|
Plagegeister aller Art und deren Bekämpfung: BKA Virus auf pc!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
08.07.2012, 21:12 | #1 |
| BKA Virus auf pc! Huhu habe ein Virus auf dem pc. Und zwar dieses "BKA" Virus. Nach Otl Scan: Code:
ATTFilter OTL logfile created on: 08.07.2012 21:48:16 - Run 1 OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Jeremy\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,99 Gb Total Physical Memory | 0,82 Gb Available Physical Memory | 13,75% Memory free 11,98 Gb Paging File | 5,36 Gb Available in Paging File | 44,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 921,17 Gb Total Space | 812,64 Gb Free Space | 88,22% Space Free | Partition Type: NTFS Drive D: | 10,24 Gb Total Space | 1,91 Gb Free Space | 18,69% Space Free | Partition Type: NTFS Computer Name: JEREMY-PC | User Name: Jeremy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Jeremy\Downloads\24960-OTL.exe (OldTimer Tools) PRC - C:\World of Warcraft\Wow.exe (Blizzard Entertainment) PRC - C:\Users\Jeremy\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) PRC - C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe (Adobe Systems, Inc.) PRC - c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (McAfee, Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.exe (Microsoft Corporation.) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName}) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe () PRC - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard) PRC - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe (Hewlett-Packard) PRC - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe () PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) ========== Modules (No Company Name) ========== MOD - C:\Users\Jeremy\AppData\Roaming\Spotify\Data\libcef.dll () MOD - C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe () MOD - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe () MOD - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.DLL () ========== Win32 Services (SafeList) ========== SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (McAfee SiteAdvisor Service) -- c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (McAfee, Inc.) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.exe (Microsoft Corporation.) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BBSvc.exe (Microsoft Corporation.) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (Norton Internet Security) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe (Symantec Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) Und die extra.TxT Code:
ATTFilter OTL Extras logfile created on: 08.07.2012 21:48:16 - Run 1 OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Jeremy\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,99 Gb Total Physical Memory | 0,82 Gb Available Physical Memory | 13,75% Memory free 11,98 Gb Paging File | 5,36 Gb Available in Paging File | 44,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 921,17 Gb Total Space | 812,64 Gb Free Space | 88,22% Space Free | Partition Type: NTFS Drive D: | 10,24 Gb Total Space | 1,91 Gb Free Space | 18,69% Space Free | Partition Type: NTFS Computer Name: JEREMY-PC | User Name: Jeremy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3218139785-3739349501-2943519655-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0257B221-B22B-4553-9BF8-5F9391F029C9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0A1A7E2A-CB37-446C-ACD1-4FAFE974CC56}" = lport=445 | protocol=6 | dir=in | app=system | "{14143A05-732B-4E9C-BEBC-805DA21CD0D9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{155C9E43-73AD-4D48-BABD-6399024EB960}" = rport=138 | protocol=17 | dir=out | app=system | "{161B6A39-B273-444D-8D45-6F64A99A9ECF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{296635E4-C0C0-4EEF-BD0C-9113196F1651}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{382062FD-1176-4A6B-B54A-8E53C8388510}" = lport=2869 | protocol=6 | dir=in | app=system | "{3C6C9C9D-640B-4588-8892-2F3BE305F425}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3F69FB5A-2542-493C-B73B-C2D5B417BB63}" = lport=138 | protocol=17 | dir=in | app=system | "{527FCD82-B70B-4179-A141-41C74854EE72}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{64425A67-ED4A-4ACD-BF34-C863888C8306}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | "{6F66B165-4EFB-442D-9400-A6785205969D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{74A55CBB-AAD3-475E-9FF2-67C92C7B0F83}" = rport=139 | protocol=6 | dir=out | app=system | "{78024579-1F1B-4A32-A2AC-490F5403B9C0}" = lport=10243 | protocol=6 | dir=in | app=system | "{7D9A1B09-7C49-4761-8B3C-ECE4C225DD7B}" = lport=137 | protocol=17 | dir=in | app=system | "{86DD6E15-830C-44B2-A3C8-742103A0A735}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | "{8A54EF26-36AF-4440-9154-3840C9A97C0E}" = rport=10243 | protocol=6 | dir=out | app=system | "{8AA839AA-DFBB-41FB-BCD8-F895F02E38D3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{91B8DBB7-5CF5-45B6-8EEC-03695991A09A}" = rport=137 | protocol=17 | dir=out | app=system | "{B67D5979-8775-45F4-BAD1-DC674430DAAB}" = lport=2869 | protocol=6 | dir=in | app=system | "{B8931E77-6EBF-46B6-B0C4-59444CDEA145}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{BCE6F1C9-B5FE-46D5-9C41-EBE4C2200302}" = lport=139 | protocol=6 | dir=in | app=system | "{CE1AC6E9-8846-4151-BA2F-9FA10D30906F}" = lport=6976 | protocol=6 | dir=in | name=league of legends launcher | "{E2D61881-3E76-4698-8C92-1D806030AD26}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | "{EAACFA38-FF75-47FE-9604-7E971B9B0923}" = rport=445 | protocol=6 | dir=out | app=system | "{F2699F99-7A3C-41D0-AA2D-4023A0622C37}" = lport=6976 | protocol=17 | dir=in | name=league of legends launcher | "{F45C7599-D258-4144-9F00-E10AC47B0777}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F841398E-2A4E-48D6-BBE0-0F9D1C2BF1FD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00FA2875-8897-452E-B802-9DD9DCB82261}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{04F704DE-A17C-42BA-9DA0-929A4628D204}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft public test\launcher.exe | "{067D56FE-556D-488D-9DF5-D8AFDC63B4E8}" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.patch.exe | "{07ACFFFD-390B-41CF-8651-0D36BE40BDF0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{1259FD63-113E-4FDA-88FC-3267F0AF1412}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | "{12725068-BBCA-4E80-A4E6-7BEC685B589D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | "{12FE4E93-E8DC-46EF-A244-B4296B842C06}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | "{135E58C2-E85A-4305-BE29-5624F855C965}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{15F3016B-38DB-426E-B998-01C50F4BD229}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | "{18347AAA-114C-48F5-B103-C3EFC45A1556}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1DCB5CE3-E439-4A99-8349-30D72E7529FC}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe | "{1E4A08AB-62C8-4C20-BACB-B53B9561F258}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | "{21243604-2C93-4FF4-9EB5-9A42EC0F9A80}" = protocol=6 | dir=out | app=system | "{23B57529-2A83-4835-A7D5-6A91DCC82555}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{263254B3-9335-4B9E-A506-C3624FBFF10C}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{263352DF-8EF5-4AE2-96C3-69C59C46619E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{263B37B7-85EC-4647-A937-B333D70FD135}" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.patch.exe | "{2770C654-54CC-42D1-AE2A-CFED858D8A50}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | "{2813D4E6-E447-4496-8481-415FB18A1416}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | "{313FB264-E9E8-4A89-8AF8-4D0FCB0ECF83}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{3370554E-2D2A-412D-A70D-5CD3642BC5D0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{344A69FC-D3BE-4C9F-B780-AC4C42D4F827}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{3546864B-E655-4FAA-9153-EC224EAB73B7}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{376D5092-ED70-4D59-96F2-E326DFAF49A9}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft public test\launcher.exe | "{37D499B4-015B-4312-8825-3B3C8545AD17}" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe | "{3BEDCF66-6B06-4B2E-AC2E-6F5BD83AD00B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{425139EF-5DC2-47B7-922A-24A46C438803}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe | "{4BFC1CF8-461B-4BA7-A33B-F2B947314B73}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{4E19CBCE-3AC8-48AE-BC73-59EEA32CD239}" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.patch.exe | "{52FC5CF7-A8B5-40A0-B08E-2837839C4B47}" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.patch.exe | "{57DDEED6-5618-4EF3-8929-CF5B73B5F151}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{5A774B97-04E0-490F-8CC5-DCDA86E5DF95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5F259BA5-BA64-4D64-90F7-EB85CDC2CF4A}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe | "{6088CA45-EC77-400E-82D3-23817A27C626}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{676A45A2-D041-4970-81C5-8DE19D897D40}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft public test\launcher.patch.exe | "{6BF863F6-60DB-49DF-8601-C8231C37CB38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6CC2D185-5C52-48B5-8AA7-FE4B910071D7}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{72C3EE88-83FE-406D-853C-A9D26D203FCB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{769FD4A8-F7AA-4A3E-91BC-225756577715}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{7A620F41-511E-4246-AA7E-0C0D3D67603B}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | "{7ACB08C3-8447-49C7-A720-05789B228348}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe | "{7EF83FED-4E3C-4D14-A57A-4DF6791EC322}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{81AE9286-6358-4970-A3A5-E7CE2060D322}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{81F1203F-7049-491B-BE7C-C9332125E3A4}" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe | "{861630D6-209B-4E16-B35B-24A5E2BC9BFD}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{89626932-2FA4-40A8-BFB2-1C764A6846FE}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{8B7EEFA5-9637-4F2B-AB9B-17B07D7A7107}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe | "{8F6ABD7E-5A82-43D2-A195-73F68F2238FF}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{908B4A24-A750-4CEC-A266-028685E26371}" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe | "{91EEF3F2-A47D-4B0D-BC9F-43399E6C67F0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9233FE85-DAB0-41F4-A5DE-6DD2586079CD}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe | "{95A79B4F-0F0D-4955-94BE-42428E761783}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9722CE3B-616A-4C60-A2DE-F9D0114906E6}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{9F63D5C1-A47D-4EEF-953C-3967D22DF0B8}" = protocol=17 | dir=in | app=c:\world of warcraft public test\launcher.exe | "{A260E0A6-E992-4AD5-96AA-50B417C7D4CE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{A4E4A2B9-4407-4CA4-A1CB-8F60DE348A36}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{AA459632-3C0C-4A00-800E-0F1A625D73AE}" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe | "{AE0C2C20-5051-465F-9B94-B59893805477}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{B04D4801-B2E5-4ABF-83CA-B3A5BB947CF2}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe | "{B06CDF73-A5CC-4D0D-9DF9-50C847C8BE5E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe | "{B4DBBC01-0224-4683-B6BD-44FD7E19E8CD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{B8F2851B-3503-44DA-B11A-D4F92C480938}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe | "{B92F4246-CF2B-457C-A262-752217EEE408}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{BB2266FC-954D-420E-9315-2F401499C6C5}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft public test\launcher.patch.exe | "{BD28870D-03F6-4246-A75E-D17719BF97E5}" = protocol=6 | dir=in | app=c:\world of warcraft public test\launcher.exe | "{C88012E4-6485-4E36-949F-8A874D34C77E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | "{D238C864-2B28-4BC6-8C70-798BB38A0E7C}" = protocol=17 | dir=in | app=c:\world of warcraft public test\launcher.patch.exe | "{D7B6F69D-38F9-4857-B38B-19DA87F5D9AC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{DB29BEB9-FD54-4F80-8A28-6741011E0DF9}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | "{DBE4EC35-9F17-470C-8C82-BBF801E22ECF}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{DD57589C-BB1D-46FE-9E3C-3FA27DF3772E}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | "{DF44AAE0-AB17-4CFC-A099-FEF9F0A13ED5}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | "{E675694B-533B-4D4B-A549-50561A453368}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{E86F1020-679B-461F-93B8-702332E4F022}" = protocol=6 | dir=in | app=c:\world of warcraft public test\launcher.patch.exe | "{F04C6DE0-49C2-4AD0-9C03-04DEAEDADAD0}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | "{F33CBC42-3D19-4F71-BAA8-E3A01CD0226F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{F700A11A-2FE6-4B0F-BB5B-BA047B29128A}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{FE9DB386-5EF9-4E6B-98EA-6331D9D905B4}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | "TCP Query User{09A52CDD-BB67-466E-9577-C0517B67E719}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe | "TCP Query User{0DADC6B3-45FC-4E5D-9A61-24A6B7376294}C:\users\jeremy\desktop\work\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\jeremy\desktop\work\world of warcraft\launcher.exe | "TCP Query User{113B1057-9FEB-4479-9BA5-72E072359888}C:\world of warcraft public test\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\world of warcraft public test\backgrounddownloader.exe | "TCP Query User{11C0F171-702A-48AC-94E0-B024C95FC5F5}C:\users\jeremy\downloads\ptr-installer-de_de(1).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(1).exe | "TCP Query User{11D22D32-95EE-4940-AAD0-4FD6C502B828}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | "TCP Query User{177491F5-7178-4EF4-AB64-878024CB7379}C:\users\jeremy\downloads\ptr-installer-de_de(2).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(2).exe | "TCP Query User{1F07AC1C-8B07-4FB7-88B7-5F0364C53420}C:\users\jeremy\desktop\work\world of warcraft\launcher.patch.exe" = protocol=6 | dir=in | app=c:\users\jeremy\desktop\work\world of warcraft\launcher.patch.exe | "TCP Query User{20EB484E-DCD4-4B4C-9D56-23D1A9AE9662}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(5).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(5).exe | "TCP Query User{217758BB-0C52-40AF-B669-8C842788D687}C:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe | "TCP Query User{2D493C2A-0E7C-4634-8087-BA72F499EBDE}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe | "TCP Query User{2F7C5D31-C4B0-4DF7-9C08-392829B2D0B9}C:\users\jeremy\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\jeremy\appdata\roaming\spotify\spotify.exe | "TCP Query User{44337611-27DC-4702-94C0-249709128EAE}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2683-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2683-enus-tools-downloader.exe | "TCP Query User{47BC3A51-B2D6-4CA2-8F4E-5AF718C3CE5C}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe | "TCP Query User{482A9E22-17F9-42A0-AF5F-BCC481AA724C}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(3).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(3).exe | "TCP Query User{4ACD3155-2569-4964-8E4C-D44664F13061}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe | "TCP Query User{529C20E7-AE7E-49E1-8DC2-6A87F02DE955}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe | "TCP Query User{550205D2-93D1-4CF2-A47C-58B6F6B72C23}C:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe | "TCP Query User{60055922-5C76-4C4D-A315-93EB9D1C6FA8}C:\users\jeremy\downloads\ptr-installer-en_us.exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-en_us.exe | "TCP Query User{6197AF03-CC85-48AB-ABBE-3F2FCFCD7685}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe | "TCP Query User{6383AD98-3FA5-4D5A-931A-CC1AB28C0E7D}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{6885D030-19C5-4AB0-83C0-BD634B09D57D}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe | "TCP Query User{6E775BCD-BBC4-4D20-B3CF-4FC61FCAEAF6}C:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe | "TCP Query User{6FA71E18-31C6-4DD4-814E-2EC851A0E20C}C:\users\jeremy\downloads\ptr-installer-de_de(3).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(3).exe | "TCP Query User{73162F99-8FE5-4B4A-8A12-31AA36EF0BB6}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "TCP Query User{7921AA1D-E328-436C-916A-5AB92A8F3C9E}C:\users\jeremy\downloads\ptr-installer-de_de(4).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(4).exe | "TCP Query User{7A2BC74B-CF82-42C9-9598-350EFBABF106}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe | "TCP Query User{7C8AA864-0B64-455B-AD9C-B99019F97B32}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(7).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(7).exe | "TCP Query User{844D2905-4A51-411E-9A56-B62E56B4AC94}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe | "TCP Query User{9024DF08-7FAA-4B09-AFD7-77BB25BF9526}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe | "TCP Query User{99F69F4E-4B4A-40CD-934E-9A9E9C0304C3}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(6).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(6).exe | "TCP Query User{9CEFA52B-3E6E-4DFE-AC69-1EC9FBCFE7A5}C:\program files (x86)\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe | "TCP Query User{A1C9CAD9-D12A-44FC-9504-1FB02902BD9C}C:\users\jeremy\desktop\work\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\jeremy\desktop\work\world of warcraft\backgrounddownloader.exe | "TCP Query User{A4E180E4-6035-4EE9-80C8-CE65FBF10E75}C:\users\jeremy\desktop\work\world of warcraft\temp\wow-4.2.1.2608-enus-ptr-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\jeremy\desktop\work\world of warcraft\temp\wow-4.2.1.2608-enus-ptr-tools-downloader.exe | "TCP Query User{A98E9FC4-5372-4F6B-81B4-D089F1DEC006}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(4).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(4).exe | "TCP Query User{ABB7F97A-325A-4124-8B9B-7C8F804FA19E}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe | "TCP Query User{B1317B57-B682-4563-BE45-3FABE91BE86D}C:\users\public\games\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\repair.exe | "TCP Query User{B3FF96A1-6EE7-4DF1-8EFE-9FD90ECF3A39}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "TCP Query User{BBB0906C-3418-4E26-B530-B31146AEF92D}C:\users\jeremy\desktop\teamspeak3-server_win64\ts3server_win64.exe" = protocol=6 | dir=in | app=c:\users\jeremy\desktop\teamspeak3-server_win64\ts3server_win64.exe | "TCP Query User{BFF1C10D-9585-4EE5-B018-060AC7260658}C:\program files (x86)\ea sports\fussball manager 10\manager10.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea sports\fussball manager 10\manager10.exe | "TCP Query User{CDB5B278-181E-4BD0-8DD2-2B7F949F40A6}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe | "TCP Query User{CEF4D64B-FE17-407F-904B-9F9351A0E8A2}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(2).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(2).exe | "TCP Query User{D6397B30-8DAA-4584-B1A9-F839FCDFDBB6}C:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\world of warcraft\backgrounddownloader.exe | "TCP Query User{DF5AEF44-43C0-4FC2-AFD4-C23455E941ED}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe | "TCP Query User{F6193FC2-C51C-4ED5-B4FA-5D89FF764C2A}C:\users\jeremy\downloads\ptr-installer-de_de.exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de.exe | "TCP Query User{FC339942-EFD4-483C-8353-A9B2B64A7439}C:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe | "TCP Query User{FEBAF648-D52E-4CAA-833C-A01A9260C806}C:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe | "TCP Query User{FF2F728D-4BEA-40B1-A16A-5BD2BCEA2B35}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "TCP Query User{FF5D0286-BDE1-494F-96E5-7305E0E2F595}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "UDP Query User{084E0583-A0DC-491F-AAA6-95C8F2B60550}C:\users\jeremy\downloads\ptr-installer-de_de(1).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(1).exe | "UDP Query User{09E4C6B6-9E38-4952-8343-B478340542F6}C:\users\public\games\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\repair.exe | "UDP Query User{0DB23AEC-9117-45FE-AE24-E8D1FB49765F}C:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe | "UDP Query User{130EE70E-6624-42BE-BCC1-86615161C5C9}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe | "UDP Query User{190A570B-47C7-481C-9600-FC3A4467E53A}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2683-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2683-enus-tools-downloader.exe | "UDP Query User{192E260D-7EA1-41B2-BDFC-9F8A96070DA9}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe | "UDP Query User{1E2758B2-6DEB-453B-9CB2-F99783DC4121}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe | "UDP Query User{2024AA65-DB8F-44CE-9BDE-2417CF1573F0}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | "UDP Query User{2620FB3B-0FC5-4E47-A648-103E4CC68531}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "UDP Query User{274C0EAA-7345-4B61-B225-B9228E521616}C:\users\jeremy\downloads\ptr-installer-de_de(2).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(2).exe | "UDP Query User{2869C3A5-0A65-4765-8472-95C2FCBC2719}C:\program files (x86)\ea sports\fussball manager 10\manager10.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea sports\fussball manager 10\manager10.exe | "UDP Query User{2AF2A668-32F2-425B-B942-E71B42AFA813}C:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\world of warcraft\backgrounddownloader.exe | "UDP Query User{2B679AAC-A065-42AA-B233-111C452C38C3}C:\users\jeremy\desktop\work\world of warcraft\temp\wow-4.2.1.2608-enus-ptr-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\jeremy\desktop\work\world of warcraft\temp\wow-4.2.1.2608-enus-ptr-tools-downloader.exe | "UDP Query User{2D58FA93-B978-4B81-BBF5-826B01F7ECFE}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe | "UDP Query User{2F0D136C-6788-4172-A1BD-DDBB18BBC3C4}C:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe | "UDP Query User{3B8BBA92-E8C9-4C1D-96B5-42D575E3BCAB}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(7).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(7).exe | "UDP Query User{3CD4A27A-298D-438F-9E2E-432A0CDCF17E}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(4).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(4).exe | "UDP Query User{4277635F-AAD0-48D3-B8D9-7F76AE2DAC0B}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe | "UDP Query User{42BC36B6-A0EF-4086-91E5-7533BBB08C5E}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(5).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(5).exe | "UDP Query User{5AF73430-BBC8-4054-AAD7-F928118C573F}C:\users\jeremy\downloads\ptr-installer-de_de(3).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(3).exe | "UDP Query User{5FFA4D61-85B2-4E20-9108-77C13E7A7F6D}C:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe | "UDP Query User{62931907-046B-4183-AB3C-157CAB7E5ACF}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe | "UDP Query User{653490DE-0958-4456-9C27-04A09CCCBEB9}C:\users\jeremy\downloads\ptr-installer-de_de(4).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(4).exe | "UDP Query User{6989194B-3AB6-4494-AAD1-D8E0222AB438}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe | "UDP Query User{6A710B6B-C5A9-4D03-AC75-985FD8D8135B}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe | "UDP Query User{6D9306B7-8096-4DA2-BA24-CE7A6F2EB1A4}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{7A7E9507-F4AE-4FE2-BF64-726422D39891}C:\users\jeremy\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\jeremy\appdata\roaming\spotify\spotify.exe | "UDP Query User{7D05EE87-2768-4BC3-A538-BE27AE9DF67C}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "UDP Query User{7F9AC1A8-E531-4DB5-8C07-9B6CC1AF8771}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe | "UDP Query User{91D02902-5A61-4B9F-B771-137B358E6031}C:\program files (x86)\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe | "UDP Query User{A708DBF0-8272-4A8D-B10A-21E61FD2A66F}C:\world of warcraft public test\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\world of warcraft public test\backgrounddownloader.exe | "UDP Query User{B029BC15-35F4-47FF-85DF-263BD085F1A2}C:\users\jeremy\downloads\ptr-installer-en_us.exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-en_us.exe | "UDP Query User{B2A423F1-1F19-47B2-96C4-8372239AB2CA}C:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe | "UDP Query User{B417CDFD-74BC-4FDF-9A97-0408B442E82B}C:\users\jeremy\desktop\work\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\jeremy\desktop\work\world of warcraft\backgrounddownloader.exe | "UDP Query User{B4FB2100-A6DB-4D3F-8DB9-99DDC5694C3E}C:\users\jeremy\desktop\work\world of warcraft\launcher.patch.exe" = protocol=17 | dir=in | app=c:\users\jeremy\desktop\work\world of warcraft\launcher.patch.exe | "UDP Query User{B9587E30-8A16-4343-B84D-A06A4917217A}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe | "UDP Query User{CACCD628-EC65-40BC-B676-2EF0FAB62DF6}C:\users\jeremy\desktop\teamspeak3-server_win64\ts3server_win64.exe" = protocol=17 | dir=in | app=c:\users\jeremy\desktop\teamspeak3-server_win64\ts3server_win64.exe | "UDP Query User{CD5A19E9-35DD-431F-90CA-7344338B667B}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(6).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(6).exe | "UDP Query User{D87C2DAD-9388-4822-894D-2BAA922D22A1}C:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe | "UDP Query User{DC287EDD-4E05-437F-BCBF-1AA4759397C8}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "UDP Query User{E00CB3FF-913F-4353-BDFB-D8FCD1BC1187}C:\users\jeremy\desktop\work\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\jeremy\desktop\work\world of warcraft\launcher.exe | "UDP Query User{F0AEEAC2-7BFB-4961-8B7A-30BE45AEF606}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe | "UDP Query User{F0F9BEA2-380A-431D-9C03-92C86E697887}C:\users\jeremy\downloads\ptr-installer-de_de.exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de.exe | "UDP Query User{F34CFF60-0A83-4994-97FD-1F780FD8F80C}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe | "UDP Query User{F437A69B-94C9-41C1-805F-5E81C388D6C1}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe | "UDP Query User{F772A494-8F57-4B04-9199-7EFAF300025B}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "UDP Query User{F7B8F9B5-3832-41EB-AF9C-293D908F245A}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(3).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(3).exe | "UDP Query User{FB679CC4-DC66-4A91-81C4-FA84CD0E7485}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(2).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(2).exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour "{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu "{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2 "NVIDIA Drivers" = NVIDIA Drivers "PC-Doctor for Windows" = Hardwarediagnosetools [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011 "{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4 "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{57C5B3B2-E935-441F-9D3A-0B331E1FE4B9}" = HOT ALBUM MYBOX "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5B295588-59C1-4386-9F85-BB4BEDCB0D22}" = HP Customer Experience Enhancements "{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE) "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9739666-2235-42F8-85D6-9B4005DC7951}" = Bing Bar "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support "{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}" = HP MAINSTREAM KEYBOARD "{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer "{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004) "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "conduitEngine" = Conduit Engine "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.24.608 "Google Chrome" = Google Chrome "HP Remote Solution" = HP Remote Solution "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "InstallShield_{57C5B3B2-E935-441F-9D3A-0B331E1FE4B9}" = HOT ALBUM MYBOX "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400 "Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Mumble" = Mumble and Murmur "NIS" = Norton Internet Security "OpenAL" = OpenAL "PhotoScape" = PhotoScape "PHPNukeDE Toolbar" = PHPNukeDE Toolbar "TeamSpeak 3 Client" = TeamSpeak 3 Client "TuneUp Utilities 2011" = TuneUp Utilities 2011 "Uninstall_is1" = Uninstall 1.0.0.1 "vShare.tv plugin" = vShare.tv plugin 1.3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR "World of Warcraft" = World of Warcraft ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3218139785-3739349501-2943519655-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Spotify" = Spotify ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 07.05.2011 14:38:13 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 7005 Error - 07.05.2011 14:38:14 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 07.05.2011 14:38:14 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 8003 Error - 07.05.2011 14:38:14 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 8003 Error - 07.05.2011 14:38:15 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 07.05.2011 14:38:15 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 9002 Error - 07.05.2011 14:38:15 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 9002 Error - 07.05.2011 14:38:16 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 07.05.2011 14:38:16 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 10031 Error - 07.05.2011 14:38:16 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 10031 [ Media Center Events ] Error - 06.01.2012 09:36:57 | Computer Name = Jeremy-PC | Source = MCUpdate | ID = 0 Description = 14:36:49 - Fehler beim Herstellen der Internetverbindung. 14:36:49 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 08.07.2012 07:58:11 | Computer Name = Jeremy-PC | Source = SRTSP | ID = 524292 Description = Error loading virus definitions. Error - 08.07.2012 07:58:11 | Computer Name = Jeremy-PC | Source = SRTSP | ID = 524293 Description = Error loading Symantec real time Anti-Virus driver. Error - 08.07.2012 07:58:26 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7024 Description = Der Dienst "Norton Internet Security" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1. Error - 08.07.2012 07:58:40 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: SRTSP Error - 08.07.2012 11:00:56 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error - 08.07.2012 11:00:56 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht. Error - 08.07.2012 12:23:46 | Computer Name = Jeremy-PC | Source = SRTSP | ID = 524292 Description = Error loading virus definitions. Error - 08.07.2012 12:23:46 | Computer Name = Jeremy-PC | Source = SRTSP | ID = 524293 Description = Error loading Symantec real time Anti-Virus driver. Error - 08.07.2012 12:24:01 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7024 Description = Der Dienst "Norton Internet Security" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1. Error - 08.07.2012 12:24:26 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: SRTSP < End of report > Malewarebytes Scan Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.08.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Jeremy :: JEREMY-PC [Administrator] Schutz: Aktiviert 08.07.2012 22:07:00 mbam-log-2012-07-08 (22-07-00).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 216987 Laufzeit: 2 Minute(n), 46 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) CCleaner Ergebnis Code:
ATTFilter Adobe Flash Player 11 ActiveX 64-bit Adobe Systems Incorporated 04.05.2012 6,00MB 11.2.202.235 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 24.06.2012 6,00MB 11.3.300.262 Adobe Reader X (10.1.1) - Deutsch Adobe Systems Incorporated 01.11.2011 119MB 10.1.1 Apple Application Support Apple Inc. 08.07.2011 50,9MB 1.5.2 Apple Mobile Device Support Apple Inc. 08.07.2011 22,6MB 3.4.1.2 Apple Software Update Apple Inc. 08.07.2011 2,25MB 2.1.3.127 Avira AntiVir Personal - Free Antivirus Avira GmbH 13.02.2012 61,7MB 10.2.0.707 Avira SearchFree Toolbar plus Web Protection Ask.com 04.07.2012 4,98MB 1.15.4.0 Bing Bar Microsoft Corporation 15.05.2012 464KB 7.1.382.0 Bonjour Apple Inc. 08.07.2011 1,74MB 2.0.5.0 CCleaner Piriform 22.06.2012 3.20 Compatibility Pack für 2007 Office System Microsoft Corporation 15.05.2012 324MB 12.0.6612.1000 CyberLink DVD Suite Deluxe CyberLink Corp. 22.09.2009 16,4MB 6.0.3101 Free YouTube to MP3 Converter version 3.11.24.608 DVDVideoSoft Ltd. 18.06.2012 90,1MB 3.11.24.608 Google Chrome Google Inc. 30.06.2010 20.0.1132.47 Google Earth Google 25.11.2011 92,7MB 6.1.0.5001 Hardwarediagnosetools PC-Doctor, Inc. 22.09.2009 6.0.5205.31 HOT ALBUM MYBOX PLANNING Co., Ltd. 01.12.2010 72,3MB 3.1.7.9 HP Customer Experience Enhancements Hewlett-Packard 22.09.2009 5.7.0.3036 HP MAINSTREAM KEYBOARD Hewlett-Packard 22.09.2009 1.4.3.0 HP MediaSmart DVD Hewlett-Packard 22.09.2009 101MB 3.0.3123 HP MediaSmart Movie Themes Hewlett-Packard 22.09.2009 399MB 3.0.3102 HP MediaSmart Music/Photo/Video Hewlett-Packard 22.09.2009 401MB 3.0.3205 HP MediaSmart SmartMenu Hewlett-Packard 22.09.2009 1,85MB 3.0.28.2 HP Odometer Hewlett-Packard 22.09.2009 48,0KB 2.10.0000 HP Remote Solution TopSeed 22.09.2009 1.1.9.0 HP Setup Hewlett-Packard 22.09.2009 1.2.3220.3079 HP Support Information Hewlett-Packard 22.09.2009 160KB 10.1.0002 HP Update Hewlett-Packard 22.09.2009 2,96MB 5.001.000.014 Intel® Matrix Storage Manager Intel Corporation 08.12.2009 Java(TM) 7 Update 4 Oracle 15.05.2012 99,3MB 7.0.40 LabelPrint CyberLink Corp. 22.09.2009 230MB 2.5.1901 League of Legends Riot Games 18.11.2011 1.3 LightScribe System Software LightScribe 22.09.2009 22,4MB 1.18.5.1 Malwarebytes Anti-Malware Version 1.61.0.1400 Malwarebytes Corporation 08.07.2012 18,0MB 1.61.0.1400 McAfee SiteAdvisor McAfee, Inc. 05.07.2012 3.5.217 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 26.06.2010 38,8MB 4.0.30319 Microsoft IntelliPoint 8.2 Microsoft Corporation 25.04.2012 8.20.468.0 Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 15.05.2012 114MB 12.0.6612.1000 Microsoft Silverlight Microsoft Corporation 15.05.2012 242MB 4.1.10329.0 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 16.01.2010 1,72MB 3.1.0000 Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Corporation 07.03.2011 625KB 1.0.1215.0 Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Corporation 07.03.2011 1,44MB 1.0.1215.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 17.01.2010 260KB 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 17.01.2010 252KB 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 16.06.2011 300KB 8.0.61001 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 22.09.2009 708KB 8.0.61000 Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Corporation 02.06.2011 580KB 8.0.51011 Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Corporation 17.01.2010 212KB 9.0.30729.4148 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 17.01.2010 200KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 02.06.2011 790KB 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 02.06.2011 598KB 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 22.09.2009 788KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 16.06.2011 788KB 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 25.08.2010 598KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 22.09.2009 596KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 19.12.2010 592KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 16.06.2011 600KB 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 10.11.2011 13,8MB 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 10.11.2011 15,0MB 10.0.40219 Microsoft Works Microsoft Corporation 12.04.2012 666MB 9.7.0621 Mozilla Firefox 13.0.1 (x86 de) Mozilla 18.06.2012 37,7MB 13.0.1 Mozilla Maintenance Service Mozilla 18.06.2012 309KB 13.0.1 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 17.01.2010 1,27MB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 17.01.2010 1,33MB 4.20.9876.0 Mumble and Murmur Mumble 21.10.2010 1.2.2 Norton Internet Security Symantec Corporation 08.12.2010 16.7.0.30 NVIDIA Drivers NVIDIA Corporation 22.09.2009 1.4 NVIDIA PhysX NVIDIA Corporation 25.08.2010 120MB 9.09.0814 OpenAL 25.08.2010 Pando Media Booster Pando Networks Inc. 24.09.2011 5,46MB 2.3.6.0 PhotoScape 02.12.2010 PHPNukeDE Toolbar 28.04.2012 PowerDirector CyberLink Corp. 22.09.2009 521MB 7.0.3101 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 22.09.2009 6.0.1.5882 Skype Toolbars Skype Technologies S.A. 08.04.2010 5,23MB 1.0.4051 Skype™ 4.2 Skype Technologies S.A. 08.04.2010 31,7MB 4.2.155 Spotify Spotify AB 27.06.2012 0.8.4.93.gd9f49c35 Hoffe mir kann jemand helfen... mfg |
10.07.2012, 19:09 | #2 |
/// Malware-holic | BKA Virus auf pc! hi
__________________prinzipiell gern, aber otl.txt ist nicht vollständig
__________________ |
11.07.2012, 00:05 | #3 |
| BKA Virus auf pc! Ach hab swh genacht alles weg
__________________ |
11.07.2012, 22:46 | #4 |
/// Malware-holic | BKA Virus auf pc! woher willst du das wissen, das wegbleiben von symptomen hat nichts mit der entfernung der malware zu tun
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
Themen zu BKA Virus auf pc! |
antivir, avira, bingbar, bonjour, converter, desktop, downloader, error, firefox, flash player, google, google earth, heuristiks/extra, heuristiks/shuriken, home, install.exe, league of legends, logfile, mozilla, mp3, realtek, registry, scan, security, siteadvisor, software, svchost.exe, symantec, teamspeak, virus, win64, windows, yontoo |