Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Polizei Virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Alt 31.08.2012, 14:17   #1
alakhil
 
Polizei Virus - Standard

Polizei Virus



Hallo liebes Team...
Habe mir heute Vormittag den "Polizei-Virus" eingefangen.

Sobald der Pc eine Internetverbindung aufbaut wird der Bildschirm weiß und es kommt die bekannte Seite + Webcam von mir...

Ich habe OTL schon mal wie beschrieben benutzt...OTL Logfile:
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL logfile created on: 8/31/2012 3:06:21 PM - Run 1
OTL by OldTimer - Version 3.2.59.1     Folder = C:\Users\Mano\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.48 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 64.95% Memory free
6.96 Gb Paging File | 5.59 Gb Available in Paging File | 80.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 53.36 Gb Free Space | 37.71% Space Free | Partition Type: NTFS
Drive D: | 141.50 Gb Total Space | 140.91 Gb Free Space | 99.59% Space Free | Partition Type: NTFS
Drive F: | 477.11 Mb Total Space | 476.45 Mb Free Space | 99.86% Space Free | Partition Type: FAT
 
Computer Name: MT | User Name: Mano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Mano\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
PRC - C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\12.2.6\ScriptHelper.exe ()
PRC - C:\Program Files\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\PROGRA~1\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe ()
PRC - C:\Program Files\Logitech\SetPoint II\SetpointII.exe (Logitech Inc.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Logitech, Inc.)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
PRC - C:\Windows\System32\Rezip.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Mano\AppData\Roaming\BAcroIEHelpe205.dll ()
MOD - C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll ()
MOD - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll ()
MOD - C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\12.2.6\ScriptHelper.exe ()
MOD - C:\Program Files\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (vToolbarUpdater12.2.6) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (OberonGameConsoleService) -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Rezip) -- C:\Windows\System32\Rezip.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (nhcDriverDevice) -- C:\Windows\System32\drivers\nhcDriver.sys (Notebook Hardware Control)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (Ser2pl) -- C:\Windows\System32\drivers\ser2pl.sys (Prolific Technology Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ig
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={48F6A216-23B1-4211-9927-3F2385AAE65E}&mid=a016ff37fffb193b7463f4f350f1c4d1-8a2325216bd74743ebe55d84b2c4faf227962e55&lang=de&ds=AVG&pr=fr&d=2012-05-31 19:58:49&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/07/17 16:24:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.5.32\ [2012/08/29 16:56:36 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [fsm]  File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Userinit] C:\Users\Mano\AppData\Roaming\appConf32.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.33.216.3 193.33.216.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FA2DFDC-D610-43F2-A0F6-461FC7CCBA84}: DhcpNameServer = 193.33.216.3 193.33.216.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA5FFB13-942A-4BFE-8062-4E8F59AD1F02}: DhcpNameServer = 193.33.216.3 193.33.216.4 78.46.105.56
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1c3de0f4-3048-11df-9b32-0024545f8488}\Shell - "" = AutoRun
O33 - MountPoints2\{1c3de0f4-3048-11df-9b32-0024545f8488}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{40f3abb5-2dfb-11df-b380-0024545f8488}\Shell - "" = AutoRun
O33 - MountPoints2\{40f3abb5-2dfb-11df-b380-0024545f8488}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{40f3abbc-2dfb-11df-b380-0024545f8488}\Shell - "" = AutoRun
O33 - MountPoints2\{40f3abbc-2dfb-11df-b380-0024545f8488}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{5c463b88-3d51-11df-b0a4-0024545f8488}\Shell - "" = AutoRun
O33 - MountPoints2\{5c463b88-3d51-11df-b0a4-0024545f8488}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/08/31 15:04:21 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Mano\Desktop\OTL.exe
[2012/08/29 16:56:19 | 000,027,496 | ---- | C] (AVG Technologies) -- C:\windows\System32\drivers\avgtpx86.sys
[2012/08/29 16:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012/08/29 16:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012/08/29 16:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[1 C:\Users\Mano\AppData\Roaming\*.tmp files -> C:\Users\Mano\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/08/31 15:02:24 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Mano\Desktop\OTL.exe
[2012/08/31 14:21:46 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/31 14:21:46 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/31 14:14:36 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/31 14:14:34 | 2804,121,600 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/31 13:03:50 | 004,503,728 | ---- | M] () -- C:\ProgramData\ism_0_llatsni.pad
[2012/08/31 13:03:48 | 000,198,200 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\AcroIEHelpe205.dll
[2012/08/31 13:03:48 | 000,007,424 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe205.dll
[2012/08/31 13:03:37 | 000,000,017 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\blckdom.res
[2012/08/31 07:11:07 | 105,388,475 | ---- | M] () -- C:\windows\System32\drivers\AVG\incavi.avm
[2012/08/31 07:05:02 | 000,001,893 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012/08/30 17:01:09 | 000,198,288 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\AcroIEHelpe204.dll
[2012/08/30 06:55:12 | 000,007,600 | ---- | M] () -- C:\Users\Mano\AppData\Local\Resmon.ResmonCfg
[2012/08/29 17:09:29 | 000,246,932 | ---- | M] () -- C:\windows\System32\drivers\AVG\iavichjg.avm
[2012/08/29 17:08:33 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012/08/29 16:56:19 | 000,027,496 | ---- | M] (AVG Technologies) -- C:\windows\System32\drivers\avgtpx86.sys
[2012/08/29 16:39:55 | 000,000,600 | ---- | M] () -- C:\Users\Mano\AppData\Local\PUTTY.RND
[2012/08/20 12:09:05 | 000,006,400 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe195.dll
[2012/08/17 17:15:12 | 000,006,400 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe193.dll
[2012/08/14 09:36:25 | 000,000,437 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\urhtps.dat
[2012/08/12 09:34:54 | 000,027,520 | ---- | M] () -- C:\Users\Mano\AppData\Local\dt.dat
[1 C:\Users\Mano\AppData\Roaming\*.tmp files -> C:\Users\Mano\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/08/31 13:03:48 | 000,198,200 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\AcroIEHelpe205.dll
[2012/08/31 13:03:48 | 000,007,424 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe205.dll
[2012/08/31 07:05:02 | 004,503,728 | ---- | C] () -- C:\ProgramData\ism_0_llatsni.pad
[2012/08/31 07:05:02 | 000,001,893 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012/08/30 17:01:09 | 000,198,288 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\AcroIEHelpe204.dll
[2012/08/29 16:40:39 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012/08/24 12:47:21 | 000,000,017 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\blckdom.res
[2012/08/20 12:09:05 | 000,006,400 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe195.dll
[2012/08/17 17:15:12 | 000,006,400 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe193.dll
[2012/08/12 09:34:54 | 000,027,520 | ---- | C] () -- C:\Users\Mano\AppData\Local\dt.dat
[2012/06/24 16:57:00 | 000,007,224 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe148.dll
[2012/06/22 13:24:48 | 000,007,224 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe147.dll
[2012/06/14 17:23:39 | 000,000,437 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\urhtps.dat
[2012/05/19 18:14:06 | 000,007,600 | ---- | C] () -- C:\Users\Mano\AppData\Local\Resmon.ResmonCfg
[2011/08/05 18:35:07 | 001,456,640 | ---- | C] () -- C:\Program Files\Common Files\Falk Navi-Manager.msi
[2011/06/14 08:52:36 | 000,164,864 | ---- | C] () -- C:\windows\System32\UNWISE32.EXE
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\windows\System32\xlive.dll.cat
[2011/03/07 08:51:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/11 14:52:28 | 000,000,092 | ---- | C] () -- C:\Users\Mano\AppData\Local\fusioncache.dat
[2010/12/06 11:09:34 | 000,000,021 | ---- | C] () -- C:\windows\NP_WSNMP.INI
[2010/09/19 09:27:41 | 000,069,632 | ---- | C] () -- C:\windows\System32\xmltok.dll
[2010/09/19 09:27:41 | 000,036,864 | ---- | C] () -- C:\windows\System32\xmlparse.dll
[2010/09/12 13:15:23 | 000,000,600 | ---- | C] () -- C:\Users\Mano\AppData\Local\PUTTY.RND
[2010/03/08 20:38:51 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2008/12/09 17:23:13 | 000,050,640 | RHS- | C] () -- C:\Users\Mano\AppData\Roaming\appConf32.exe
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:A42A9F39
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:E1F04E8D

< End of report >
         
--- --- ---

--- --- ---OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 8/31/2012 3:06:21 PM - Run 1
OTL by OldTimer - Version 3.2.59.1     Folder = C:\Users\Mano\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.48 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 64.95% Memory free
6.96 Gb Paging File | 5.59 Gb Available in Paging File | 80.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 53.36 Gb Free Space | 37.71% Space Free | Partition Type: NTFS
Drive D: | 141.50 Gb Total Space | 140.91 Gb Free Space | 99.59% Space Free | Partition Type: NTFS
Drive F: | 477.11 Mb Total Space | 476.45 Mb Free Space | 99.86% Space Free | Partition Type: FAT
 
Computer Name: MT | User Name: Mano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B177F20-CE4F-441A-A0F4-CCF05A4D4759}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{0C8E486C-9C2A-4A77-BD46-539FBDA22073}" = rport=139 | protocol=6 | dir=out | app=system | 
"{1156CA09-7C9C-47BE-882C-29F228C90FF4}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{16675751-CA47-4AFC-B953-E704E17060A9}" = lport=139 | protocol=6 | dir=in | app=system | 
"{1843E06E-9E8E-436C-88BD-71544FF85B57}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{19F56E30-3C5A-4F05-8C86-D40AC14CE5AD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{253792DD-E9B0-453C-ABEA-BDBB0E5E5939}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{2F2B17C3-26DF-46EE-B281-FEE8B12244ED}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{355A8CD2-A7DB-4CED-AD95-BA3D57D3BC2E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{41B4E18D-50C1-488B-BA07-A1E1BD0DB0B1}" = rport=138 | protocol=17 | dir=out | app=system | 
"{4F76720F-902B-483D-B5D5-135275C88298}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{5E5F6BC7-4F52-4A49-9951-7FEB7DC71BAC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{603AD2C4-51D2-4BB6-ACB1-C96C7D79A001}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{6878F091-C627-4810-BC2F-661B31F1EC89}" = lport=138 | protocol=17 | dir=in | app=system | 
"{861B7333-3EA5-4EE3-8185-534BBA08ABA8}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{8661D5A4-6BD1-4B8C-9E3C-157C8BCFA0F4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9642B528-7F33-48F9-AB59-0D77BE57CA66}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{9719780F-68EC-43EE-AFE2-336E92928E11}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{98121565-74F0-4844-88CE-9ABE38B6C541}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{9B010BB7-348B-4D62-8D47-51EEAEBA9357}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A311DEF6-2A45-4486-BEC2-AD54D6EF8386}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A73D542D-83B9-42CD-A3FB-66912C4EB25C}" = lport=137 | protocol=17 | dir=in | app=system | 
"{AD995203-00B5-45E8-A048-3FAD9B2E6E6B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{AFF46CB4-3ABC-4A38-85D6-38038164D7B1}" = lport=445 | protocol=6 | dir=in | app=system | 
"{BBFB6EAC-ACAA-4BB0-B470-9A657A80C8E7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{BF308638-DFFF-4F18-B0AF-80FE1804B9E2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{CC18C3CD-B951-42A0-AD04-5D2A77660C27}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{D2D46A13-940E-4528-B282-054F5366087F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DB36E0FB-32A9-4594-BD5E-0457C9F2A190}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E7AA3BDC-F00C-481A-9951-59C4334E612F}" = rport=137 | protocol=17 | dir=out | app=system | 
"{FD522306-EC50-4012-BC1C-E78F4B5E9A52}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FD919DB6-D9AA-4E66-8F60-F35919167BD5}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{FDB0FF1B-98C5-48BE-9D95-0326EB7566C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FFB7C89B-1025-4A85-9E65-F1EAB125B96A}" = rport=445 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06AA7F40-7EEA-4933-BE49-897B7044C56E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | 
"{0AB41913-F339-4F95-82C1-8ED8F9001C6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0AD9BAB0-B42E-47E7-8336-0700868E8452}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{12F4A2D0-C0C6-46C7-9F7E-064D380E5A1F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{13DB1F5C-528A-4CAD-96AD-2F9179C1AD03}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{15530102-1E9B-4D89-A156-5F39FE2DB576}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{156DB0DA-BFBB-4302-90DE-748B308DEFB0}" = protocol=6 | dir=out | app=system | 
"{1598A42B-853B-4835-B12A-98664CFF42B4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{15E7C24C-3A65-4C73-90E5-F1672F9CF8F7}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe | 
"{173EC77C-4C36-473E-B850-9B4E7BA7964F}" = protocol=17 | dir=in | app=c:\program files\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe | 
"{1781821E-4A40-4321-8F06-A69498B6B294}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{19998555-CEE3-4EE3-8920-7EBF8C0C72C1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{19F7F675-CBFB-45E8-A750-DF890BF61D6D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{25961FEB-1F9D-4560-8AA2-84783AEFB646}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{28234ADB-BCB7-498B-AAF8-2C26C6B893DF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2B8E2521-5337-4024-A1D7-983EAB902AD3}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{2C496415-2025-4A35-8D3B-C9E64629EBDE}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{2DF8C9A4-D2A7-4AFB-B08E-A643E67E1CA9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{311F057B-AE0C-4B21-AFD1-9EABFCE1F7E6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{322A756C-36EA-4AFA-A881-C7A727790CD3}" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.exe | 
"{35ADF4A4-AA19-45D9-B26B-54E46F7D0012}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{36037549-E306-43D4-9CF2-46821AAE5807}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{3ADE7E31-F885-4646-B16E-2AF027B58CD1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{40BFE9AE-7053-4676-8E85-DFD47137B007}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{44B8A8A1-F107-4A68-8025-250C450F32A3}" = protocol=6 | dir=in | app=c:\program files\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe | 
"{452BD140-A35F-4223-9C75-58447AB47DF8}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{4622D736-CE1F-4612-A073-172BEE4A4DEB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{46F99C3B-70FC-4C95-A1CF-D0E6E0F991DA}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{492B79A4-6747-4F66-B6C7-358890A51575}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | 
"{4E7F0EE7-7F2F-4D4C-A5E6-123A43CB170A}" = protocol=17 | dir=in | app=c:\program files\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe | 
"{4F22453F-4329-4EC3-812E-B64D5BD03102}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe | 
"{549ACCA2-1EF0-406E-9F3F-22CA0D0A0EE4}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{54ECB8E5-2A31-4299-98B7-F7781574306B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{55116B90-3269-4773-815E-B6EEF26CDEC2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{5DA0426B-571B-43F9-99E9-CD1A4BFF3D6C}" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.exe | 
"{5F0E149C-36C9-4B23-9806-A4AC0DF1E076}" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat | 
"{5F12DE26-74CB-420B-98AA-9A3B9EAD6CEA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{60681A24-D375-4DE2-88B3-6E93B0B36DDB}" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat | 
"{61BC4060-2AD9-4EBD-BB5F-FB8E769DA461}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{63F1C0A3-73C1-4460-997B-3C02559FA60B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{64606CCC-5BF4-47FB-86DD-A0C3552DA641}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{680B71FE-CFED-4A8B-BE09-46BAC6817974}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{6A47EBCA-3517-44C5-83CD-0D4DD5DDF682}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{6D88003B-487B-4258-8805-1B183E1C58A3}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{806A04CA-B5B5-46AD-80B4-549F069DE125}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{816E28F7-9E3D-4A38-9A77-1ABD716BB74E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | 
"{84173137-6164-4C3D-B7CF-5D44E645262B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8F9DB655-2476-442F-8C21-3D9BBF49DC61}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | 
"{96338F80-9FFB-49F1-A247-85F464C4A83C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{96D3D80F-43B6-42D2-8E48-023003A52D07}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{97AC277F-A562-47E2-B754-1E7456B6B2F1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{9F09090A-94BF-48D7-97DC-4861F94DB4F7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A24B36EC-8021-4BE7-8B0F-64F33DDB00AB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{A588480F-5486-4941-A565-79F9F4695CBE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{A5E89039-9ED8-4775-8F55-FD126C0F8748}" = protocol=6 | dir=in | app=c:\program files\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe | 
"{A72E64D4-A417-4C65-9844-6062109CD4A1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{A730AF9E-69A5-4FA2-AE7C-B5167E60FACE}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{AC9A0804-4F3E-42FD-9944-FBBC49A0DF91}" = protocol=17 | dir=in | app=c:\program files\bob\bob internet zugangssoftware\bob_mobile_installer.exe | 
"{AD495218-8767-4419-8981-6F35BCD7A0ED}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{AD719E50-78E8-4E44-B4ED-E1BF02300621}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{B415FC0C-B4D1-4BAC-A6E7-D8C8E66378B8}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{B4E77D6C-EAE0-4AE9-B1B5-AC3F339C1EFC}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | 
"{BA8676E3-5366-46AC-9927-A1F4A572024C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | 
"{BADBDD9D-6661-41C1-9EFE-4FC484E52DED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BD81D972-BAA7-4623-A521-F2C19C4459B3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{C18DE0C6-263B-411F-811F-BD063088861C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{C3ADE3DD-6E9A-4EAF-AF1B-AEF4B22B79E0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{C5555445-609E-4F03-A256-428FB98E9D32}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{C6E51408-C4B7-4346-BDFC-9BC33D65041C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{C9F73088-E29F-44B5-9F2B-A1F19272B702}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{CD124D17-0791-405E-8352-AD32026A54A5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{CDB915F8-9652-4F78-89DA-CA82E279D1A9}" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat | 
"{CF4B27E3-D367-4C76-8AAB-ED73EF1DAD73}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | 
"{D46E50F7-B078-4978-B935-E6A4913F957F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{D67C0338-1F11-4EEF-AFA3-2AAC7445DC45}" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat | 
"{DA28D3BB-09E6-43F8-8193-FD49DCEB31E7}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | 
"{DA3D304B-0C99-498C-8A97-0E5A74054D9D}" = protocol=6 | dir=in | app=c:\program files\bob\bob internet zugangssoftware\bob_mobile_installer.exe | 
"{DC84AC89-D39B-43A3-AC83-0C4F65ADCCFC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{DEDAE390-F568-4D2C-BE39-777F8BC51C34}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{E1067D43-6534-49D1-B406-A0B7480DD97D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{E30DB952-C163-48FA-8125-CCAC1F5DEB7D}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe | 
"{F4D65990-29E5-4018-A843-52FDE7AC9B8C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe | 
"{F9A0EC24-58F4-42E0-8A50-85FB808E4999}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe | 
"{FA9FC128-ADFD-4FB9-8A57-411E418D0F5F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{FEC2D295-AFCB-4CDF-B9E4-AB1BF861F96F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"TCP Query User{0B2887BE-51FB-4C38-863E-A50093E9A4A4}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe | 
"TCP Query User{1492EE8A-FE11-4371-A16C-C2F5AED4B5EF}C:\users\mano\desktop\manuel\firma\catv\stormwatch-ii\stormwatch_ii.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\firma\catv\stormwatch-ii\stormwatch_ii.exe | 
"TCP Query User{18C265B0-02D0-4ADC-8510-A041107EB9A3}C:\users\mano\desktop\world of warcraft original\temp\wow-4.0.1.2210-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.0.1.2210-enus-tools-downloader.exe | 
"TCP Query User{1D3DF479-ED71-42E7-8EAD-C1250EBDA052}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2730-enus-tools-downloader.exe | 
"TCP Query User{1D8127B6-D9AC-4CBF-97A3-133878D09629}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2706-enus-tools-downloader.exe | 
"TCP Query User{30276F48-1B11-4F76-A4D0-B70538B0CDCA}C:\program files\3com\cable management system\camgr.exe" = protocol=6 | dir=in | app=c:\program files\3com\cable management system\camgr.exe | 
"TCP Query User{3C249382-77A6-4556-A11F-B14C6D43D394}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{3D489E41-B2AF-4162-8789-28D027636847}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2727-enus-tools-downloader.exe | 
"TCP Query User{42B6C5D2-C270-4BA5-95A7-1E7D0D9639BD}C:\program files\steam\steamapps\common\dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe | 
"TCP Query User{51F8CD7C-F710-4812-B97F-27FED9017908}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2756-enus-tools-downloader.exe | 
"TCP Query User{53CDCD7D-755E-47DC-BA29-E6089A88F468}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe | 
"TCP Query User{5494A950-019F-4F19-931E-A53617FB1DDC}C:\users\mano\desktop\manuel\world of warcraft original\launcher.patch.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\launcher.patch.exe | 
"TCP Query User{54FB0080-94C4-44B6-8A59-E9293903B945}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2685-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2685-enus-tools-downloader.exe | 
"TCP Query User{5C4B192B-E161-480F-98C0-323B4D2A3421}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe | 
"TCP Query User{6B25D714-90E3-4DE5-80AD-025BC6C4D1F1}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe | 
"TCP Query User{7124A7C0-69EE-49DD-8547-2DD6538FBB69}C:\users\mano\desktop\manuel\world of warcraft original\launcher.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\launcher.exe | 
"TCP Query User{76695CD8-B9D1-4737-9085-4B7386FF0A84}C:\program files\3com\cable management system\camgr.exe" = protocol=6 | dir=in | app=c:\program files\3com\cable management system\camgr.exe | 
"TCP Query User{7CFE63DE-CD0A-46A3-BF69-2A810F56C2B3}C:\program files\loxone\loxplan\loxplan.exe" = protocol=6 | dir=in | app=c:\program files\loxone\loxplan\loxplan.exe | 
"TCP Query User{894DC13A-7442-423E-9572-867CBDBFEAED}C:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2683-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2683-enus-tools-downloader.exe | 
"TCP Query User{9AAFE5C0-F9A2-40F1-A4AE-FD17F8845BE0}C:\users\mano\desktop\world of warcraft original\launcher.patch.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.patch.exe | 
"TCP Query User{9EB08299-C913-4648-A201-F271D2981E05}C:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe | 
"TCP Query User{A3AA06F7-5EBA-4850-B320-30073197128E}I:\spiele\dragon age\bin_ship\daorigins.exe" = protocol=6 | dir=in | app=i:\spiele\dragon age\bin_ship\daorigins.exe | 
"TCP Query User{A645B2BD-EF6B-471E-85D0-A990B1549428}C:\users\mano\desktop\manuel\world of warcraft original\launcher.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\launcher.exe | 
"TCP Query User{A8E70533-A550-462B-A52B-119E25CF719B}C:\users\mano\desktop\world of warcraft original\launcher.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.exe | 
"TCP Query User{ACBA0F0E-BD5A-466D-A77D-120D54C43B93}C:\users\mano\desktop\manuel\world of warcraft original\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\backgrounddownloader.exe | 
"TCP Query User{ACE299A0-3579-469C-A215-FF648346876E}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.3-5.0.15890-enus-downloader.exe | 
"TCP Query User{B4119D20-ED33-4F71-80CA-0C0A29A33D79}I:\spiele\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=i:\spiele\anno 1404\tools\anno4web.exe | 
"TCP Query User{B589E429-C81B-4629-9DCB-AE10A3CCA0FC}C:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe | 
"TCP Query User{B5ECF582-0F35-4E6B-AA62-3113D8DC68C2}C:\users\mano\desktop\manuel\spiele\counter-strike 1.6 v35\hl.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\spiele\counter-strike 1.6 v35\hl.exe | 
"TCP Query User{BA1F02CE-E61D-46CD-9C60-4D0A26474387}C:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2346-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2346-enus-tools-downloader.exe | 
"TCP Query User{BB4D74DF-801A-4096-B810-FEA16856F1FF}C:\users\mano\desktop\manuel\firma\stormwatch-ii\stormwatch_ii.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\firma\stormwatch-ii\stormwatch_ii.exe | 
"TCP Query User{C6F187FF-96AD-40AA-A740-5A7308EFDD6E}C:\program files\codemasters\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\der herr der ringe online\lotroclient.exe | 
"TCP Query User{CC260E19-F5BA-4A91-A47D-A89C63AF7035}C:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2317-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2317-enus-tools-downloader.exe | 
"TCP Query User{CEC75B6F-40DF-4A67-8AD3-A09C2D3C8940}C:\users\mano\desktop\world of warcraft original\launcher.patch.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.patch.exe | 
"TCP Query User{D300014B-BEBD-4060-AC9A-31B5AF221AFF}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{D62BFF9D-7FE4-4D29-8D60-C09B787A663B}C:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2617-enus-tools-downloader.exe | 
"TCP Query User{D973CA0E-3076-4DAB-9615-8A201F5A9A4E}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2736-enus-tools-downloader.exe | 
"TCP Query User{EC374A3D-8AB9-4251-A2AB-C0164F707831}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe | 
"TCP Query User{F8F5E9E1-1C50-41B4-9E11-24C875383AEB}C:\program files\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"TCP Query User{FA38C9AB-2EC0-47FF-85D3-73E9B2CF546E}I:\spiele\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=i:\spiele\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{0CB84179-358B-4DCE-BB2B-C4CFE1044C28}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2730-enus-tools-downloader.exe | 
"UDP Query User{0E30C8E5-B9A6-4D17-ABAB-81336A22BDB5}C:\program files\loxone\loxplan\loxplan.exe" = protocol=17 | dir=in | app=c:\program files\loxone\loxplan\loxplan.exe | 
"UDP Query User{16CB2727-3479-400D-BC73-7F0C58DF0C44}C:\users\mano\desktop\manuel\world of warcraft original\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\backgrounddownloader.exe | 
"UDP Query User{1DD6A5A6-2612-47AE-8032-4095C158E408}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe | 
"UDP Query User{1E2D7EE3-3EE9-4890-BC36-8100B866D7D3}C:\users\mano\desktop\manuel\world of warcraft original\launcher.patch.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\launcher.patch.exe | 
"UDP Query User{24C8FFCA-4B1C-450F-B8CD-C2C795A7DBBF}C:\users\mano\desktop\manuel\firma\stormwatch-ii\stormwatch_ii.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\firma\stormwatch-ii\stormwatch_ii.exe | 
"UDP Query User{2761F93C-1F97-42AB-BF6A-348674C7AB6D}C:\users\mano\desktop\world of warcraft original\launcher.patch.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.patch.exe | 
"UDP Query User{2D375A07-FE18-48D3-A920-2AFB68B2C380}C:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe | 
"UDP Query User{2EAA2744-1270-4AFB-AA0A-C48035181480}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2756-enus-tools-downloader.exe | 
"UDP Query User{45DBE427-4CF1-41A0-82FB-8021417D3671}C:\users\mano\desktop\world of warcraft original\temp\wow-4.0.1.2210-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.0.1.2210-enus-tools-downloader.exe | 
"UDP Query User{486B953B-AF86-444E-805E-459EAD76BC5E}C:\program files\codemasters\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\der herr der ringe online\lotroclient.exe | 
"UDP Query User{48ECBA98-E2FB-4CE6-BB03-3082B58ABCBB}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"UDP Query User{4D608D77-8CA8-4026-864E-A8F04747E2FC}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2727-enus-tools-downloader.exe | 
"UDP Query User{51643AB6-213D-4859-A61A-6E6F741167E3}C:\users\mano\desktop\manuel\firma\catv\stormwatch-ii\stormwatch_ii.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\firma\catv\stormwatch-ii\stormwatch_ii.exe | 
"UDP Query User{55C4BCF3-7C3C-4AAB-A644-44409B9DB24F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{59F8F501-2C2A-4182-8C3B-EEB1B27681ED}C:\users\mano\desktop\manuel\world of warcraft original\launcher.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\launcher.exe | 
"UDP Query User{6035EE26-221E-41DE-B46C-1E17094F64E5}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2685-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2685-enus-tools-downloader.exe | 
"UDP Query User{7481357F-7B06-44D5-ADE8-1176793391B4}C:\program files\steam\steamapps\common\dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe | 
"UDP Query User{77C0EF74-9948-492C-8C74-F94B5761EE9F}C:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2617-enus-tools-downloader.exe | 
"UDP Query User{782C4274-C03D-4D2F-BA8B-AE67B0FCB51D}C:\program files\3com\cable management system\camgr.exe" = protocol=17 | dir=in | app=c:\program files\3com\cable management system\camgr.exe | 
"UDP Query User{79B10DB6-6248-4B68-A488-797F65B7B8F0}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe | 
"UDP Query User{84A8F41F-F1C3-48E9-8E9A-8F8E03A7EF01}C:\program files\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"UDP Query User{8EB6A658-2106-42BF-8C52-55F4EC9B988E}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.3-5.0.15890-enus-downloader.exe | 
"UDP Query User{99882702-AF97-4A5A-8B5E-2A6824300C5D}C:\users\mano\desktop\world of warcraft original\launcher.patch.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.patch.exe | 
"UDP Query User{A33FF4B7-BDAD-486E-AAFF-448AB6BFFA0A}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe | 
"UDP Query User{AFB99FFB-5F95-467E-A801-064FE5BFA97F}I:\spiele\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=i:\spiele\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{BAA67BB4-D69C-4472-9568-968301E9B01B}C:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe | 
"UDP Query User{D3627676-6726-42DC-ADB0-F73D05BF767E}C:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2346-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2346-enus-tools-downloader.exe | 
"UDP Query User{D8410846-A92A-48E2-BFFB-44EFC0D3559C}C:\users\mano\desktop\manuel\spiele\counter-strike 1.6 v35\hl.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\spiele\counter-strike 1.6 v35\hl.exe | 
"UDP Query User{DB5F268F-3A62-4283-B64A-8A3195BD8B55}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2736-enus-tools-downloader.exe | 
"UDP Query User{E28BC0A0-0EFD-48DB-9D50-562EF6A87DDE}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe | 
"UDP Query User{E28E6165-A7D1-42A2-8B74-A52C8352180E}I:\spiele\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=i:\spiele\anno 1404\tools\anno4web.exe | 
"UDP Query User{EC62F5BD-6388-4672-8A71-7D472A9A1457}C:\users\mano\desktop\manuel\world of warcraft original\launcher.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\launcher.exe | 
"UDP Query User{ECE29540-7CE9-4226-862E-7BFB20EAD25D}C:\program files\3com\cable management system\camgr.exe" = protocol=17 | dir=in | app=c:\program files\3com\cable management system\camgr.exe | 
"UDP Query User{EEB009AF-F249-47BE-A238-BC1F69FE5144}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2706-enus-tools-downloader.exe | 
"UDP Query User{F9BB2FE5-33FB-4C6F-8D0A-E8180BA892A9}I:\spiele\dragon age\bin_ship\daorigins.exe" = protocol=17 | dir=in | app=i:\spiele\dragon age\bin_ship\daorigins.exe | 
"UDP Query User{FA6B5988-6CCF-42B4-8ECF-2DE1F3C6405F}C:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2317-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2317-enus-tools-downloader.exe | 
"UDP Query User{FB4DF65C-327D-4F20-A3CB-FCE386BB791D}C:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2683-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2683-enus-tools-downloader.exe | 
"UDP Query User{FBEB93FD-3DBF-4259-AEAB-3794ED480E01}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe | 
"UDP Query User{FC4B3A14-6DE4-4028-AFDE-F9016F33DF93}C:\users\mano\desktop\world of warcraft original\launcher.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00F93853-D9D3-4795-A89E-84CCBA0205C9}" = Microsoft IntelliPoint 8.0
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3222B0CE-59C5-4CA0-B545-2B88F200756B}" = Falk Navi-Manager
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{3EED7541-55F8-4DC6-B9CD-28762D71310E}" = Samsung R-Series
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{44BC30A3-B5F1-4CAF-8B06-BB7D26991FDC}" = Falk Navi-Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch
"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B39C475A-77A7-446D-B423-8051E976D910}" = USB CDC Device Driver
"{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}" = User's Guides
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}" = Easy Network Manager
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCC2B140-B47A-45FA-AAE3-BD60DA41AE00}" = Samsung Support Center
"{D0EB6586-8330-11D4-AE23-00C04FA30170}" = Cable Management System
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.20
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2BC3383-F000-410C-A038-3846ADBE8D90}" = REALTEK Wireless LAN Software
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F868BD32-1CD0-42A8-A813-A53CEA8882CD}" = Falk Navi-Manager
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AVG" = AVG 2012
"EAGLE 6.2.0" = EAGLE 6.2.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HTPE3" = HyperTerminal Private Edition v7.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LoxPLAN_is1" = LoxPLAN 1.7
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PSW1000_is1" = PSW1000 V.42
"Software Informer_is1" = Software Informer 1.0 BETA
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 72850" = The Elder Scrolls V: Skyrim
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 8/13/2012 6:07:00 AM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 8/13/2012 10:48:16 AM | Computer Name = MT | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 8ba4    Startzeit: 01cd79628eec8205    Endzeit: 10    Anwendungspfad:
 C:\Program Files\Internet Explorer\iexplore.exe    Berichts-ID:   
 
Error - 8/13/2012 10:49:54 AM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 8/13/2012 11:01:31 AM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 8/13/2012 12:12:59 PM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 8/13/2012 1:06:58 PM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 8/13/2012 2:09:08 PM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 8/14/2012 3:23:05 AM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 8/14/2012 3:26:48 AM | Computer Name = MT | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 5.8.0.158, Zeitstempel:
 0x4f4de709  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695, Zeitstempel:
 0x4cc7ab44  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000c35e3  ID des fehlerhaften Prozesses:
 0x24a0  Startzeit der fehlerhaften Anwendung: 0x01cd72e1b6348a42  Pfad der fehlerhaften
 Anwendung: C:\Program Files\Skype\Phone\Skype.exe  Pfad des fehlerhaften Moduls: 
C:\windows\SYSTEM32\ntdll.dll  Berichtskennung: 682b7f03-e5e1-11e1-9944-c8f108209363
 
Error - 8/14/2012 4:12:38 AM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
[ OSession Events ]
Error - 12/7/2010 2:10:57 PM | Computer Name = MT | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 6/17/2011 1:44:41 AM | Computer Name = MT | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1140
 seconds with 720 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP-NetBIOS-Hilfsdienst" ist vom Dienst "Ancillary 
Function Driver for Winsock" abhängig, der aufgrund folgenden Fehlers nicht gestartet
 wurde:   %%31
 
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerkspeicher-Schnittstellendienst" ist vom Dienst 
"NSI proxy service driver." abhängig, der aufgrund folgenden Fehlers nicht gestartet
 wurde:   %%31
 
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Arbeitsstationsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IP-Hilfsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB-Miniredirector-Wrapper und -Modul" ist vom Dienst 
"Umgeleitetes Puffersubsystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet
 wurde:   %%31
 
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
 und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
 und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "TCP/IP-Protokolltreiber"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31
 
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP Registry Compatibility" ist vom Dienst "TCP/IP-Protokolltreiber"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31
 
Error - 8/31/2012 7:46:55 AM | Computer Name = MT | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   AFD  Avgldx86  Avgmfx86  Avgtdix  DfsC  discache  NetBIOS  NetBT  nsiproxy  Psched  rdbss  SABI  spldr  Tcpip
tdx
vwififlt
Wanarpv6
WfpLwf
 
 
< End of report >
         
--- --- ---




bitte euch um Hilfe

Geändert von alakhil (31.08.2012 um 14:36 Uhr)

 

Themen zu Polizei Virus
aufbau, avg secure search, avg security toolbar, bekannte, bildschirm, bildschirm weiß, black, helper.exe, heute, install.exe, inter, interne, internetverbindung, ip-hilfsdienst, ntdll.dll, office 2007, pando media booster, plug-in, polizei, polizei virus, polizei-virus, secure search, seite, taskhost.exe, verbindung, virus, vtoolbarupdater, webcam




Ähnliche Themen: Polizei Virus


  1. Polizei virus
    Plagegeister aller Art und deren Bekämpfung - 21.08.2013 (9)
  2. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (23)
  3. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 24.03.2013 (34)
  4. Polizei-Virus Win XP
    Plagegeister aller Art und deren Bekämpfung - 13.03.2013 (20)
  5. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 20.10.2012 (28)
  6. Polizei Virus 5.2
    Plagegeister aller Art und deren Bekämpfung - 20.10.2012 (4)
  7. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (4)
  8. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 29.09.2012 (14)
  9. Polizei Virus
    Log-Analyse und Auswertung - 27.09.2012 (3)
  10. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (13)
  11. Polizei Virus Neu?
    Plagegeister aller Art und deren Bekämpfung - 05.09.2012 (1)
  12. Polizei Virus 5.2
    Plagegeister aller Art und deren Bekämpfung - 23.08.2012 (11)
  13. Polizei Einheit 5.2 Virus Österreich Virus
    Log-Analyse und Auswertung - 05.08.2012 (14)
  14. Polizei Virus 5.2
    Plagegeister aller Art und deren Bekämpfung - 10.07.2012 (1)
  15. ----- Polizei Virus -----
    Plagegeister aller Art und deren Bekämpfung - 08.06.2012 (11)
  16. Task-manager durch virus blockiert, Polizei-virus
    Log-Analyse und Auswertung - 02.04.2012 (1)
  17. Polizei virus
    Log-Analyse und Auswertung - 18.04.2011 (1)

Zum Thema Polizei Virus - Hallo liebes Team... Habe mir heute Vormittag den "Polizei-Virus" eingefangen. Sobald der Pc eine Internetverbindung aufbaut wird der Bildschirm weiß und es kommt die bekannte Seite + Webcam von mir... - Polizei Virus...
Archiv
Du betrachtest: Polizei Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.