|
Log-Analyse und Auswertung: Trojaner (keine Internetverbindung)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.06.2013, 18:00 | #1 |
| Trojaner (keine Internetverbindung) Ich habe seit ein paar Wochen einen Trojaner, oder besser gesagt 3 so wie Microsoft Sexurity Essentials mir anzeigt. Hatte den Virus erkannt und unter Quarantäne gestellt und alle funktionierte einwandfrei, doch gestern ist mein Pc 2 mal nacheinander abgestürzt und dann konnte ich keine Internetverbindung mehr herstellen. Jetzt habe ich die 3 Trojaner per Microsoft Security Essentials entfernt, weil ich dachte das dann wieder alles funktionieren würde, aber das tut es nicht. Und Updaten ist auch nicht möglich, da kein Internet Habe jetzt einen OTL Scan durchgeführt. LG NeedHelp95OTL Logfile: Code:
ATTFilter OTL logfile created on: 02.06.2013 18:25:13 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\flo\Desktop\OTLL Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,71 Gb Available Physical Memory | 83,53% Memory free 6,69 Gb Paging File | 6,34 Gb Available in Paging File | 94,84% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 931,51 Gb Total Space | 426,23 Gb Free Space | 45,76% Space Free | Partition Type: NTFS Drive E: | 124,72 Mb Total Space | 124,12 Mb Free Space | 99,52% Space Free | Partition Type: FAT Computer Name: *** | User Name: *** | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\flo\Desktop\OTLL\OTL.exe (OldTimer Tools) PRC - C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Programme\WinRAR\RarExt.dll () ========== Services (SafeList) ========== SRV - (NIHardwareService) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe File not found SRV - (Roozz Updater) -- C:\Programme\Roozz\Updater.exe (Roozz) SRV - (Hamachi2Svc) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_ca0e279.dll () SRV - (BstHdLogRotatorSvc) -- C:\Programme\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) SRV - (BstHdAndroidSvc) -- C:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.) SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (Desura Install Service) -- C:\Programme\Common Files\Desura\desura_service.exe (Desura Pty Ltd) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (ScrambyServer) -- C:\Programme\RapidSolution\Scramby\ScrambyServer.exe (RapidSolution Software AG) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Driver Services (SafeList) ========== DRV - (XDva399) -- C:\Windows\system32\XDva399.sys File not found DRV - (XDva386) -- C:\Windows\system32\XDva386.sys File not found DRV - (XDva385) -- C:\Windows\system32\XDva385.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (GGSAFERDriver) -- C:\Program Files\Garena\safedrv.sys File not found DRV - (GarenaPEngine) -- C:\Users\flo\AppData\Local\Temp\EMMF91B.tmp File not found DRV - (EagleXNt) -- C:\Windows\system32\drivers\EagleXNt.sys File not found DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found DRV - (MpKslc8641f16) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{82FD3CF4-9C5B-4365-A1EB-76DDF6A9D506}\MpKslc8641f16.sys () DRV - (apf003) -- C:\Windows\System32\apf003.sys () DRV - (BstHdDrv) -- C:\Programme\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation) DRV - (NxpCap) -- C:\Windows\System32\drivers\NxpCap.sys (Trident Microsystems, Inc.) DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH) DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin) DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) DRV - (CLEDX) -- C:\Windows\System32\drivers\cledx.sys (Team H2O) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1260702108-229838344-945700951-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-1260702108-229838344-945700951-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1260702108-229838344-945700951-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1260702108-229838344-945700951-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FB 3D F0 7A 52 3E CB 01 [binary data] IE - HKU\S-1-5-21-1260702108-229838344-945700951-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1260702108-229838344-945700951-1000\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-1260702108-229838344-945700951-1000\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found IE - HKU\S-1-5-21-1260702108-229838344-945700951-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1260702108-229838344-945700951-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1260702108-229838344-945700951-1000\..\SearchScopes\{215FE445-F751-4699-90C8-1892BFE6D61E}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKU\S-1-5-21-1260702108-229838344-945700951-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1260702108-229838344-945700951-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.order.1: "Google" FF - prefs.js..browser.search.order.2: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.80.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {6E19037A-12E3-4295-8915-ED48BC341614}:1.3.329.2 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.99 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..extensions.enabledItems: gutscheinmieze@synatix-gmbh.de:1.03 FF - prefs.js..network.proxy.http: "194.154.128.65" FF - prefs.js..network.proxy.http_port: 8080 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@Roozz.com/RoozzPlugin: C:\Program Files\Roozz\nproozz.dll (Roozz.com) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\flo\AppData\Local\Roblox\Versions\version-14148f7d00f24d47\\NPRobloxProxy.dll () FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\flo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\flo\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\flo\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\flo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.03 22:23:03 | 000,000,000 | ---D | M] [2010.08.17 18:24:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\flo\AppData\Roaming\mozilla\Extensions [2012.11.21 16:49:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\flo\AppData\Roaming\mozilla\Firefox\Profiles\sfr93d4x.default\extensions [2011.03.06 16:10:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\flo\AppData\Roaming\mozilla\Firefox\Profiles\sfr93d4x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.12.05 18:54:11 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\flo\AppData\Roaming\mozilla\Firefox\Profiles\sfr93d4x.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.03.03 18:48:48 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\flo\AppData\Roaming\mozilla\Firefox\Profiles\sfr93d4x.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2012.09.25 20:04:46 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\flo\AppData\Roaming\mozilla\Firefox\Profiles\sfr93d4x.default\extensions\battlefieldplay4free@ea.com [2012.09.25 19:42:08 | 000,000,000 | ---D | M] ("Vid-Saver") -- C:\Users\flo\AppData\Roaming\mozilla\Firefox\Profiles\sfr93d4x.default\extensions\crossriderapp3491@crossrider.com [2011.10.17 14:34:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\flo\AppData\Roaming\mozilla\Firefox\Profiles\sfr93d4x.default\extensions\nostmp [2012.09.25 19:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\flo\AppData\Roaming\mozilla\Firefox\Profiles\sfr93d4x.default\extensions\crossriderapp3491@crossrider.com\chrome\content\extensionCode [2012.01.05 20:38:57 | 000,010,390 | ---- | M] () (No name found) -- C:\Users\flo\AppData\Roaming\mozilla\firefox\profiles\sfr93d4x.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}.xpi [2010.11.13 20:32:41 | 000,000,950 | ---- | M] () -- C:\Users\flo\AppData\Roaming\mozilla\firefox\profiles\sfr93d4x.default\searchplugins\icqplugin-4.xml [2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010.07.27 17:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll [2010.07.28 19:14:08 | 000,022,016 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiFFPlugin1.dll [2011.01.25 11:55:14 | 000,644,096 | ---- | M] (Synatix GmbH) -- C:\Program Files\mozilla firefox\plugins\npmieze.dll ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\flo\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\flo\AppData\Local\Google\Chrome\Application\27.0.1453.94\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\flo\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\flo\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: Bandoo (Enabled) = C:\Users\flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp\1.0.0.0_0\ChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: ijji Auto Install Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll CHR - plugin: ijji Web Launching Plugin for FF (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll CHR - plugin: Gutscheinmieze-Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npmieze.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Roozz plugin (Enabled) = C:\Program Files\Roozz\nproozz.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Unity Player (Enabled) = C:\Users\flo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: YouTube = C:\Users\flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Webmail Ad Blocker = C:\Users\flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp\3.2.1_0\ CHR - Extension: Adblock Plus = C:\Users\flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\ CHR - Extension: Google-Suche = C:\Users\flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: AdBlock = C:\Users\flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\ CHR - Extension: AirMech = C:\Users\flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\17455_0\ CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\ CHR - Extension: Battlefield Play4Free = C:\Users\flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\ CHR - Extension: Mahjong T\u00E4glich = C:\Users\flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemeklgblkcideppcaccohkijfkejgpm\2.2.0_0\ CHR - Extension: Facebook AdBlock = C:\Users\flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkoaaaiiaalegemhdeadohejihbdfbho\3.6_0\ O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O3 - HKU\S-1-5-21-1260702108-229838344-945700951-1000\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O4 - HKLM..\Run: [Aeria Ignite] C:\Program Files\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [BlueStacks Agent] C:\Programme\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1260702108-229838344-945700951-1000..\Run: [Akamai NetSession Interface] C:\Users\flo\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-1260702108-229838344-945700951-1000..\Run: [Facebook Update] C:\Users\flo\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-1260702108-229838344-945700951-1000..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.) O7 - HKU\S-1-5-21-1260702108-229838344-945700951-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221 O7 - HKU\S-1-5-21-1260702108-229838344-945700951-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - C:\Programme\Xilisoft\YouTube Video Converter\upod_link.HTM () O8 - Extra context menu item: Free YouTube Download - C:\Users\flo\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\flo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1260702108-229838344-945700951-1000\..Trusted Domains: aeriagames.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-1260702108-229838344-945700951-1000\..Trusted Domains: aeriagames.com ([]https in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{252C8312-BDB4-4E90-9A7A-8281CECA38C8}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0416E53-50F7-4FFB-90B9-51A89B74DACD}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\flo\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\flo\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{6f8affe9-9eac-11e2-b60d-002185c639fa}\Shell - "" = AutoRun O33 - MountPoints2\{6f8affe9-9eac-11e2-b60d-002185c639fa}\Shell\AutoRun\command - "" = E:\Startme.exe O33 - MountPoints2\{ed305719-aaa8-11df-ab22-00224311ad62}\Shell - "" = AutoRun O33 - MountPoints2\{ed305719-aaa8-11df-ab22-00224311ad62}\Shell\AutoRun\command - "" = I:\pushinst.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRunCD.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.06.02 18:22:27 | 000,000,000 | ---D | C] -- C:\Users\flo\Desktop\OTLL [2013.05.30 19:42:55 | 000,000,000 | ---D | C] -- C:\Users\flo\AppData\Roaming\TERA [2013.05.30 19:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA [2013.05.30 19:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\TERA [2013.05.24 21:32:32 | 000,000,000 | ---D | C] -- C:\Users\flo\Desktop\block bladi gentlemen [2013.05.22 13:44:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2013.05.22 13:44:43 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2013.05.16 13:47:44 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.05.16 13:38:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.05.16 13:38:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013.05.16 13:38:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.05.16 13:38:34 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.05.16 13:38:32 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.05.16 13:38:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.05.16 13:38:30 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013.05.15 12:15:32 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2013.05.15 12:15:27 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.05.13 11:47:33 | 000,000,000 | ---D | C] -- C:\Users\flo\Desktop\Orbisan Ltd. ®_files [2013.05.12 12:00:42 | 000,000,000 | ---D | C] -- C:\Users\flo\Desktop\skyrim sound repair [2013.05.10 13:11:34 | 000,000,000 | ---D | C] -- C:\Users\flo\Desktop\skyrim deutschsounddateien [2013.05.09 19:50:49 | 000,000,000 | ---D | C] -- C:\Users\flo\AppData\Local\Skyrim [2013.05.09 19:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V - Skyrim [2013.05.09 17:09:09 | 000,000,000 | ---D | C] -- C:\Users\flo\Desktop\Skyrim [2013.05.04 13:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\Dead Island Riptide [2013.05.03 22:01:58 | 000,000,000 | ---D | C] -- C:\Users\flo\AppData\Roaming\IDoser [2013.05.03 22:01:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I-Doser Free [2013.05.03 22:01:49 | 000,000,000 | ---D | C] -- C:\Users\flo\Documents\Dose Files [2013.05.03 22:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\I-Doser Free [2012.11.30 21:58:34 | 002,869,264 | ---- | C] (Microsoft Corporation) -- C:\Users\flo\AppData\Roaming\dotNetFx35setup.exe [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.02 18:20:45 | 000,696,300 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.06.02 18:20:45 | 000,645,006 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.06.02 18:20:45 | 000,153,512 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.06.02 18:20:45 | 000,126,698 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.06.02 18:02:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.02 18:00:56 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.02 18:00:56 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.02 17:42:22 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1260702108-229838344-945700951-1000UA.job [2013.06.02 17:12:23 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.02 16:29:44 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1260702108-229838344-945700951-1000UA.job [2013.06.02 16:27:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1260702108-229838344-945700951-1000Core.job [2013.06.02 14:56:38 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.02 02:25:00 | 296,737,554 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.05.30 19:42:35 | 000,001,635 | ---- | M] () -- C:\Users\flo\Desktop\TERA.lnk [2013.05.24 00:41:18 | 000,002,032 | ---- | M] () -- C:\Users\flo\Desktop\Google Chrome.lnk [2013.05.22 00:15:55 | 000,001,847 | ---- | M] () -- C:\Users\flo\Desktop\Entfernen des Avira DE-Cleaners.lnk [2013.05.22 00:15:55 | 000,001,776 | ---- | M] () -- C:\Users\flo\Desktop\Avira DE-Cleaner.lnk [2013.05.20 20:44:41 | 000,012,297 | ---- | M] () -- C:\Users\flo\Desktop\Stromvertrag kündigung.odt [2013.05.17 13:49:34 | 000,334,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.05.14 11:40:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1260702108-229838344-945700951-1000Core.job [2013.05.13 11:47:33 | 000,004,350 | ---- | M] () -- C:\Users\flo\Desktop\Orbisan Ltd. ®.htm [2013.05.09 19:49:54 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\The Elder Scrolls V - Skyrim.lnk [2013.05.05 21:12:55 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.30 19:42:46 | 000,001,635 | ---- | C] () -- C:\Users\flo\Desktop\TERA.lnk [2013.05.22 00:15:55 | 000,001,847 | ---- | C] () -- C:\Users\flo\Desktop\Entfernen des Avira DE-Cleaners.lnk [2013.05.22 00:15:55 | 000,001,776 | ---- | C] () -- C:\Users\flo\Desktop\Avira DE-Cleaner.lnk [2013.05.20 20:44:39 | 000,012,297 | ---- | C] () -- C:\Users\flo\Desktop\Stromvertrag kündigung.odt [2013.05.13 11:47:32 | 000,004,350 | ---- | C] () -- C:\Users\flo\Desktop\Orbisan Ltd. ®.htm [2013.05.09 19:49:54 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\The Elder Scrolls V - Skyrim.lnk [2013.05.07 21:09:30 | 296,737,554 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.05.01 13:47:32 | 000,016,304 | ---- | C] () -- C:\Windows\System32\apl003.sys [2013.05.01 13:47:32 | 000,013,232 | ---- | C] () -- C:\Windows\System32\apf003.sys [2013.01.13 16:52:53 | 000,000,847 | ---- | C] () -- C:\Users\flo\.recently-used.xbel [2012.12.28 17:01:03 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2012.12.28 17:00:28 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2012.11.26 04:13:04 | 000,534,531 | ---- | C] () -- C:\Users\flo\AppData\Local\census.cache [2012.11.26 04:12:10 | 000,218,978 | ---- | C] () -- C:\Users\flo\AppData\Local\ars.cache [2012.11.13 16:41:45 | 003,130,440 | ---- | C] () -- C:\Windows\System32\pbsvc_blr.exe [2012.03.08 16:13:54 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll [2012.03.08 16:12:08 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2011.12.26 15:16:51 | 000,140,480 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011.12.26 15:16:33 | 000,298,016 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011.12.26 15:16:32 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011.07.30 11:04:35 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011.07.03 15:16:57 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011.06.30 21:03:00 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.06.30 21:03:00 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD7030.DAT [2011.05.14 21:09:46 | 000,000,091 | ---- | C] () -- C:\Users\flo\AppData\Local\fusioncache.dat [2011.03.26 18:12:16 | 000,138,056 | ---- | C] () -- C:\Users\flo\AppData\Roaming\PnkBstrK.sys [2010.08.24 15:34:51 | 000,026,624 | ---- | C] () -- C:\Users\flo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.08.18 01:24:21 | 000,000,036 | ---- | C] () -- C:\Users\flo\AppData\Local\housecall.guid.cache [2010.08.17 15:24:01 | 000,001,356 | ---- | C] () -- C:\Users\flo\AppData\Local\d3d9caps.dat ========== ZeroAccess Check ========== [2013.05.10 13:22:57 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\ambr\birds\forestfall\2day\l [2013.05.10 13:22:58 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\ambr\birds\forestfall\2day\u [2013.05.10 13:23:04 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\ambr\birds\forestpine\1morning\n [2013.05.10 13:23:04 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\ambr\birds\forestpine\1morning\u [2013.05.10 13:23:08 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\ambr\birds\forestpine\2day\l [2013.05.10 13:24:29 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\dirt\run\l [2013.05.10 13:24:27 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\dirt\run\armorheavy\l [2013.05.10 13:24:28 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\dirt\run\armorlight\l [2013.05.10 13:24:32 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\dirt\walk\l [2013.05.10 13:24:30 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\dirt\walk\armorheavy\l [2013.05.10 13:24:31 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\dirt\walk\armorlight\l [2013.05.10 13:24:34 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\grass\run\l [2013.05.10 13:24:33 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\grass\run\armorheavy\l [2013.05.10 13:24:33 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\grass\run\armorlight\l [2013.05.10 13:24:34 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\grass\scuff\l [2013.05.10 13:24:35 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\grass\sneak\l [2013.05.10 13:24:37 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\grass\walk\l [2013.05.10 13:24:36 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\grass\walk\armorheavy\l [2013.05.10 13:24:37 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\grass\walk\armorlight\l [2013.05.10 13:24:40 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\gravel\run\l [2013.05.10 13:24:39 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\gravel\run\armorheavy\l [2013.05.10 13:24:39 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\gravel\run\armorlight\l [2013.05.10 13:24:41 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\gravel\sneak\l [2013.05.10 13:24:43 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\gravel\walk\l [2013.05.10 13:24:41 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\gravel\walk\armorheavy\l [2013.05.10 13:24:42 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\gravel\walk\armorlight\l [2013.05.10 13:24:48 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\npc\dirt\run\l [2013.05.10 13:24:48 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\npc\dirt\walk\l [2013.05.10 13:24:54 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\npc\stonesolid\run\l [2013.05.10 13:24:55 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\npc\stonesolid\walk\l [2013.05.10 13:24:57 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\npc\wood\run\l [2013.05.10 13:24:57 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\npc\wood\walk\l [2013.05.10 13:25:02 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\dirt\run\l [2013.05.10 13:25:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\dirt\run\armorheavy\l [2013.05.10 13:25:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\dirt\run\armorlight\l [2013.05.10 13:25:05 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\dirt\sprint\l [2013.05.10 13:25:03 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\dirt\sprint\armorheavy\l [2013.05.10 13:25:04 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\dirt\sprint\armorlight\l [2013.05.10 13:25:06 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\dirt\walk\l [2013.05.10 13:25:08 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\grass\run\l [2013.05.10 13:25:06 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\grass\run\armorheavy\l [2013.05.10 13:25:07 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\grass\run\armorlight\l [2013.05.10 13:25:10 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\grass\sprint\l [2013.05.10 13:25:09 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\grass\sprint\armorheavy\l [2013.05.10 13:25:09 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\grass\sprint\armorlight\l [2013.05.10 13:25:11 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\grass\walk\l [2013.05.10 13:25:12 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\gravel\run\l [2013.05.10 13:25:11 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\gravel\run\armorheavy\l [2013.05.10 13:25:12 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\gravel\run\armorlight\l [2013.05.10 13:25:14 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\gravel\sprint\l [2013.05.10 13:25:13 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\gravel\sprint\armorheavy\l [2013.05.10 13:25:14 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\gravel\sprint\armorlight\l [2013.05.10 13:25:15 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\gravel\walk\l [2013.05.10 13:25:22 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\snow\run\l [2013.05.10 13:25:21 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\snow\run\armorheavy\l [2013.05.10 13:25:21 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\snow\run\armorlight\l [2013.05.10 13:25:24 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\snow\sprint\l [2013.05.10 13:25:23 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\snow\sprint\armorheavy\l [2013.05.10 13:25:24 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\snow\sprint\armorlight\l [2013.05.10 13:25:25 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\snow\walk\l [2013.05.10 13:25:27 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\stonesolid\run\l [2013.05.10 13:25:26 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\stonesolid\run\armorheavy\l [2013.05.10 13:25:26 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\stonesolid\run\armorlight\l [2013.05.10 13:25:27 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\stonesolid\run\barefoot\l [2013.05.10 13:25:30 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\stonesolid\sprint\l [2013.05.10 13:25:29 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\stonesolid\sprint\armorheavy\l [2013.05.10 13:25:29 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\stonesolid\sprint\armorlight\l [2013.05.10 13:25:30 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\stonesolid\sprint\barefoot\l [2013.05.10 13:25:31 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\stonesolid\stairs\l [2013.05.10 13:25:32 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\stonesolid\walk\l [2013.05.10 13:25:38 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\wood\run\l [2013.05.10 13:25:36 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\wood\run\armorheavy\l [2013.05.10 13:25:37 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\wood\run\armorlight\l [2013.05.10 13:25:41 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\wood\sprint\l [2013.05.10 13:25:39 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\wood\sprint\armorheavy\l [2013.05.10 13:25:40 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\wood\sprint\armorlight\l [2013.05.10 13:25:41 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\wood\stairs\l [2013.05.10 13:25:42 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\player\wood\walk\l [2013.05.10 13:25:46 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\snow\run\l [2013.05.10 13:25:44 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\snow\run\armorheavy\l [2013.05.10 13:25:45 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\snow\run\armorlight\l [2013.05.10 13:25:46 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\snow\sneak\l [2013.05.10 13:25:49 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\snow\walk\l [2013.05.10 13:25:47 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\snow\walk\armorheavy\l [2013.05.10 13:25:48 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\snow\walk\armorlight\l [2013.05.10 13:25:52 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\stonesolid\run\l [2013.05.10 13:25:50 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\stonesolid\run\armorheavy\l [2013.05.10 13:25:51 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\stonesolid\run\armorlight\l [2013.05.10 13:25:52 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\stonesolid\sneak\l [2013.05.10 13:25:54 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\stonesolid\stairs\l [2013.05.10 13:25:53 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\stonesolid\stairs\armorheavy\l [2013.05.10 13:25:53 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\stonesolid\stairs\armorlight\l [2013.05.10 13:25:56 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\stonesolid\walk\l [2013.05.10 13:25:55 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\stonesolid\walk\armorheavy\l [2013.05.10 13:25:55 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\stonesolid\walk\armorlight\l [2013.05.10 13:25:56 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\stonesolid\walk\barefoot\l [2013.05.10 13:25:58 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\water\run\l [2013.05.10 13:25:59 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\water\sneak\l [2013.05.10 13:25:59 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\water\walk\l [2013.05.10 13:26:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\wood\run\l [2013.05.10 13:26:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\wood\run\armorheavy\l [2013.05.10 13:26:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\wood\run\armorlight\l [2013.05.10 13:26:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\wood\sneak\l [2013.05.10 13:26:02 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\wood\stairs\l [2013.05.10 13:26:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\wood\stairs\armorheavy\l [2013.05.10 13:26:02 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\wood\stairs\armorlight\l [2013.05.10 13:26:05 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\wood\walk\l [2013.05.10 13:26:03 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\wood\walk\armorheavy\l [2013.05.10 13:26:04 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\wood\walk\armorlight\l [2013.05.10 13:26:05 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\fst\wood\walk\barefoot\l [2013.05.10 13:26:48 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\npc\atronachfrost\foot\walk\l [2013.05.10 13:27:07 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\npc\dragon\foot\walk\l [2013.05.10 13:27:12 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\npc\draugr\foot\walk\l [2013.05.10 13:27:14 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\npc\dwarvencenturion\walk\l [2013.05.10 13:27:23 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\npc\falmer\foot\walk\l [2013.05.10 13:27:24 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\npc\giant\foot\distant\l [2013.05.10 13:27:25 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\npc\giant\foot\walk\l [2013.05.10 13:27:47 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\npc\mudcrab\l [2013.05.10 13:27:50 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\npc\spiderfrostbite\foot\l [2013.05.10 13:27:50 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\npc\spiderfrostbite\foot\giant\l [2013.05.10 13:27:56 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\armor\heavy\l [2013.05.10 13:27:56 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\armor\light\l [2013.05.10 13:27:56 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\arrow\l [2013.05.10 13:27:57 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\basket\l [2013.05.10 13:27:57 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\blade1hand\l [2013.05.10 13:27:57 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\blade1hand\other\l [2013.05.10 13:27:57 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\body\large\l [2013.05.10 13:27:58 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\body\medium\dirt\l [2013.05.10 13:27:58 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\body\metal\large\l [2013.05.10 13:27:58 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\body\metal\small\l [2013.05.10 13:27:58 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\body\small\l [2013.05.10 13:27:59 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\bottle\l [2013.05.10 13:27:59 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\boulder\large\boulder\l [2013.05.10 13:27:59 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\boulder\large\dirt\l [2013.05.10 13:27:59 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\boulder\medium\boulder\l [2013.05.10 13:27:59 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\boulder\medium\dirt\l [2013.05.10 13:27:59 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\boulder\small\dirt\l [2013.05.10 13:27:59 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\bowsstaves\l [2013.05.10 13:28:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\carriage\wheel\l [2013.05.10 13:28:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\ceramic\medium\l [2013.05.10 13:28:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\coin\l [2013.05.10 13:28:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\dishwood\l [2013.05.10 13:28:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\generic\dirt\heavy\l [2013.05.10 13:28:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\generic\dirt\light\l [2013.05.10 13:28:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\generic\dirt\medium\l [2013.05.10 13:28:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\generic\grass\heavy\l [2013.05.10 13:28:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\generic\grass\light\l [2013.05.10 13:28:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\generic\grass\medium\l [2013.05.10 13:28:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\generic\metal\light\l [2013.05.10 13:28:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\generic\snow\heavy\l [2013.05.10 13:28:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\generic\snow\light\l [2013.05.10 13:28:02 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\generic\snow\medium\l [2013.05.10 13:28:02 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\generic\wood\light\l [2013.05.10 13:28:02 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\generic\wood\medium\l [2013.05.10 13:28:02 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\organic\small\l [2013.05.10 13:28:02 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\potspans\l [2013.05.10 13:28:02 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\shieldheavy\l [2013.05.10 13:28:03 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\phy\shieldlight\l [2013.05.10 13:28:16 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\wpn\bash\shield\l [2013.05.10 13:28:17 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1260702108-229838344-945700951-1000\$RL8YC5Q\NEU - Skyrim DEUTSCH - Razor1911 - S1lverSurfer\MyMod\sound\fx\wpn\block\shield\l [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013.05.01 13:15:23 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Aeria Games & Entertainment [2011.10.17 14:34:13 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Ashampoo [2012.04.23 18:23:02 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Audacity [2012.12.24 01:15:23 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\BitTorrent [2010.08.17 23:49:40 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Canneverbe Limited [2010.11.13 20:52:33 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\CBL-Electronics [2010.09.26 13:21:29 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Clonk Rage [2013.01.09 19:15:17 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\DVDVideoSoft [2012.05.02 13:33:24 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\DVDVideoSoftIEHelpers [2012.05.27 20:36:47 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\FOG Downloader [2012.02.10 14:24:12 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Free Sound Recorder [2011.09.05 16:53:53 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\GetRightToGo [2012.09.04 16:50:52 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\gtk-2.0 [2011.10.17 14:15:18 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Gutscheinmieze [2012.12.07 03:36:45 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\ICQ [2013.05.03 22:45:23 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\IDoser [2010.08.22 17:55:36 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\ijjigame [2012.09.03 22:14:39 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\IrfanView [2011.10.18 19:34:30 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\LibreOffice [2010.12.04 12:08:03 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\LolClient [2012.03.08 16:14:20 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\MAGIX [2010.09.27 16:48:02 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Need for Speed World [2010.08.17 23:41:55 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\OpenOffice.org [2010.10.10 09:53:15 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\PhotoScape [2012.07.10 00:12:44 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\six-updater [2012.07.10 00:11:45 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\six-zsync [2010.11.16 19:45:42 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Sony [2012.07.19 13:23:52 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Splinter Cell - Conviction [2010.11.27 10:53:20 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Steinberg [2011.02.11 19:50:09 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Synthesia [2013.05.30 19:42:55 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\TERA [2012.11.21 15:36:25 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\TestApp [2012.02.26 00:16:11 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\TS3Client [2011.10.17 14:09:50 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Uniblue [2012.07.16 14:48:54 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Unity [2011.07.11 21:10:28 | 000,000,000 | ---D | M] -- C:\Users\flo\AppData\Roaming\Xilisoft ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 326 bytes -> C:\Windows\System32\drivers\kmkppssq.sys:changelist < End of report > Geändert von NeedHelp95 (02.06.2013 um 18:08 Uhr) |
02.06.2013, 18:09 | #2 |
| Trojaner (keine Internetverbindung) OTL EXTRAS Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 02.06.2013 18:25:13 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\flo\Desktop\OTLL Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,71 Gb Available Physical Memory | 83,53% Memory free 6,69 Gb Paging File | 6,34 Gb Available in Paging File | 94,84% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 931,51 Gb Total Space | 426,23 Gb Free Space | 45,76% Space Free | Partition Type: NTFS Drive E: | 124,72 Mb Total Space | 124,12 Mb Free Space | 99,52% Space Free | Partition Type: FAT Computer Name: FLO-PC | User Name: flo | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02175975-B880-479B-974C-2EADEE94B5F2}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | "{06B223A4-C9A0-423E-8F84-0446141DAA1D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{110678B0-1A8F-480A-AF86-987D178680C4}" = rport=137 | protocol=17 | dir=out | app=system | "{1A4D4BAA-8B7D-4CED-9F2B-CDFD5C010C23}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{300181DB-2829-43EF-AE33-BF4B3A16E167}" = lport=137 | protocol=17 | dir=in | app=system | "{32501AA1-722E-42EB-A8E0-7443DB2FC21B}" = lport=6967 | protocol=6 | dir=in | name=league of legends launcher | "{32911E92-D70F-4BD8-8C03-FB2D2B77CF0E}" = lport=138 | protocol=17 | dir=in | app=system | "{3D5D8E0F-925C-48F4-A3D0-0546EAC3BF92}" = lport=139 | protocol=6 | dir=in | app=system | "{3E346BBC-E3EE-4969-B873-7507ED616F2E}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby | "{47D6B838-6A9F-4F19-8D8E-E8881B204660}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{51EF877C-F4C7-4498-8F65-C194449C3CBE}" = rport=139 | protocol=6 | dir=out | app=system | "{5722BCA6-A87C-4FDA-B2D2-06DBEB6AF23D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{6488DA50-7E89-4DDB-B2BE-35DC0A650676}" = lport=49163 | protocol=6 | dir=in | name=akamai netsession interface | "{78E1143F-507A-41E2-B120-A38733C1FB68}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{7C99E6E0-3A68-4ED1-A0AD-658138F75B98}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client | "{869EADF3-4366-42EA-85A3-9935259634E1}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | "{9246CCDA-75D9-4C3A-95A1-ED75F809BE87}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby | "{930F6BEB-E61E-4E38-B1AC-CF62446AB025}" = rport=445 | protocol=6 | dir=out | app=system | "{976D65D8-CF34-4CBF-82EF-F0EE4A0843AD}" = lport=49225 | protocol=6 | dir=in | name=akamai netsession interface | "{A1F3C0C0-B623-41C6-A7EC-E7C88A08968F}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client | "{B7ACE4C6-CC4E-4E10-A542-6D1DEB5A9C34}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{B9EC9CBE-F4C1-4A88-8266-ADF99D92A1F7}" = rport=138 | protocol=17 | dir=out | app=system | "{D6E481A8-44BD-4875-AE8F-68C66E42E472}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{E84AD433-B86D-4044-9C93-B9136F5986B2}" = lport=445 | protocol=6 | dir=in | app=system | "{F33FB1F4-D22E-4A04-A5ED-37D9A4284FE5}" = lport=6967 | protocol=17 | dir=in | name=league of legends launcher | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00ACA054-5AB3-4326-975B-7D85899F6DB1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | "{018EF028-659B-4A04-95BF-D11409FFB783}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe | "{065BDC6C-161E-4794-8A2E-1B6D8E7D884D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\0jeyz0\rag doll kung fu\rag_doll_kung_fu_steam.exe | "{0665621C-7AA5-486D-8EDF-CE1ADC873FDF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\gotham city impostors f2p\impostors.exe | "{06D629F7-BADE-4531-BD95-DF1200151C0F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{07A2C416-FC23-4BEC-91C3-BB0ECA29EDB4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{09C74503-5373-423A-9F10-97A702A5EFC0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\blacklightretribution\blacklight retribution.exe | "{0A0F1982-3B1D-4F70-ABFB-9B5659C3DAAF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{0B522A88-2CB5-4FA0-9E8B-03D25CFBFC52}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | "{0FBEBBFC-EF62-4F50-8A9A-FAACDD576040}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\ravaged\binaries\win32\ravagedgame.exe | "{10D601F8-557F-4A1C-B44B-94E0947089A9}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | "{128BD9E6-7BFC-4FA8-A3D5-9DC5837E0430}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike global offensive\csgo.exe | "{13CE5679-BA83-4D66-A403-71D3D17902D4}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | "{15ED5155-2B53-4194-AD01-16F3ADD98EDA}" = protocol=17 | dir=in | app=c:\program files\brawlbusters(en)cbt\bin\pblauncher.exe | "{16BA996E-55F6-4653-96AB-4881E22EA7D2}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe | "{1A7DA37B-BB7E-4B0E-A100-660636B8E775}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age of empires online\aoeonline.exe | "{1D729026-BD5A-425F-9D0A-7432AF8325D4}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe | "{1F28ACFE-FCD1-421C-9061-7A0A9466EF30}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe | "{2011CDFF-C1D3-4AEA-950A-66AAE132B76A}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe | "{202ED50A-0231-4920-9D31-5521FE92A993}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{2A2ED7A0-7567-43A7-823B-DB6A069B9F13}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe | "{2CD3635D-4610-4A62-9CA2-03A53D2A64D8}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\0jeyz0\rag doll kung fu\rag_doll_kung_fu_steam.exe | "{2CD69961-5365-4696-A1F6-B335F4AB44AC}" = protocol=6 | dir=in | app=c:\program files\brawlbusters(en)cbt\bin\pblauncher.exe | "{2D78D599-3B49-489B-91AF-382E3D3C11EC}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe | "{2F4CBEAF-1660-4773-BAD7-378CDE92227D}" = protocol=6 | dir=in | app=c:\program files\brawlbusters(en)cbt\bin\pbclient.exe | "{323E429A-20EE-4284-83A5-ADC6F8BB3778}" = protocol=6 | dir=in | app=c:\programdata\turbine\ddo unlimited\turbinelauncher.exe | "{34703B4B-91B6-46E9-82D1-666F87487863}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{36603DFE-674F-410A-BB3F-CDBB9B952896}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{379E861A-2FBA-4290-9BCF-945579B9EBAF}" = protocol=17 | dir=in | app=c:\webzen\arcticcombat\system\arcticcombat.exe | "{382122A1-50FA-4E2A-817D-624641C48514}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{3908B87B-AFC4-4802-AF28-DCB6D31AE7DD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | "{3A888AF5-3628-4B3F-9174-010441D93760}" = protocol=6 | dir=in | app=c:\program files\brawlbusters(en)cbt\bin\pblauncher.exe | "{3FF15167-C467-4B26-B8BD-8EF280D2BC7F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\nuclear dawn\nucleardawn.exe | "{424BBA62-196C-43E7-99AC-4378766B52B1}" = protocol=17 | dir=in | app=c:\users\flo\appdata\local\akamai\netsession_win.exe | "{450D5E3F-AF2F-4146-B7A5-F9086DF9F8BE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | "{479865CA-8C00-48A5-B78E-6D846C003704}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe | "{47D6134C-E25B-400B-9A22-2AF384E1FBE8}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\0jeyz0\garrysmod\hl2.exe | "{50D90365-A709-4156-821D-9F62239EA0F7}" = protocol=6 | dir=in | app=c:\users\flo\appdata\local\akamai\netsession_win.exe | "{525F620E-D94D-4BD9-95B6-4F443A39FCF0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe | "{5297673B-75DF-46D0-8BF6-F468F1FC9EC5}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{52BD897D-D99C-42D3-ABF3-0BF562F09048}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{5530099F-2445-4D7A-AB76-E0AA233A398C}" = protocol=6 | dir=in | app=c:\webzen\arcticcombat\system\arcticcombat.exe | "{56668B3F-FCCF-4882-8F6A-117C0EB8E531}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe | "{573665E5-BB95-4929-B081-C908001D783A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{580D26E3-F887-4F1B-AA43-55B485089B07}" = protocol=17 | dir=in | app=c:\program files\brawlbusters(en)cbt\bin\pblauncher.exe | "{5F89BE9D-6816-4DC7-BD9A-0D9ED73CC1AA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{60CB6706-6408-4830-9820-63212EF6D50A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd | "{62DF02EE-4E50-4F00-8E38-3201AB9D3622}" = protocol=17 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe | "{6328AC7D-03A7-48FF-A675-0CB86516C4D7}" = protocol=6 | dir=in | app=c:\nexon\vindictus eu\en-eu\nmservice.exe | "{63427E09-33C1-41EB-8403-9C571D86E30E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | "{6398B843-4BF9-4E70-B914-F88B5065C2AF}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{654487CC-86BE-4F50-9130-8E7710589C3B}" = dir=in | app=afo_p2p_v1006.exe | "{69A13DA4-1B60-44A9-B2DA-7151D5D43323}" = protocol=6 | dir=in | app=c:\program files\capcom\street fighter x tekken\sftk.exe | "{6F9AA8E4-7D93-420C-9F57-F75F95930501}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{70874A73-60DE-4DFD-8F4A-0177CFEA1722}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\gumboy tournament\gumboytournament.exe | "{76A2D3A2-36F5-4F5D-971C-305E02596467}" = dir=in | app=c:\users\flo\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{7DBB75E5-AB8F-471F-A837-967879AFF087}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\gumboy tournament\gumboytournament.exe | "{7DD829DD-A64A-4EAD-B0B0-B804CC3C2143}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | "{7F0E40D5-B14C-4512-ABC6-6935CDA7E7B4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{7FCF76E3-B08A-41B3-B95E-A0BF5AFBF2E3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | "{811EA583-F25E-4A69-BB84-5E42B4849B5E}" = protocol=6 | dir=in | app=c:\program files\brawlbusters(en)cbt\bin\pbclient.exe | "{81BC7D28-DF12-404A-B86F-30FEFCF2C12D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\ravaged\binaries\win32\ravagedgame.exe | "{8201BA80-F6FA-498A-959A-6E09B2E21516}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe | "{8500B30D-AF2E-4A51-9DEA-1C29DE66A4C5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd | "{85D9CFE5-EBD8-4D20-BF8B-6D47AC3AC2F8}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{8A11B2B2-0E44-4C80-AA18-40D742215E17}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe | "{8E0E21E8-CFC8-41EB-A62C-E3D9FBAA00A0}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{8FDC719C-2D84-428E-8887-DFD2C05ADC57}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\nuclear dawn\nucleardawn.exe | "{90A4A706-FC50-4F4A-B9B1-659AA248E12B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{93B1AE5F-A0EB-4536-94B3-A2CD79D69518}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe | "{9533BED0-E6A6-4C33-A2B9-2E3A5330B210}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{9888B3C9-D6EE-4681-BA04-D59169AC9597}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe | "{98FB61F3-FB2A-4781-92A9-623DA14235B1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd | "{9A5E96AB-A0C7-4E37-9F4B-C6DD84313EEF}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{9C79B540-441B-4364-92E5-D842F679FEBA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\gotham city impostors f2p\impostors.exe | "{9D77B167-B9B0-4D07-8170-DE9CE07E8C78}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age of empires online\aoeonline.exe | "{9D9CA735-EBA7-4236-8D84-3D13A5FC2B8C}" = protocol=17 | dir=in | app=c:\program files\disney interactive studios\split second\splitsecond.exe | "{A0494806-1B1B-4CF4-9390-3F5939B4CA9A}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe | "{A32A8307-4DA2-461A-8485-80C0BA2AF0FF}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{A5D911EB-1E09-47AC-AE05-BD8433FFA433}" = dir=in | app=c:\users\flo\documents\the war z\warz.exe | "{A88A04FB-BF58-4C78-85EC-810B55E9974E}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{AD658D96-2A2D-49EE-85F0-91847EF9B6EA}" = protocol=17 | dir=in | app=c:\nexon\vindictus eu\en-eu\nmservice.exe | "{AF8F4427-DCFF-4FA0-9458-6A905A747F83}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{B13E485E-F054-463D-9C3B-AFD4A134FB85}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\arma 2\arma2.exe | "{B4F90645-1F24-4FA4-8570-FFC127FF4897}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\0jeyz0\garrysmod\hl2.exe | "{B9432B09-2161-4314-A6F0-AF46B8796E98}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | "{B9844A56-E227-4E8F-8A62-0B732C60804A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\gotham city impostors f2p\engine.exe | "{BB602679-59EE-47C7-9030-45F72685DA2F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | "{BCECBE50-1FB8-48C6-BF5E-74F65C00730E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe | "{BD7A79F2-12D0-432E-99D0-E8D31BA89701}" = dir=in | app=c:\brickforce\brickforce.exe | "{BF64F350-D92F-4BB9-9A29-5C6469B0C738}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe | "{BFDAE5FF-6CE7-4B20-8BA1-B1372EEC5FE4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike global offensive\csgo.exe | "{C77C2AE5-B8BB-4D00-878D-1FCA6BD73858}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd | "{CDDE6D80-7393-4EBB-8813-D1E060377A82}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{CEB44E72-022F-4ECC-BA6F-A8C0C556EA7B}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{CF158D76-EB02-4602-A75A-86F713CFB318}" = protocol=6 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe | "{CF966E37-C36E-46E8-B707-8E6F2CCFB9DB}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe | "{D0CB251C-BA80-4AB7-A65D-E115AB236FA2}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe | "{D1501E9F-AA88-4EC8-BE20-41C18349CD89}" = protocol=6 | dir=in | app=c:\program files\disney interactive studios\split second\splitsecond.exe | "{D4584C26-3D75-40B0-92D7-6B96920BBB6E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{D79513C2-F817-412B-847B-897E6FB1F4E2}" = protocol=6 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe | "{DC8CAF76-AFC0-4C4C-AA99-7DE2DB7E95B5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\blacklightretribution\blacklight retribution.exe | "{DD48AC8F-2036-415E-8156-87F13EE05EF2}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\gotham city impostors f2p\engine.exe | "{E44748EB-8FE5-4C6A-B5A0-FCD99C01E8F7}" = protocol=17 | dir=in | app=c:\program files\brawlbusters(en)cbt\bin\pbclient.exe | "{E8E26749-8C31-472D-8C30-4A432BC786E4}" = protocol=17 | dir=in | app=c:\programdata\turbine\ddo unlimited\dndclient.exe | "{EB0A1839-1659-4378-ABBA-DAAC1589D4B6}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe | "{EC7ABC71-3622-44E4-A8B1-23D577BDDD9F}" = protocol=17 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe | "{ED9D3112-A0C4-4F64-95DA-61B1758CBD5A}" = protocol=17 | dir=in | app=c:\program files\brawlbusters(en)cbt\bin\pbclient.exe | "{EEB1AFC4-2EF1-425E-9559-1A1A29D3AF0E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{EEED46D9-4A93-45EE-9263-0A1E0F0AA7A6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\arma 2\arma2.exe | "{F0AF24FF-F9FF-4365-B4E1-EA8EEF2DFB63}" = dir=in | app=c:\brickforce\bflauncher.exe | "{F223089E-6AAA-4676-9D44-12DBAFD1794F}" = dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe | "{F4E49809-524D-48A8-809F-7251968FF22A}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | "{F7C25A7D-1C3C-4D15-9B3B-EFB29D085660}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{F8DA215B-5181-4858-A918-A7481150574B}" = protocol=6 | dir=in | app=c:\programdata\turbine\ddo unlimited\dndclient.exe | "{FBBF5892-BC5F-4B65-BE0B-B7BAB819D8B5}" = protocol=17 | dir=in | app=c:\program files\capcom\street fighter x tekken\sftk.exe | "{FF46C517-7262-40E7-A69C-70F5FCD0D311}" = protocol=17 | dir=in | app=c:\programdata\turbine\ddo unlimited\turbinelauncher.exe | "TCP Query User{02C179B2-BE11-4772-BA68-E82EF0D3F8CE}C:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_574e57d9b3df0368\launcher.exe" = protocol=6 | dir=in | app=c:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_574e57d9b3df0368\launcher.exe | "TCP Query User{0D141C5B-8FBF-4E84-934A-046967E4EA02}C:\program files\icq7.6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe | "TCP Query User{0F901E68-33F9-4361-999A-D9CD4DECF246}C:\program files\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files\six projects\six updater\tools\bin\rsync.exe | "TCP Query User{15332B30-D8D1-4E78-AEDA-E7C1CF544B48}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | "TCP Query User{1A8DBF90-0D71-4789-B75A-F38B21DF30F2}C:\ubisoft\gro\pdc-live\yeti_release.exe" = protocol=6 | dir=in | app=c:\ubisoft\gro\pdc-live\yeti_release.exe | "TCP Query User{1F5100E7-98A5-49A2-B0B5-8744FD7EE42C}C:\users\flo\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\flo\appdata\local\akamai\netsession_win.exe | "TCP Query User{21FF13A2-60C2-4F2D-A781-AE224170BA23}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "TCP Query User{24B54C74-8CAE-414D-A99F-1D8E4A79CE12}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "TCP Query User{2C8D004E-AB9B-485B-84C2-3E950D1AA7D9}C:\program files\r.g. mechanics\splinter cell - conviction\src\system\conviction_game.exe" = protocol=6 | dir=in | app=c:\program files\r.g. mechanics\splinter cell - conviction\src\system\conviction_game.exe | "TCP Query User{305CDAFE-9512-4D84-AF96-0910565D1D05}C:\program files\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files\the witcher 2\bin\witcher2.exe | "TCP Query User{32040358-5A7C-4CAB-8EEB-B8B9F76E221E}C:\program files\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files\the witcher 2\bin\witcher2.exe | "TCP Query User{37BD01F5-CB3F-4E39-BBF2-457F4B2A2627}C:\program files\black_box\the witcher 2 assassins of kings\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files\black_box\the witcher 2 assassins of kings\bin\witcher2.exe | "TCP Query User{39F20C2A-6618-450D-B221-7255C427A49E}C:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_6781ce15484d1168\launcher.exe" = protocol=6 | dir=in | app=c:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_6781ce15484d1168\launcher.exe | "TCP Query User{3E8C0BB0-7B38-4572-B069-67211D93BB58}C:\program files\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files\tera\tera-launcher.exe | "TCP Query User{4C84D620-7102-409C-A961-C0E4DE29FEB3}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe | "TCP Query User{5461EA6C-ABED-4CD6-B1B6-2A72DA7302BE}C:\program files\r.g. mechanics\splinter cell - conviction\src\system\uplaybrowser.exe" = protocol=6 | dir=in | app=c:\program files\r.g. mechanics\splinter cell - conviction\src\system\uplaybrowser.exe | "TCP Query User{5F5E11E3-7EBB-49AF-B6AB-3A373C29EFE4}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=6 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin | "TCP Query User{72019647-F0C3-4752-B95E-FC427A3048A9}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | "TCP Query User{7D1D3BD8-C742-415D-94A4-CFF5801328D6}C:\program files\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | "TCP Query User{849EBD11-F389-420E-8B5B-5BF6CD069D72}C:\program files\black_box\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=c:\program files\black_box\dead island\deadislandgame.exe | "TCP Query User{8504CFDB-18F0-4960-B79B-504C3C0F94A4}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe | "TCP Query User{886015CC-B1EC-412A-9E21-B1CAF4A5FAB7}C:\program files\littlefighter2\lf2_v2.0a\lf2.exe" = protocol=6 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0a\lf2.exe | "TCP Query User{8F047F22-A3FF-4EF8-B9D4-A9A30AE5C2B7}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe | "TCP Query User{913E14F0-E229-42B9-82FB-B3B717AFE298}C:\program files\star vault\mortal online\mortal online launcher.exe" = protocol=6 | dir=in | app=c:\program files\star vault\mortal online\mortal online launcher.exe | "TCP Query User{993262D4-98B1-42FD-9580-E8177A939174}C:\program files\black_box\the witcher 2 assassins of kings\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files\black_box\the witcher 2 assassins of kings\bin\witcher2.exe | "TCP Query User{9B088DC5-3D07-42FE-A5B8-ADE5E6CB7E77}C:\users\flo\downloads\afo_p2p_v1006.exe" = protocol=6 | dir=in | app=c:\users\flo\downloads\afo_p2p_v1006.exe | "TCP Query User{9B3FC83E-C99C-4E52-890A-D0A2602B36BF}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "TCP Query User{9CCF5FA5-4DFA-4E2D-85FC-94383A6828A7}C:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_6781ce15484d1168\launcher.exe" = protocol=6 | dir=in | app=c:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_6781ce15484d1168\launcher.exe | "TCP Query User{9E37F9D3-266F-4FA5-873F-A4CD00997E6A}C:\program files\roozz\roozznhostsvc.exe" = protocol=6 | dir=in | app=c:\program files\roozz\roozznhostsvc.exe | "TCP Query User{A4CFD659-7153-4637-974D-B51092986815}C:\program files\counter strike source 2012 v_0_71-=aviara=-\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter strike source 2012 v_0_71-=aviara=-\hl2.exe | "TCP Query User{AD1FFFD6-1578-4FEC-8D4B-7CE92323D4CC}C:\program files\steam\steamapps\0jeyz0\pirates, vikings, and knights ii\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\0jeyz0\pirates, vikings, and knights ii\hl2.exe | "TCP Query User{B1FAC152-FE89-49BE-8EA4-9D00A7C5D378}C:\program files\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files\six projects\six updater\tools\bin\rsync.exe | "TCP Query User{BE80C140-ACF1-4EED-88AC-66EFDFEA7112}C:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_574e57d9b3df0368\launcher.exe" = protocol=6 | dir=in | app=c:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_574e57d9b3df0368\launcher.exe | "TCP Query User{BF118EAD-4084-41FA-9F56-49855C71A3E3}C:\users\flo\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\flo\appdata\local\google\chrome\application\chrome.exe | "TCP Query User{C1304A2B-EC29-4943-B2A6-E386827C8286}C:\program files\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | "TCP Query User{CE537EFB-E99D-4EBA-9F56-F5BA38D1D38E}C:\hlserver\orangebox\srcds.exe" = protocol=6 | dir=in | app=c:\hlserver\orangebox\srcds.exe | "TCP Query User{CFF22ADA-41C5-4C24-884F-DB22E0DD70C7}C:\program files\r.g. mechanics\splinter cell - conviction\src\system\conviction_game.exe" = protocol=6 | dir=in | app=c:\program files\r.g. mechanics\splinter cell - conviction\src\system\conviction_game.exe | "TCP Query User{D3F6FFC7-A9B5-456F-8220-2FDFC5AB8C10}C:\program files\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe | "TCP Query User{E4BBA9BE-5E89-4D8D-9808-21DC1E5B09A2}C:\users\public\sony online entertainment\installed games\magic the gathering tactics\mtgtactics.exe" = protocol=6 | dir=in | app=c:\users\public\sony online entertainment\installed games\magic the gathering tactics\mtgtactics.exe | "TCP Query User{E50656F5-9BED-4B34-BBF8-F87E7BDFA2D0}C:\program files\reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files\reactor\reactor.exe | "TCP Query User{E5E9B3D2-23B5-4FFD-A7EC-2664AB39B15E}C:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe | "TCP Query User{EDAA18C0-54FD-438C-A58E-97F6027A2880}C:\program files\reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files\reactor\reactor.exe | "TCP Query User{FE1CAE50-BA28-4E9F-853E-F179BFA07C2E}C:\program files\counter strike source 2012 v_0_71-=aviara=-\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter strike source 2012 v_0_71-=aviara=-\hl2.exe | "TCP Query User{FEC9DC9D-F4C2-42F4-88BE-2FE782DB7625}C:\users\flo\desktop\css\counter strike source full game v_1.0.0.71 mp - sp -=aviara=-\hl2.exe" = protocol=6 | dir=in | app=c:\users\flo\desktop\css\counter strike source full game v_1.0.0.71 mp - sp -=aviara=-\hl2.exe | "UDP Query User{04C84259-EABA-4A21-A2F7-BACD91DCD332}C:\program files\counter strike source 2012 v_0_71-=aviara=-\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter strike source 2012 v_0_71-=aviara=-\hl2.exe | "UDP Query User{0C3FDCFA-60FE-48AE-B520-04EBDDE1B691}C:\program files\black_box\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=c:\program files\black_box\dead island\deadislandgame.exe | "UDP Query User{1FF9B016-9E73-4DFF-9922-572AF3BB17A6}C:\program files\roozz\roozznhostsvc.exe" = protocol=17 | dir=in | app=c:\program files\roozz\roozznhostsvc.exe | "UDP Query User{24C764DB-20BA-493A-9E99-24B1B18DE2A6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | "UDP Query User{294BCE5F-E8CA-4B03-95B8-198819A77057}C:\program files\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | "UDP Query User{2AA54BAB-D4AF-487A-B3E9-4C836287D7B8}C:\program files\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files\six projects\six updater\tools\bin\rsync.exe | "UDP Query User{2F7015BE-C20B-40DF-AAFD-617B63DA56ED}C:\program files\littlefighter2\lf2_v2.0a\lf2.exe" = protocol=17 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0a\lf2.exe | "UDP Query User{4443E4E1-D7BF-46DA-905E-49CFD35625E1}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=17 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin | "UDP Query User{48083D11-5A01-4A15-90E6-463C09E3E684}C:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_6781ce15484d1168\launcher.exe" = protocol=17 | dir=in | app=c:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_6781ce15484d1168\launcher.exe | "UDP Query User{61E4F3A1-4682-4604-AAFA-DD0B33D26376}C:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe | "UDP Query User{621E04C7-64FD-4DBC-8AE9-C51C398FA322}C:\program files\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files\the witcher 2\bin\witcher2.exe | "UDP Query User{696E9EC0-B797-4A64-9CD6-9581B91D42D5}C:\program files\icq7.6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe | "UDP Query User{6A96DE3E-DAF6-4852-BC7A-447B12A1C9B6}C:\users\flo\desktop\css\counter strike source full game v_1.0.0.71 mp - sp -=aviara=-\hl2.exe" = protocol=17 | dir=in | app=c:\users\flo\desktop\css\counter strike source full game v_1.0.0.71 mp - sp -=aviara=-\hl2.exe | "UDP Query User{6CB0DBD0-1284-4F3B-98C1-D82F0928D44C}C:\program files\reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files\reactor\reactor.exe | "UDP Query User{6D11F54D-D8E6-4163-8B40-861374FDF175}C:\hlserver\orangebox\srcds.exe" = protocol=17 | dir=in | app=c:\hlserver\orangebox\srcds.exe | "UDP Query User{6F76A330-1D25-42D3-8C94-63C4172D6C73}C:\program files\steam\steamapps\0jeyz0\pirates, vikings, and knights ii\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\0jeyz0\pirates, vikings, and knights ii\hl2.exe | "UDP Query User{7399B9CF-F9D4-4FEA-ACD5-2A3654EC84FE}C:\ubisoft\gro\pdc-live\yeti_release.exe" = protocol=17 | dir=in | app=c:\ubisoft\gro\pdc-live\yeti_release.exe | "UDP Query User{76AD3885-A6E6-4704-BE51-3F6EA2DF3445}C:\program files\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | "UDP Query User{77C8CF84-DC1A-42A3-921D-EE5F28064B57}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "UDP Query User{7B9064E7-87A1-4ECB-A6BC-CC88E7779FFC}C:\program files\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files\six projects\six updater\tools\bin\rsync.exe | "UDP Query User{7DF35DE5-C2E7-4776-B604-0F024F626C92}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe | "UDP Query User{7E46CAA3-19ED-4D7D-8E14-1BF865F49A28}C:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_574e57d9b3df0368\launcher.exe" = protocol=17 | dir=in | app=c:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_574e57d9b3df0368\launcher.exe | "UDP Query User{7EE2837F-2D6D-404D-B8DD-F6B5ABD22B8D}C:\program files\r.g. mechanics\splinter cell - conviction\src\system\conviction_game.exe" = protocol=17 | dir=in | app=c:\program files\r.g. mechanics\splinter cell - conviction\src\system\conviction_game.exe | "UDP Query User{810EE42A-D9C3-4077-9822-35D2BDD1B780}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe | "UDP Query User{811EEA58-8A06-42A9-BFB6-E0C706DDB7FD}C:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_574e57d9b3df0368\launcher.exe" = protocol=17 | dir=in | app=c:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_574e57d9b3df0368\launcher.exe | "UDP Query User{817DF963-A41C-40FA-B9CA-6562CEA7C412}C:\program files\reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files\reactor\reactor.exe | "UDP Query User{81D56C61-AEB4-4CDF-9194-8172429E9F03}C:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_6781ce15484d1168\launcher.exe" = protocol=17 | dir=in | app=c:\users\flo\appdata\local\apps\2.0\mzq19alk.354\e7a55ja2.z1r\laun...app_59711684aa47878d_0001.0017_6781ce15484d1168\launcher.exe | "UDP Query User{87CED31F-9E3A-4316-A101-0F01ED008B7A}C:\program files\black_box\the witcher 2 assassins of kings\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files\black_box\the witcher 2 assassins of kings\bin\witcher2.exe | "UDP Query User{8868A055-03B1-46D6-B821-F4425CF93457}C:\program files\r.g. mechanics\splinter cell - conviction\src\system\conviction_game.exe" = protocol=17 | dir=in | app=c:\program files\r.g. mechanics\splinter cell - conviction\src\system\conviction_game.exe | "UDP Query User{89219451-4516-4CAB-ADDD-4DE3A512A6CA}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "UDP Query User{9A325F5D-EEF8-4529-828C-F701FD02C501}C:\program files\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files\the witcher 2\bin\witcher2.exe | "UDP Query User{AEF3CA38-3C88-4F32-8CE5-25FC5C6DAAAD}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | "UDP Query User{B61E71D0-8237-4EE2-9001-9376C49D0EE7}C:\users\public\sony online entertainment\installed games\magic the gathering tactics\mtgtactics.exe" = protocol=17 | dir=in | app=c:\users\public\sony online entertainment\installed games\magic the gathering tactics\mtgtactics.exe | "UDP Query User{CAABE0AE-9E04-4C01-BFB2-6A29D54E9ADE}C:\program files\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe | "UDP Query User{CE567088-4136-489B-B884-03C0B2D0DFA0}C:\program files\black_box\the witcher 2 assassins of kings\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files\black_box\the witcher 2 assassins of kings\bin\witcher2.exe | "UDP Query User{D1CFD190-D87D-491B-9788-13E7804C9BD1}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe | "UDP Query User{D632A0CD-DDDB-41EA-9D58-C9AB2619A3E9}C:\program files\r.g. mechanics\splinter cell - conviction\src\system\uplaybrowser.exe" = protocol=17 | dir=in | app=c:\program files\r.g. mechanics\splinter cell - conviction\src\system\uplaybrowser.exe | "UDP Query User{D7B1618D-026C-4629-A7FF-FEDE7AD70B04}C:\users\flo\downloads\afo_p2p_v1006.exe" = protocol=17 | dir=in | app=c:\users\flo\downloads\afo_p2p_v1006.exe | "UDP Query User{E53E3113-4DE9-4F3C-9A81-05126A9BBC61}C:\program files\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files\tera\tera-launcher.exe | "UDP Query User{E7CBF568-1FE1-44BE-A188-15789C33A7FE}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "UDP Query User{EA0868A8-625B-4681-A4FA-8332A0475DC0}C:\users\flo\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\flo\appdata\local\akamai\netsession_win.exe | "UDP Query User{EDD2CA1A-5264-4A65-8507-9A904D568E38}C:\program files\star vault\mortal online\mortal online launcher.exe" = protocol=17 | dir=in | app=c:\program files\star vault\mortal online\mortal online launcher.exe | "UDP Query User{EDE8456F-86BA-4BD7-A66E-F9215CF9B1FB}C:\program files\counter strike source 2012 v_0_71-=aviara=-\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter strike source 2012 v_0_71-=aviara=-\hl2.exe | "UDP Query User{FEEE614C-CB13-4AB3-962D-02A88F18C350}C:\users\flo\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\flo\appdata\local\google\chrome\application\chrome.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R) "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center "{0EF87B9E-8837-4F27-81D7-96565A3F5BEE}" = BlueStacks Notification Center "{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F0D5576-C383-4E5E-9906-0B47BECBB8B6}" = Hama Webcam Suite "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37 "{28526951-55EF-4901-A0CA-B9AC966D1DD1}" = Split/Second "{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager "{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3F5FA47E-B4DE-45B4-85E3-11CD5E4974A3}_is1" = The Witcher 2 Assassins of Kings version 1.0 "{3L7IL77L-T4D4-75B1-97C5-18CD6E6334A3}_is1" = Dead Island version 1.0 "{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists "{43430FA5-AF68-4A2D-A7D4-891000008200}" = Street Fighter X Tekken "{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B7IL77L-LKS1-75B1-SKYRIM-18CD6E6334R1}_is1" = The Elder Scrolls V - Skyrim version 1.0 "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack "{554894C6-A12C-4CE6-8FDC-F1BBEABB69B4}_is1" = Dead Island Riptide version 5.1 "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{646F740F-C5F8-421A-9022-DCD1BC81A77E}" = Aeria Ignite "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69082C8E-38F6-445A-8617-C19008DD5392}" = Scramby "{69764F1C-55E1-4219-BDC5-299CD95FF004}_is1" = Mortal Online "{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction "{6DEC6F5B-7A7E-4779-AACF-0E4BA990A8CA}" = S4 League_EU "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{777AD08E-B32A-4456-AFE1-094DBECEB268}" = Intel(R) Network Connections 13.5.32.0 "{7821C7B2-7E21-4CF3-925B-58B6A8BC6311}" = LibreOffice 3.4 "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{8544556F-92C9-478E-9ABC-BC2823E39577}" = MAGIX Speed burnR (MSI) "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid "{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM) "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C84DFF4-A98C-42d5-A09F-6985A05205B2}_is1" = Arctic Combat "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A2F166A0-F031-4E27-A057-C69733219434}_is1" = TERA "{A2F166A0-F031-4E27-A057-C69733219435}_is1" = RaiderZ "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAE31374-02C2-452E-88EC-2F16D92731A9}" = MAGIX Screenshare "{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = The War Z version alpha "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{EE3A0915-E8E5-4F1C-A048-592B7BD374D7}" = MAGIX Video deluxe 17 Download-Version "{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{F9706A8C-D740-42CA-8703-E08EDD0F0778}" = LogMeIn Hamachi "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Aeria Ignite" = Aeria Ignite "Aeria Ignite 1.12.2553" = Aeria Ignite "Akamai" = Akamai NetSession Interface "APB Reloaded" = APB Reloaded "ASIO4ALL" = ASIO4ALL "AstrumNival Allods" = Allods Online 3.0.02.33 "Audacity_is1" = Audacity 2.0 "AVS Update Manager_is1" = AVS Update Manager 1.0 "AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4 "AVS4YOU Video Converter 7_is1" = AVS Video Converter 8 "BandiMPEG1" = Bandisoft MPEG-1 Decoder "BattlEye for OA" = BattlEye for OA Uninstall "BitTorrent" = BitTorrent "BlueStacks App Player" = BlueStacks App Player "BrawlBusters(EN)CBT" = BrawlBusters(EN)CBT "Counter Strike Source 2012 V_0_71-=AviaRa=- 1.0.0.71" = Counter Strike Source 2012 V_0_71-=AviaRa=- 1.0.0.71 "Desura" = Desura "DivX Setup" = DivX-Setup "Dragon Ball Arcade" = Dragon Ball Arcade "DS-MP3 Source" = DS-MP3 Source 1.30 "FL Studio 10" = FL Studio 10 "FormatFactory" = FormatFactory 2.70 "Free Sound Recorder_is1" = Free Sound Recorder v9.2.7 "Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.11.727 "Free YouTube Download_is1" = Free YouTube Download version 3.1.25.423 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212 "GamersFirst LIVE!" = GamersFirst LIVE! "GamersFirst War Rock" = War Rock "Half-Life Dedicated Server Update Tool" = Half-Life Dedicated Server Update Tool "Hitman 2: Silent Assassin" = Hitman 2: Silent Assassin "Hitman: Contracts" = Hitman: Contracts "I-Doser" = I-Doser Free "IL Download Manager" = IL Download Manager "InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM) "IrfanView" = IrfanView (remove only) "LemmingballZ_0" = LemmingballZ 3D 8460 "Little Fighter 2" = Little Fighter 2 version 2.0a "LOCO" = LOCO EVOLUTION "LogMeIn Hamachi" = LogMeIn Hamachi "MAGIX Music Maker for MySpace D" = MAGIX Music Maker for MySpace 15.0.1.8 (D) "MAGIX_MSI_Videodeluxe17" = MAGIX Video deluxe 17 Download-Version "Metal Slug - Commando 2" = Metal Slug - Commando 2 "Metal Slug - The Cannion Shooter" = Metal Slug - The Cannion Shooter "Metal Slug - Zombies" = Metal Slug - Zombies "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Security Client" = Microsoft Security Essentials "MTA:SA" = MTA:SA v1.0.5 "MTA:SA 1.1" = MTA:SA v1.1 "MTA:SA 1.2" = MTA:SA v1.2.0-full-03585-0-000 "MTA:SA 1.3" = MTA:SA v1.3 "NetDevil_LEGO_Universe_is1" = LEGO Universe "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "PhotoScape" = PhotoScape "PowerISO" = PowerISO "PROSetDX" = Intel(R) Network Connections 13.5.32.0 "PunkBusterSvc" = PunkBuster Services "Roozz plugin_is1" = Roozz plugin 2.8.19 "SpankWire Video Downloader_is1" = SpankWire Video Downloader 3.12 "Splinter Cell - Conviction_is1" = Splinter Cell - Conviction "Star Wars: The Force Unleashed_is1" = Star Wars: The Force Unleashed "Steam App 1002" = Rag Doll Kung Fu "Steam App 105430" = Age of Empires Online "Steam App 11230" = Gumboy Tournament "Steam App 12210" = Grand Theft Auto IV "Steam App 12220" = Grand Theft Auto: Episodes from Liberty City "Steam App 17570" = Pirates, Vikings, & Knights II "Steam App 17710" = Nuclear Dawn "Steam App 206210" = Gotham City Impostors: Free To Play "Steam App 209870" = Blacklight: Retribution "Steam App 33910" = ARMA 2 "Steam App 33930" = ARMA 2: Operation Arrowhead "Steam App 35450" = Red Orchestra 2: Heroes of Stalingrad "Steam App 4000" = Garry's Mod "Steam App 550" = Left 4 Dead 2 "Steam App 564" = Left 4 Dead 2 Add-on Support "Steam App 730" = Counter-Strike: Global Offensive "Steam App 96300" = Ravaged "Super Mario Metal Slug" = Super Mario Metal Slug "Syncrosoft's License Control" = Syncrosofts Lizenz Kontrolle "SystemRequirementsLab" = System Requirements Lab "TeamSpeak 3 Client" = TeamSpeak 3 Client "Vid-Saver" = Vid-Saver "Vindictus EU" = Vindictus EU "VLC media player" = VLC media player 2.0.4 "Warrock EU" = WarRock "Windows Media Encoder 9" = Windows Media Encoder 9-Reihe "WinGimp-2.0_is1" = GIMP 2.6.10 "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.11 (32-Bit) "WolfTeam-DE" = WolfTeam-DE "X10Hardware" = X10 Hardware(TM) "Xilisoft YouTube Video Converter" = Xilisoft YouTube Video Converter ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1260702108-229838344-945700951-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for flo "Akamai" = Akamai NetSession Interface "d8be6c3f847d7d92" = Ghost Recon Online "DDOde" = Dungeons and Dragons Online "Google Chrome" = Google Chrome "HappyCloud" = Happy Cloud Client "SOE-Magic The Gathering Tactics" = Magic The Gathering Tactics "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 31.05.2013 10:08:06 | Computer Name = flo-PC | Source = Application Hang | ID = 1002 Description = Programm aeriaignite.exe, Version 1.12.2553.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: b2c Anfangszeit: 01ce5e07cc7ac6ef Zeitpunkt der Beendigung: 97 Error - 01.06.2013 12:36:12 | Computer Name = flo-PC | Source = BstHdAndroidSvc | ID = 0 Description = Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 01.06.2013 19:32:44 | Computer Name = flo-PC | Source = BstHdAndroidSvc | ID = 0 Description = Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 01.06.2013 20:25:32 | Computer Name = flo-PC | Source = BstHdAndroidSvc | ID = 0 Description = Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 01.06.2013 20:33:28 | Computer Name = flo-PC | Source = BstHdAndroidSvc | ID = 0 Description = Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 02.06.2013 08:56:33 | Computer Name = flo-PC | Source = BstHdAndroidSvc | ID = 0 Description = Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 02.06.2013 09:35:28 | Computer Name = flo-PC | Source = Application Hang | ID = 1002 Description = Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: ca4 Anfangszeit: 01ce5f909e5a7ee6 Zeitpunkt der Beendigung: 19 Error - 02.06.2013 10:29:44 | Computer Name = flo-PC | Source = Google Update | ID = 20 Description = Error - 02.06.2013 10:32:31 | Computer Name = flo-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung DeadIslandGame.exe, Version 1.0.0.0, Zeitstempel 0x4e64e946, fehlerhaftes Modul MSVCR90.dll, Version 9.0.30729.6161, Zeitstempel 0x4dace5b9, Ausnahmecode 0xc0000005, Fehleroffset 0x0003af60, Prozess-ID 0x122c, Anwendungsstartzeit 01ce5f9dfc02b5a6. Error - 02.06.2013 12:03:14 | Computer Name = flo-PC | Source = EventSystem | ID = 4609 Description = [ System Events ] Error - 02.06.2013 12:03:02 | Computer Name = flo-PC | Source = DCOM | ID = 10005 Description = Error - 02.06.2013 12:03:14 | Computer Name = flo-PC | Source = DCOM | ID = 10005 Description = Error - 02.06.2013 12:03:19 | Computer Name = flo-PC | Source = DCOM | ID = 10005 Description = Error - 02.06.2013 12:03:19 | Computer Name = flo-PC | Source = DCOM | ID = 10005 Description = Error - 02.06.2013 12:03:58 | Computer Name = flo-PC | Source = DCOM | ID = 10005 Description = Error - 02.06.2013 12:03:58 | Computer Name = flo-PC | Source = Microsoft Antimalware | ID = 2001 Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.151.1435.0 Aktualisierungsquelle: %%859 Aktualisierungsphase: %%852 Quellpfad: Default URL Signaturtyp: %%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.9506.0 Fehlercode: 0x8007043c Fehlerbeschreibung: Der Dienst kann nicht im abgesicherten Modus gestartet werden. Error - 02.06.2013 12:04:17 | Computer Name = flo-PC | Source = Service Control Manager | ID = 7001 Description = Error - 02.06.2013 12:04:17 | Computer Name = flo-PC | Source = Service Control Manager | ID = 7026 Description = Error - 02.06.2013 12:04:40 | Computer Name = flo-PC | Source = Microsoft Antimalware | ID = 2001 Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.151.1435.0 Aktualisierungsquelle: %%859 Aktualisierungsphase: %%852 Quellpfad: Default URL Signaturtyp: %%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.9506.0 Fehlercode: 0x8007043c Fehlerbeschreibung: Der Dienst kann nicht im abgesicherten Modus gestartet werden. Error - 02.06.2013 12:20:43 | Computer Name = flo-PC | Source = DCOM | ID = 10005 Description = < End of report > Ich glaube es könnte der GVU Trojaner sein, bin mir aber nicht sicher. schonmal Danke für die Hilfe. Achja und zudem fährt mein Pc langsamer hoch als sonst. |
11.06.2013, 09:44 | #3 |
/// Helfer-Team | Trojaner (keine Internetverbindung)leider hast du dein Thema vergraben. besteht das Problem immer noch?
__________________ |
15.09.2013, 11:34 | #4 |
/// Helfer-Team | Trojaner (keine Internetverbindung) Fehlende Rückmeldung Gibt es Probleme beim Abarbeiten obiger Anleitung? Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen. Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema. http://www.trojaner-board.de/69886-a...-beachten.html Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist. |
Themen zu Trojaner (keine Internetverbindung) |
abgestürzt, adblock, ander, bandoo, besser, bluestacks, entfernt, erkannt, essen, funktionier, funktionieren, gestern, interne, internet, internetverbindung, keine internetverbindung, konnte, microsoft, nicht möglich, plug-in, poweriso, quarantäne, recycle.bin, scan, security, troja, trojaner, update, updaten, verbindung, virus, woche, wochen, würde |