ePowerTray.exe, Version 4.1.3016.0, Zeitstempel 
0x4a409dcb, Ausnahmecode 0xc0000005, Fehleroffset 0x0000ca46,  Prozess-ID 0x1480, 
Anwendungsstartzeit 01cc925c35195963.
 
[ OSession Events ]
Error - 28.02.2012 15:43:26 | Computer Name = Paranoid | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2481
 seconds with 1500 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 27.05.2012 06:41:39 | Computer Name = Paranoid | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 27.05.2012 06:41:39 | Computer Name = Paranoid | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 28.05.2012 06:03:23 | Computer Name = Paranoid | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 28.05.2012 06:03:23 | Computer Name = Paranoid | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 28.05.2012 16:50:48 | Computer Name = Paranoid | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 28.05.2012 16:50:48 | Computer Name = Paranoid | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 29.05.2012 06:08:04 | Computer Name = Paranoid | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 29.05.2012 06:08:04 | Computer Name = Paranoid | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 29.05.2012 08:17:12 | Computer Name = Paranoid | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 29.05.2012 08:17:12 | Computer Name = Paranoid | Source = Service Control Manager | ID = 7009
Description = 
 
 
< End of report >

--- --- ---

Code:

ATTFilter

Acer Arcade Deluxe	CyberLink Corp.	11.03.2009	88,0MB	2.5.6121
Acer Backup Manager	NewTech Infosystems	09.08.2009	234MB	1.0.0.58
Acer Crystal Eye Webcam	Suyin Optronics Corp	09.08.2009	2,93MB	5.2.1.1
Acer eRecovery Management	Acer Incorporated	09.08.2009	11,7MB	4.00.3008
Acer GridVista		09.08.2009	1,51MB	2.72.317
Acer PowerSmart Manager	Acer Incorporated	09.08.2009	7,33MB	4.01.3016
Acer Product Registration	Acer Incorporated	13.09.2009	5,92MB	3.0.0.10
Acer ScreenSaver	Acer	09.08.2009		1.0.2.0311
Adobe AIR	Adobe Systems Incorporated	25.12.2011	30,7MB	3.0.0.4080
Adobe Community Help	Adobe Systems Incorporated	02.08.2010	2,52MB	3.0.0.400
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	22.09.2009		10.0.32.18
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	26.06.2011		10.3.181.26
Adobe Media Player	Adobe Systems Incorporated	02.08.2010	2,70MB	1.8
Adobe Photoshop CS5	Adobe Systems Incorporated	02.08.2010		12.0
Adobe Reader 9.1 - Deutsch	Adobe Systems Incorporated	17.09.2009	234MB	9.1.0
Adobe Shockwave Player 11.5	Adobe Systems, Inc.	17.09.2009	8,27MB	11.5.1.601
Agere Systems HDA Modem	Agere Systems	09.08.2009		
Akamai NetSession Interface		19.12.2011	4,33MB	
Akamai NetSession Interface Service		09.11.2011	4,33MB	
ALPS Touch Pad Driver	Alps Electric	09.08.2009	11,7MB	7.5.2015.101
AmIcoSingLun	Alcor Micro Co., Ltd.	09.08.2009	2,73MB	1.2.117.1
ANNO 1404	Ubisoft	12.09.2011	350MB	1.02.0000
ATI Catalyst Install Manager	ATI Technologies, Inc.	09.08.2009	13,7MB	3.0.710.0
Avira AntiVir Personal - Free Antivirus	Avira GmbH	21.02.2012	68,3MB	10.2.0.707
Battlefield 2(TM)		16.03.1999	1.810MB	
Battlelog Web Plugins	EA Digital Illusions CE AB	04.10.2011	11,0MB	0.80.0
Broadcom Gigabit NetLink Controller	Broadcom Corporation	10.02.2009	0,35MB	11.34.02
Call of Duty(R) 4 - Modern Warfare(TM)	Activision	27.10.2011	6.403MB	1.7
CCleaner	Piriform	02.10.2011	4,07MB	3.11
ClipGrab 3.1.3.1	Philipp Schmieder Medien	09.02.2012	42,3MB	
Compatibility Pack für 2007 Office System	Microsoft Corporation	25.12.2011	39,9MB	12.0.6425.1000
Dev-C++ 5 beta 9 release (4.9.9.2)		05.09.2011		
Diablo II		17.09.2009	1.957MB	
Diablo III	Blizzard Entertainment	26.05.2012	8.063MB	1.0.1.9558
Die Sims™ 3	Electronic Arts	08.07.2010	5.730MB	1.12.70
Dotfuscator Software Services - Community Edition - DEU	PreEmptive Solutions	13.10.2011	2,85MB	5.0.2300.0
Dropbox	Dropbox, Inc.	11.03.2012	24,0MB	1.2.52
DVDVideoSoftTB Toolbar		03.09.2010	2,49MB	
EPSON-Drucker-Software		19.02.2011		
ESN Sonar	ESN Social Software AB	04.10.2011	2,37MB	0.70.0
Fiesta Online(EU_German) 1.04.000	gamigo Games	14.07.2011		1.04.000
Game Booster 3	IObit	23.11.2011	13,6MB	3.1
GameSpy Comrade	GameSpy	17.07.2009	19,0MB	1.5.0.156
GIMP 2.6.10	The GIMP Team	03.09.2010		2.6.10
Google Toolbar for Internet Explorer	Google Inc.	14.03.2012	36,0MB	7.3.2710.138
HTC BMP USB Driver	HTC	25.12.2011	0,25MB	1.0.5375
HTC Driver Installer	HTC Corporation	25.12.2011	2,08MB	3.0.0.017
HTC Sync	HTC Corporation	25.12.2011	45,3MB	3.0.5606
JA Launcher		29.07.2011		
Java DB 10.4.2.1	Sun Microsystems, Inc	10.12.2009	27,7MB	10.4.2.1
Java(TM) 6 Update 26	Sun Microsystems, Inc.	10.12.2009	97,7MB	6.0.260
Java(TM) SE Development Kit 6 Update 17	Sun Microsystems, Inc.	07.07.2009	133,7MB	1.6.0.170
JCreator LE 5.00	Xinox Software	19.05.2009		
Launch Manager	Acer Inc.	09.08.2009	3,25MB	2.0.01
League of Legends		25.09.2010	1.983MB	
Malwarebytes Anti-Malware Version 1.61.0.1400	Malwarebytes Corporation	27.05.2012	11,7MB	1.61.0.1400
MediaBar	Musiclab, LLC	27.09.2009	2,74MB	
Microsoft .NET Framework 1.1		04.08.2009		
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation	20.09.2009	37,0MB	
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	18.09.2009	37,0MB	
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	27.06.2010	120,3MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	13.10.2011	46,2MB	4.0.30319
Microsoft .NET Framework 4 Extended	Microsoft Corporation	13.10.2011	46,0MB	4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	13.10.2011	11,7MB	4.0.30319
Microsoft .NET Framework 4 Multi-Targeting Pack	Microsoft Corporation	13.10.2011	83,5MB	4.0.30319
Microsoft Games for Windows - LIVE Redistributable	Microsoft Corporation	08.05.2011	31,3MB	3.5.88.0
Microsoft Games for Windows Marketplace	Microsoft Corporation	08.05.2011	6,04MB	3.5.50.0
Microsoft Help Viewer 1.0	Microsoft Corporation	13.10.2011	6,09MB	1.0.30319
Microsoft Help Viewer 1.0 Language Pack - DEU	Microsoft Corporation	13.10.2011	6,09MB	1.0.30319
Microsoft Office Home and Student 2007	Microsoft Corporation	04.10.2009	296MB	12.0.6425.1000
Microsoft Office PowerPoint Viewer 2007 (German)	Microsoft Corporation	25.12.2011	34,7MB	12.0.6425.1000
Microsoft Office Suite Activation Assistant	Microsoft Corporation	11.03.2009	8,37MB	2.9
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	11.03.2009	1,74MB	3.1.0000
Microsoft SQL Server 2008	Microsoft Corporation	13.10.2011	560MB	
Microsoft SQL Server 2008 Browser	Microsoft Corporation	13.10.2011	8,00MB	10.1.2531.0
Microsoft SQL Server 2008 Native Client	Microsoft Corporation	13.10.2011	3,25MB	10.1.2531.0
Microsoft SQL Server 2008 R2 Data-Tier Application Project	Microsoft Corporation	13.10.2011	14,1MB	10.50.1447.4
Microsoft SQL Server 2008 R2 Management Objects	Microsoft Corporation	13.10.2011	17,1MB	10.50.1447.4
Microsoft SQL Server 2008 R2 Transact-SQL Language Service	Microsoft Corporation	13.10.2011	5,41MB	10.50.1447.4
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework	Microsoft Corporation	13.10.2011	0,37MB	10.50.1447.4
Microsoft SQL Server Compact 3.5 SP2 DEU	Microsoft Corporation	13.10.2011	3,69MB	3.5.8080.0
Microsoft SQL Server Database Publishing Wizard 1.4	Microsoft Corporation	13.10.2011	10,2MB	10.1.2512.8
Microsoft SQL Server System CLR Types	Microsoft Corporation	13.10.2011	2,55MB	10.50.1447.4
Microsoft SQL Server VSS Writer	Microsoft Corporation	13.10.2011	1,81MB	10.1.2531.0
Microsoft Team Foundation Server 2010-Objektmodell - DEU	Microsoft Corporation	13.10.2011	316MB	10.0.30319
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	18.09.2009	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	15.06.2011	0,29MB	8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	02.11.2009	0,19MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	12.04.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	Microsoft Corporation	10.04.2011	1,41MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411	Microsoft Corporation	10.11.2009	1,46MB	9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	02.11.2009	0,58MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	24.03.2010	0,58MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	15.06.2011	0,58MB	9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	02.10.2011	11,1MB	10.0.40219
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319	Microsoft Corporation	14.10.2011	15,7MB	10.0.30319
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)	Microsoft Corporation	25.12.2011	7,26MB	10.0.31119
Microsoft Visual Studio 2010 Ultimate - DEU	Microsoft Corporation	13.10.2011	2.038MB	10.0.30319
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU	Microsoft Corporation	13.10.2011	7,26MB	10.0.30319
Microsoft Visual Studio Macro Tools	Microsoft Corporation	13.10.2011	29,2MB	9.0.30729
Microsoft Visual Studio Macro Tools - DEU Language Pack	Microsoft Corporation	13.10.2011	29,2MB	9.0.30729
Microsoft Works	Microsoft Corporation	14.12.2010	378MB	9.7.0621
Microsoft WSE 3.0 Runtime	Microsoft Corp.	08.12.2009	0,92MB	3.0.5305.0
Microsoft XNA Framework Redistributable 3.1	Microsoft Corporation	13.12.2011	7,55MB	3.1.10527.0
Mozilla Firefox 9.0.1 (x86 de)	Mozilla	06.01.2012	37,2MB	9.0.1
MSM2MSI_gstudio	Pantaray	07.08.2009	2,34MB	2.0
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	11.03.2009	1,29MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	25.11.2009	1,34MB	4.20.9876.0
MSXML 4.0 SP3 Parser	Microsoft Corporation	25.12.2011	1,48MB	4.30.2100.0
MSXML 4.0 SP3 Parser (KB973685)	Microsoft Corporation	30.12.2011	1,54MB	4.30.2107.0
MyWinLocker	Egis Technology Inc.	09.08.2009	35,2MB	3.1.59.0
NCsoft Launcher	NCsoft	28.07.2011	2,72MB	1.5.19002
NTI Backup Now 5	NewTech Infosystems	11.03.2009	29,5MB	5.1.2.616
NVIDIA PhysX	NVIDIA Corporation	27.10.2009	119,9MB	9.09.0203
Oracle Data Provider for .NET Help	Oracle Corporation	09.02.2012	1,04MB	10.2.000
Oracle Database 10g Express Edition	Oracle Corporation	09.02.2012	1.115MB	10.2.1015
osu!	peppy	25.09.2011	130,6MB	0.0.0.0
Pando Media Booster	Pando Networks Inc.	14.07.2011	7,07MB	2.3.6.0
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	09.08.2009	11,2MB	6.0.1.5807
Skype™ 5.5	Skype Technologies S.A.	12.10.2011	17,0MB	5.5.119
SMAC 2.7		04.10.2011	1,93MB	
SMPlayer 0.6.9	RVM	07.08.2011	46,5MB	0.6.9
StarCraft II	Blizzard Entertainment	14.10.2011	10.255MB	1.4.1.19776
Steam	Valve Corporation	16.02.2012	1,49MB	1.0.0.0
Team Fortress 2	Valve	16.02.2012	1.164MB	
TeamSpeak 3 Client	TeamSpeak Systems GmbH	14.05.2010	28,1MB	
Titan Quest	Iron Lore	12.10.2011	3.076MB	1.00.0000
Titan Quest Immortal Throne	Iron Lore	12.10.2011	2.355MB	1.00.0000
Torchlight	JoWooD	21.06.2010	455MB	1.0.0
TortoiseSVN 1.7.1.22161 (32 bit)	TortoiseSVN	12.01.2012	31,8MB	1.7.22161
Uninstall 1.0.0.1		21.04.2011	16,6MB	
Unterstützungsdateien für Microsoft SQL Server 2008-Setup 	Microsoft Corporation	13.10.2011	30,1MB	10.1.2731.0
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU	Microsoft Corporation	13.10.2011	11,2MB	4.0.8080.0
VisualSVN 2.5.1	VisualSVN Ltd.	12.01.2012	7,85MB	2.5.1.0
Warcraft III	Blizzard Entertainment	29.07.2009	1.162MB	
Windows Live Essentials	Microsoft Corporation	11.03.2009	136,5MB	14.0.8050.1202
Windows Live ID Sign-in Assistant	Microsoft Corporation	15.11.2010	4,69MB	6.500.3165.0
Windows Live Sync	Microsoft Corporation	11.03.2009	2,80MB	14.0.8050.1202
Windows Live-Uploadtool	Microsoft Corporation	11.03.2009	0,22MB	14.0.8014.1029
WinRAR		24.03.2010	3,78MB

Ich hatte meine Exterene Festplatte nicht angeschlossen, 1stens weil ich sie nicht zur Hand hatte, 2tens weil ich sie seit einem halben Jahr nicht mehr benutzt hatte.

Proplem besteht weiterhin.

kira · 30.05.2012, 14:54

das Programm vermutlich in nicht legaler Weise auf dein PC gelangt?!:

Zitat:

Microsoft Office Enterprise

W32.IRCBot:
ist ein Backdoor, der es Hackern erlaubt, einen entfernten Zugriff auf den betroffenen Computer zu haben und Aktionen auszuführen, die das Vertrauen des Users gewinnen und die Aufgaben des Computers behindern.
Der Virus nutzt heimliche Techniken, um nicht vom User entdeckt zu werden:
• Der Virus löscht die Datei, die ihn nach seiner Installation aktiviert hat.

IRCBot.BXB benutzt folgende Verbreitungsmethoden:

Code:

ATTFilter

• Der Virus nutzt die Verwundbarkeit des Computers aus, die durch den User entsteht: Ausnutzen von Verwundbarkeiten in Datei-Formaten oder –Applikationen. Dieses Vorhaben benötigt das Eingreifen des Users, der Dateien öffnet, tückische Internetseiten besucht und Emails liest.
• Infektion von Dateien: Der Virus befällt verschiedene Arten von Dateien, die dann auf übliche Weise verbreitet werden: Disketten, CD-ROMs, Emails mit Anhang, Internetdownloads, Dateien übertragen durch FTP, IRC Channels, P2P File Sharing Netzwerke etc.

Der Virus erlaubt es Hackern, einen entfernten Zugriff auf den betroffenen Computer zu haben und Aktionen auszuführen, die das Vertrauen des Users gewinnen und die Aufgaben des Computers behindern.

Der Virus nutzt heimliche Techniken, um nicht vom User entdeckt zu werden:
• Der Virus löscht die Datei, die ihn nach seiner Installation aktiviert hat.[/b]

-> Forumregel:- Cracks, Keygens und andere illegale Software

Zitat:

C:\Windows\System32\drivers\str.sys (Rootkit.Agent)

was ist ein Rootkit

ich denke hier gibt es nur eine einzige richtige Lösung:
- Windows-Installation komplett

Vrael · 30.05.2012, 15:07

Wenn ich mal fragen darf, wie kommst du darauf das es von einer illegalen Software stammt?

Desweiteren wollte ich meinen Pc sowieso mal wieder neu aufsetzten. Wie sieht es da mit Dokumenten für die Schule usw aus? Was soll ich mit meiner externen Platte machen, mit dem verseuchten pc scannen? Bei meinem Usb-Stick stellt sich die selbe Frage(habe ihn in letzter zeit benutzt).

kira · 30.05.2012, 16:23

Tipps & Rat:

➊
Datensicherung:
► NUR Daten sichern, die nicht ausführbaren Dateien enthalten - Dateiendungen - Dies ist eine Liste von Dateiendungen, die Dateien mit ausführbarem Code bezeichnen können.
- Vorsicht mit den schon vorhandenen Dateien auf die extern gespeicherten Daten und auch jetzt mit dem Virus infizierte Dateien eine Datensicherung anzufertigen
- Am besten alles was dir sehr wichtig, separat (extern) sichern - nicht mischen eventuell früher geschicherten Daten, also vor dem Befall!
- Eventuell gecrackte Software nicht sichern und dann auf neu aufgesetztem System wieder drauf installieren!

- Vor zurückspielen - bevor du mit deinem PC direkt ins Netz gehst...:
- die Autoplay-Funktion für alle Laufwerke deaktivieren/ausschalten -> Autorun/Autoplay gezielt für Laufwerkstypen oder -buchstaben abschalten

Die auf eine externe Festplatte gesicherten Daten, gründlich zu scannen von einem suaberen System aus, am besten mit mehreren Scannern-> Kostenlose Online Scanner - Anleitung
Absolut empfehlenswerter Scanner:

Zitat:

Eset Online Scanner (NOD32)
Panda-Aktivscan
Symantec Security Check

➋
-> Anleitung: Neuaufsetzen des Systems + Absicherung
-> Anleitung zum Neuaufsetzen - Windows XP, Vista und Win7

➌
Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern
z.B. Login-, Mail- oder Website-Passwörter
Tipps:
Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)

Vrael · 30.05.2012, 18:45

Zitat:

► NUR Daten sichern, die nicht ausführbaren Dateien enthalten - Dateiendungen - Dies ist eine Liste von Dateiendungen, die Dateien mit ausführbarem Code bezeichnen können.

Wie sieht es da mit Dateien aus die ich selber Erstellt habe z.B.: HelloWorld.exe?

kira · 30.05.2012, 22:49

dann weißt Du doch dass Du selbst erzeugt hast und keinen Schaden einrichten kann oder...

Vrael · 31.05.2012, 14:49

Ich wollte nur auf nummer sicher gehen.

Dann Danke ich hier schon mal für die Hilfe

Werbung rechts unten, falsche Weiterleitung

Plagegeister aller Art und deren Bekämpfung: Werbung rechts unten, falsche Weiterleitung