|
Plagegeister aller Art und deren Bekämpfung: Firefox öffnet sich und schließt wiederWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
26.06.2010, 21:40 | #1 | |
| Firefox öffnet sich und schließt wieder Hey Leute ich habe folgendes Problem Ich hatte heute Nachmittag mal wieder eine Virenwarnung von meinem immer upgedateten AntiVir 2010. Wie immer dachte ich es ist wiedermal eine Fehlermeldung. Zitat:
Ich hätte jetzt mal folgende bitte könntet ihr einen dieser Log's von HiJackThis oder einem von euch empfohlen DUrchlauf mal durchgucken da ich jetzt schon soviele Viren Meldungen hatte und ich meinem AntiVir nicht ganz traue schließlich steht hier ja auch noch ein Computer meines Vater über dem Firmen Banking betrieben wird. Wäre nett wenn ihr mir mal mit meinen Problemen helfen könnte. Wäre mir sehr geholfen. Danke //Edit: Der Internet Explorer geht auch nicht! Virus: TR/PCK.Katusha.N.836 System: Intel Core 2 Quad Q8200@2.33Ghz 4gb ddr3 Arbeitspeicher Windows Vista 64bit Home Premium SP1 Geändert von Compact (26.06.2010 um 22:13 Uhr) |
27.06.2010, 10:20 | #2 |
/// Selecta Jahrusso | Firefox öffnet sich und schließt wiederEine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist. Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. Schritt 1 CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs %SYSTEMDRIVE%\*.* %systemroot%\*. /mp /s CREATERESTOREPOINT %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\drivers\*.sys /90 %systemroot%\system32\user32.dll /md5 %systemroot%\system32\ws2_32.dll /md5 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList|helpassistant /rs
Bitte poste in Deiner nächsten Antwort OTL.txt Extras.txt
__________________ |
27.06.2010, 13:01 | #3 |
| Firefox öffnet sich und schließt wieder Mein Antivir hat nach dem Start eine neue Meldung gegeben und zwar Meinte es:
__________________Beginne mit der Suche in 'C:\Users\Kevin\AppData\Local\Temp\sshnas21.dll' C:\Users\Kevin\AppData\Local\Temp\sshnas21.dll [FUND] Ist das Trojanische Pferd TR/Agent.219648 Gleichzeitig gab Vista die Meldung sshnas21.dll konnte nicht gestartet werden Zugriff verweigert! Ich habe die Datei in die Quarantäne getan nicht das es eine Wichtige Vista Datei ist ... [QUOTE]OTL.txt: OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.06.2010 13:12:03 - Run 1 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\Kevin\Documents\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): c:\pagefile.sys 12000 12000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581,64 Gb Total Space | 271,42 Gb Free Space | 46,66% Space Free | Partition Type: NTFS Drive D: | 14,53 Gb Total Space | 2,06 Gb Free Space | 14,21% Space Free | Partition Type: NTFS Drive E: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KEVIN1 Current User Name: Kevin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010.06.27 13:09:16 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Documents\Downloads\OTL.exe PRC - [2010.06.27 12:17:53 | 000,218,808 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2010.06.10 14:22:47 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010.05.21 13:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe PRC - [2010.04.19 11:47:57 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010.04.03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2009.08.05 12:17:12 | 000,204,800 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe PRC - [2009.05.12 15:43:36 | 002,181,672 | ---- | M] (Gainward Co.) -- C:\Program Files (x86)\NvidiaGrafikExpert\TBPANEL.exe PRC - [2009.03.20 02:03:00 | 001,904,640 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe PRC - [2009.03.20 02:03:00 | 000,368,640 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanNetService.exe PRC - [2008.11.20 10:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe ========== Modules (SafeList) ========== MOD - [2010.06.27 13:09:16 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Documents\Downloads\OTL.exe MOD - [2008.01.21 04:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2008.01.21 04:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009.12.09 14:38:38 | 000,036,168 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2009.10.22 20:08:42 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2008.07.29 14:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90) SRV:64bit: - [2008.01.21 04:50:24 | 000,027,648 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (ezSharedSvc) SRV - [2010.06.27 12:17:53 | 000,218,808 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB) SRV - [2010.06.18 07:27:59 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.06.10 14:22:47 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010.05.21 13:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2010.04.19 11:47:57 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.04.03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.01.26 08:11:18 | 000,607,048 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2009.12.09 14:44:18 | 001,394,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2009.12.09 14:38:30 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2009.10.22 20:08:34 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009.03.20 02:03:00 | 000,368,640 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service) SRV - [2009.01.04 12:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc) SRV - [2008.12.09 04:51:08 | 000,242,424 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2006.11.02 15:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) SRV - [2006.11.02 08:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds) SRV - [2006.11.02 08:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010.04.23 07:16:24 | 000,294,232 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Treiber\vmm.sys -- (vmm) DRV:64bit: - [2010.03.02 13:35:01 | 000,116,568 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb) DRV:64bit: - [2010.02.16 14:24:00 | 000,081,072 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010.02.03 15:56:56 | 000,033,856 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi) DRV:64bit: - [2009.11.22 00:16:10 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd) DRV:64bit: - [2009.11.09 19:12:42 | 000,035,112 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\teamviewervpn.sys -- (teamviewervpn) DRV:64bit: - [2009.06.29 19:00:50 | 000,132,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2009.06.29 19:00:50 | 000,116,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ewusbfake.sys -- (hwusbfake) DRV:64bit: - [2009.04.24 18:54:06 | 000,079,392 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2009.04.09 14:38:24 | 000,116,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2009.03.20 02:03:00 | 000,460,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fwlanusb.sys -- (FWLANUSB) DRV:64bit: - [2009.03.20 02:03:00 | 000,014,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject) DRV:64bit: - [2009.01.20 16:49:48 | 000,195,584 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs) DRV:64bit: - [2008.03.13 09:46:00 | 000,027,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ManyCam_x64.sys -- (ManyCam) DRV:64bit: - [2008.01.21 04:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:64bit: - [2007.01.29 06:20:34 | 000,079,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VMNetSrv.sys -- (VPCNetS2) DRV - [2009.10.14 08:24:44 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\adfs.sys -- (adfs) DRV - [2006.12.04 11:09:04 | 000,084,480 | ---- | M] (Arc <arc.sourceforge.net>) [Kernel | Disabled | Stopped] -- C:\Program Files (x86)\Universal Extractor\bin\arc.exe -- (arc) DRV - [2006.09.18 23:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) DRV - [2006.09.18 23:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1 FF - prefs.js..network.proxy.ftp: "localhost" FF - prefs.js..network.proxy.ftp_port: 4001 FF - prefs.js..network.proxy.http: "localhost" FF - prefs.js..network.proxy.http_port: 4001 FF - prefs.js..network.proxy.ssl: "localhost" FF - prefs.js..network.proxy.ssl_port: 4001 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.06.23 16:01:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.06.23 16:01:03 | 000,000,000 | ---D | M] [2009.09.18 20:47:59 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions [2010.06.27 09:53:42 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\8vptrv82.default\extensions [2010.06.24 15:34:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\8vptrv82.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.05 19:54:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\8vptrv82.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.03.07 12:16:45 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\8vptrv82.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.06.05 20:15:57 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\8vptrv82.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} [2010.04.08 13:55:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2006.08.09 12:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npWebLaunch.dll [2010.06.23 16:01:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.06.23 16:01:00 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010.06.23 16:01:01 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.06.23 16:01:01 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.06.23 16:01:01 | 000,000,801 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [EPSON Stylus DX4400 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_IATICAE.EXE File not found O4 - HKCU..\Run: [GAINWARD] C:\Program Files (x86)\NvidiaGrafikExpert\TBPANEL.exe (Gainward Co.) O4 - HKCU..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe File not found O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: winped = C:\Windows\system32\1037\winped.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: winped = C:\Windows\system32\1037\winped.exe File not found O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Kevin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Kevin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.02.10 03:55:59 | 000,423,304 | R--- | M] (Electronic Arts) - E:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2010.02.10 08:21:09 | 000,000,000 | ---D | M] - E:\Autorun -- [ CDFS ] O32 - AutoRun File - [2010.01.31 10:21:13 | 000,367,686 | R--- | M] () - E:\Autorun.ico -- [ CDFS ] O32 - AutoRun File - [2010.02.10 04:55:03 | 009,965,568 | R--- | M] () - E:\autorun.dat -- [ CDFS ] O32 - AutoRun File - [2010.02.10 04:54:55 | 000,000,155 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{39d8be9e-a40f-11de-ad90-00248cf924d3}\Shell\AutoRun\command - "" = G:\menu.exe -- File not found O33 - MountPoints2\{5bb379ea-a3c3-11de-a78d-00248cf924d3}\Shell - "" = AutoRun O33 - MountPoints2\{5bb379ea-a3c3-11de-a78d-00248cf924d3}\Shell\AutoRun\command - "" = H:\pushinst.exe -- File not found O33 - MountPoints2\{b2a621a9-d6eb-11de-ad8b-00040eff3ae8}\Shell - "" = AutoRun O33 - MountPoints2\{b2a621a9-d6eb-11de-ad8b-00040eff3ae8}\Shell\AutoRun\command - "" = G:\Setup.exe -- File not found O33 - MountPoints2\{bfe96277-ddc0-11de-8517-00248cf924d3}\Shell - "" = AutoRun O33 - MountPoints2\{bfe96277-ddc0-11de-8517-00248cf924d3}\Shell\AutoRun\command - "" = I:\pushinst.exe -- File not found O33 - MountPoints2\{c2cfd353-5304-11de-aef2-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{c2cfd353-5304-11de-aef2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.02.10 03:55:59 | 000,423,304 | R--- | M] (Electronic Arts) O33 - MountPoints2\{c5d99720-21d8-11df-8bb2-00248cf924d3}\Shell - "" = AutoRun O33 - MountPoints2\{c5d99720-21d8-11df-8bb2-00248cf924d3}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{fb370652-2144-11df-9e81-00248cf924d3}\Shell - "" = AutoRun O33 - MountPoints2\{fb370652-2144-11df-9e81-00248cf924d3}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{fb37065b-2144-11df-9e81-00248cf924d3}\Shell - "" = AutoRun O33 - MountPoints2\{fb37065b-2144-11df-9e81-00248cf924d3}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll () NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008.01.21 05:08:35 | 000,000,000 | ---D | M] NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 90 Days ========== [2010.06.24 23:54:12 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Desktop\Speicherkarte Kamera [2010.06.24 20:31:05 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Desktop\dslan_v1.3 [2010.06.24 17:19:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent [2010.06.24 15:35:58 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\WindowsApplication1 [2010.06.24 12:23:04 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Desktop\Stämme Planer [2010.06.16 18:50:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid [2010.06.16 18:50:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FDRLab [2010.06.15 13:54:57 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll [2010.06.15 13:54:57 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll [2010.06.15 13:54:54 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll [2010.06.15 13:54:54 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll [2010.06.15 13:54:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5 [2010.06.15 13:54:42 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll [2010.06.12 23:05:49 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Desktop\gamewallpaper [2010.06.11 21:32:27 | 000,000,000 | ---D | C] -- C:\Programme\eFusion [2010.06.11 15:42:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2010.06.11 15:42:06 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation [2010.06.11 15:40:06 | 000,056,424 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2010.06.11 15:39:52 | 000,000,000 | ---D | C] -- C:\NVIDIA [2010.06.10 14:24:39 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Documents\BFBC2 [2010.06.09 15:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2010.06.09 14:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2010.06.09 14:02:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2010.06.05 21:03:57 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Mael [2010.06.05 20:32:44 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Desktop\source [2010.06.05 19:54:29 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\DVDVideoSoftIEHelpers [2010.06.04 13:27:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LuaEdit [2010.06.04 12:11:06 | 000,000,000 | ---D | C] -- C:\HammerAutosave [2010.06.03 19:51:22 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\EPSON [2010.05.31 14:19:29 | 000,000,000 | ---D | C] -- C:\Programme\Defraggler [2010.05.31 14:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner [2010.05.19 17:45:57 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\SysWow64\D3DX81ab.dll [2010.05.19 17:45:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine [2010.05.11 16:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UltraISO [2010.05.07 14:16:51 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Apple Computer [2010.05.05 15:02:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Metin2 [2010.05.03 15:33:17 | 000,000,000 | ---D | C] -- C:\Windows\1C4551A64743409391E41477CD655043.TMP [2010.04.29 08:23:12 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Documents\Fiddler2 [2010.04.21 17:26:36 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Documents\Navicat [2010.04.21 16:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PremiumSoft [2010.04.21 14:09:15 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Documents\Eigene virtuelle Computer [2010.04.21 13:58:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Treiber [2010.04.21 13:58:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Virtual PC [2010.04.20 21:44:20 | 000,000,000 | ---D | C] -- C:\Metin2server [2010.04.20 21:44:03 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Neuer Ordner [2010.04.11 17:54:18 | 000,000,000 | ---D | C] -- C:\Programme\cFosSpeed [2010.04.09 13:41:56 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Sony [2010.04.09 13:41:56 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Sony [2010.04.09 13:32:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony [2010.04.08 13:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.04.08 13:55:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010.04.05 12:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone [2010.04.04 22:04:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2010.04.04 22:04:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2010.04.02 15:18:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Universal Extractor [2010.04.01 16:45:53 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Desktop\Fraps [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Kevin\AppData\Local\*.tmp files -> C:\Users\Kevin\AppData\Local\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2010.06.27 13:11:59 | 007,602,176 | -HS- | M] () -- C:\Users\Kevin\NTUSER.DAT [2010.06.27 12:51:02 | 000,000,286 | -H-- | M] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2010.06.27 12:24:02 | 000,000,286 | -H-- | M] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [2010.06.27 12:17:53 | 000,218,808 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2010.06.27 12:17:53 | 000,218,808 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.06.27 11:52:14 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.06.27 11:52:14 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.06.27 09:57:23 | 001,418,806 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.06.27 09:57:23 | 000,619,880 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.06.27 09:57:23 | 000,587,654 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.06.27 09:57:23 | 000,123,352 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.06.27 09:57:23 | 000,101,726 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.06.27 09:52:46 | 000,034,901 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.06.27 09:52:45 | 000,034,901 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.06.27 09:52:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.06.27 09:52:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.06.27 00:14:38 | 000,524,288 | -HS- | M] () -- C:\Users\Kevin\NTUSER.DAT{aa84a174-4bc4-11df-916f-00248cf924d3}.TMContainer00000000000000000001.regtrans-ms [2010.06.27 00:14:38 | 000,065,536 | -HS- | M] () -- C:\Users\Kevin\NTUSER.DAT{aa84a174-4bc4-11df-916f-00248cf924d3}.TM.blf [2010.06.27 00:14:34 | 003,680,893 | -H-- | M] () -- C:\Users\Kevin\AppData\Local\IconCache.db [2010.06.26 16:38:47 | 000,094,720 | ---- | M] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.16 18:50:37 | 000,000,831 | ---- | M] () -- C:\Users\Kevin\Desktop\save2pc.lnk [2010.06.14 21:00:08 | 000,304,082 | ---- | M] () -- C:\aimbot_injekt.exe [2010.06.11 13:42:12 | 002,979,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.06.10 14:22:47 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2010.06.10 14:22:47 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.06.07 22:10:11 | 000,000,696 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\wklnhst.dat [2010.05.28 07:34:27 | 000,001,213 | ---- | M] () -- C:\Users\Kevin\Desktop\CrYEnignE.exe.lnk [2010.05.26 18:53:52 | 000,048,128 | ---- | M] () -- C:\Windows\SysNative\atmlib.dll [2010.05.26 16:56:53 | 000,366,080 | ---- | M] () -- C:\Windows\SysNative\atmfd.dll [2010.05.21 07:13:42 | 000,097,984 | ---- | M] () -- C:\Users\Kevin\AppData\Local\GDIPFONTCACHEV1.DAT [2010.05.20 14:44:07 | 000,073,728 | ---- | M] () -- C:\Users\Kevin\Desktop\keygen.exe [2010.05.17 16:13:02 | 000,243,703 | ---- | M] () -- C:\Users\Kevin\Desktop\Unbenannt.jpg [2010.05.04 21:16:22 | 000,208,896 | ---- | M] () -- C:\Windows\SysNative\occache.dll [2010.05.04 21:14:31 | 000,758,784 | ---- | M] () -- C:\Windows\SysNative\mshtmled.dll [2010.05.04 21:14:22 | 000,580,608 | ---- | M] () -- C:\Windows\SysNative\msfeeds.dll [2010.05.04 21:12:27 | 000,375,296 | ---- | M] () -- C:\Windows\SysNative\iertutil.dll [2010.05.04 21:12:27 | 000,249,856 | ---- | M] () -- C:\Windows\SysNative\iepeers.dll [2010.05.04 21:12:17 | 000,086,528 | ---- | M] () -- C:\Windows\SysNative\ieencode.dll [2010.05.04 21:12:16 | 000,422,400 | ---- | M] () -- C:\Windows\SysNative\ieapfltr.dll [2010.05.04 21:12:16 | 000,267,776 | ---- | M] () -- C:\Windows\SysNative\ieaksie.dll [2010.05.04 19:53:47 | 000,485,376 | ---- | M] () -- C:\Windows\SysNative\html.iec [2010.05.04 19:27:37 | 000,032,768 | ---- | M] () -- C:\Windows\SysNative\ieUnatt.exe [2010.04.28 15:28:57 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2010.04.19 22:13:14 | 000,524,288 | -HS- | M] () -- C:\Users\Kevin\NTUSER.DAT{aa84a174-4bc4-11df-916f-00248cf924d3}.TMContainer00000000000000000002.regtrans-ms [2010.04.19 12:20:31 | 000,524,288 | -HS- | M] () -- C:\Users\Kevin\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms [2010.04.19 12:20:31 | 000,065,536 | -HS- | M] () -- C:\Users\Kevin\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf [2010.04.17 20:57:26 | 000,002,640 | ---- | M] () -- C:\Users\Kevin\Documents\Vegas Pro registrieren.htm [2010.04.16 18:40:20 | 001,570,816 | ---- | M] () -- C:\Windows\SysNative\quartz.dll [2010.04.16 18:35:56 | 000,032,256 | ---- | M] () -- C:\Windows\SysNative\Apphlpdm.dll [2010.04.16 16:50:22 | 004,240,384 | ---- | M] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll [2010.04.14 20:35:26 | 000,375,808 | ---- | M] () -- C:\Windows\SysNative\psisdecd.dll [2010.04.14 20:35:24 | 000,289,792 | ---- | M] () -- C:\Windows\SysNative\psisrndr.ax [2010.04.14 20:35:23 | 000,558,592 | ---- | M] () -- C:\Windows\SysNative\EncDec.dll [2010.04.14 20:33:49 | 000,101,376 | ---- | M] () -- C:\Windows\SysNative\MSNP.ax [2010.04.14 20:33:13 | 000,227,328 | ---- | M] () -- C:\Windows\SysNative\mpg2splt.ax [2010.04.06 00:32:34 | 000,000,975 | ---- | M] () -- C:\Users\Kevin\SciTE.session [2010.04.06 00:30:16 | 000,231,460 | ---- | M] () -- C:\Users\Kevin\Documents\AutoItImage2.jpg [2010.04.06 00:30:15 | 000,231,460 | ---- | M] () -- C:\Users\Kevin\Documents\AutoItImage.jpg [2010.04.05 23:59:49 | 006,220,854 | ---- | M] () -- C:\Users\Kevin\Documents\AutoItImage2.bmp [2010.04.05 23:59:49 | 006,220,854 | ---- | M] () -- C:\Users\Kevin\Documents\AutoItImage.bmp [2010.04.04 00:55:31 | 021,005,928 | ---- | M] () -- C:\Windows\SysNative\nvoglv64.dll [2010.04.04 00:55:31 | 016,061,032 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll [2010.04.04 00:55:31 | 011,906,664 | ---- | M] () -- C:\Windows\SysNative\nvd3dumx.dll [2010.04.04 00:55:31 | 006,279,784 | ---- | M] () -- C:\Windows\SysNative\nvwgf2umx.dll [2010.04.04 00:55:31 | 005,444,200 | ---- | M] () -- C:\Windows\SysNative\nvcuda.dll [2010.04.04 00:55:31 | 002,893,416 | ---- | M] () -- C:\Windows\SysNative\nvcuvenc.dll [2010.04.04 00:55:31 | 002,106,472 | ---- | M] () -- C:\Windows\SysNative\nvcuvid.dll [2010.04.04 00:55:31 | 001,592,936 | ---- | M] () -- C:\Windows\SysNative\nvapi64.dll [2010.04.04 00:55:31 | 000,658,536 | ---- | M] () -- C:\Windows\SysNative\nvudisp.exe [2010.04.04 00:55:31 | 000,254,056 | ---- | M] () -- C:\Windows\SysNative\nvcod1914.dll [2010.04.04 00:55:31 | 000,254,056 | ---- | M] () -- C:\Windows\SysNative\nvcod.dll [2010.04.04 00:55:31 | 000,064,616 | ---- | M] () -- C:\Windows\SysNative\OpenCL.dll [2010.04.04 00:55:31 | 000,056,424 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2010.04.04 00:55:31 | 000,011,240 | ---- | M] () -- C:\Windows\SysNative\drivers\nvBridge.kmd [2010.04.04 00:55:31 | 000,009,832 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2010.04.03 18:42:00 | 014,828,648 | ---- | M] () -- C:\Windows\SysNative\nvcpl.dll [2010.04.03 18:42:00 | 001,515,624 | ---- | M] () -- C:\Windows\SysNative\nvsvcr.dll [2010.04.03 18:42:00 | 001,067,624 | ---- | M] () -- C:\Windows\SysNative\nvsvc64.dll [2010.04.03 18:42:00 | 000,116,328 | ---- | M] () -- C:\Windows\SysNative\nvmctray.dll [2010.04.03 18:41:38 | 000,276,196 | ---- | M] () -- C:\Windows\SysNative\NvApps.xml [2010.04.03 18:41:38 | 000,066,714 | ---- | M] () -- C:\Windows\SysNative\NvwsApps.xml [2010.04.02 17:17:34 | 000,179,091 | ---- | M] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.04.02 16:54:44 | 000,658,536 | ---- | M] () -- C:\Windows\SysNative\nvuninst.exe [2010.04.01 16:45:53 | 000,000,569 | ---- | M] () -- C:\Users\Kevin\Desktop\Fraps.lnk [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Kevin\AppData\Local\*.tmp files -> C:\Users\Kevin\AppData\Local\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.06.24 17:29:09 | 000,000,286 | -H-- | C] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [2010.06.24 17:29:07 | 000,000,286 | -H-- | C] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2010.06.24 10:44:23 | 000,227,328 | ---- | C] () -- C:\Windows\SysNative\mpg2splt.ax [2010.06.24 10:44:23 | 000,101,376 | ---- | C] () -- C:\Windows\SysNative\MSNP.ax [2010.06.24 10:44:20 | 000,375,808 | ---- | C] () -- C:\Windows\SysNative\psisdecd.dll [2010.06.24 10:44:19 | 000,558,592 | ---- | C] () -- C:\Windows\SysNative\EncDec.dll [2010.06.24 10:44:19 | 000,289,792 | ---- | C] () -- C:\Windows\SysNative\psisrndr.ax [2010.06.24 10:43:44 | 001,942,856 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll [2010.06.24 10:43:44 | 000,444,752 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll [2010.06.24 10:43:44 | 000,320,352 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe [2010.06.24 10:43:44 | 000,109,912 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll [2010.06.24 10:43:44 | 000,048,960 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll [2010.06.23 11:10:40 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll [2010.06.23 11:10:39 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll [2010.06.16 18:50:38 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010.06.16 18:50:38 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010.06.16 18:50:38 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax [2010.06.16 18:50:37 | 000,000,831 | ---- | C] () -- C:\Users\Kevin\Desktop\save2pc.lnk [2010.06.15 13:54:54 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010.06.14 20:59:54 | 000,304,082 | ---- | C] () -- C:\aimbot_injekt.exe [2010.06.11 15:40:06 | 013,807,976 | ---- | C] () -- C:\Windows\SysNative\drivers\nvlddmkm.sys [2010.06.11 15:40:06 | 006,279,784 | ---- | C] () -- C:\Windows\SysNative\nvwgf2umx.dll [2010.06.11 15:40:06 | 000,064,616 | ---- | C] () -- C:\Windows\SysNative\OpenCL.dll [2010.06.11 15:40:06 | 000,011,240 | ---- | C] () -- C:\Windows\SysNative\drivers\nvBridge.kmd [2010.06.11 15:40:06 | 000,009,832 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2010.06.11 15:40:03 | 021,005,928 | ---- | C] () -- C:\Windows\SysNative\nvoglv64.dll [2010.06.11 15:40:01 | 002,893,416 | ---- | C] () -- C:\Windows\SysNative\nvcuvenc.dll [2010.06.11 15:40:01 | 002,106,472 | ---- | C] () -- C:\Windows\SysNative\nvcuvid.dll [2010.06.11 15:39:59 | 016,061,032 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll [2010.06.11 15:39:59 | 005,444,200 | ---- | C] () -- C:\Windows\SysNative\nvcuda.dll [2010.06.11 15:39:59 | 000,254,056 | ---- | C] () -- C:\Windows\SysNative\nvcod1914.dll [2010.06.11 15:39:59 | 000,254,056 | ---- | C] () -- C:\Windows\SysNative\nvcod.dll [2010.06.10 07:58:51 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll [2010.06.10 07:58:50 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll [2010.06.10 07:48:28 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll [2010.06.10 07:47:26 | 002,750,976 | ---- | C] () -- C:\Windows\SysNative\win32k.sys [2010.06.10 07:47:22 | 005,690,368 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll [2010.06.10 07:47:21 | 007,006,208 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll [2010.06.10 07:47:20 | 001,426,944 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll [2010.06.10 07:47:20 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll [2010.06.10 07:47:19 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll [2010.06.10 07:47:18 | 000,758,784 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll [2010.06.10 07:47:18 | 000,580,608 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll [2010.06.10 07:47:18 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll [2010.06.10 07:47:18 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll [2010.06.10 07:47:18 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll [2010.06.10 07:47:18 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll [2010.06.10 07:47:17 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb [2010.06.10 07:47:17 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll [2010.06.10 07:47:17 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec [2010.06.10 07:47:17 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll [2010.06.10 07:47:17 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll [2010.06.10 07:47:17 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe [2010.06.10 07:47:17 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll [2010.06.10 07:45:27 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll [2010.05.28 07:33:49 | 000,001,213 | ---- | C] () -- C:\Users\Kevin\Desktop\CrYEnignE.exe.lnk [2010.05.26 07:43:21 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll [2010.05.20 14:44:07 | 000,073,728 | ---- | C] () -- C:\Users\Kevin\Desktop\keygen.exe [2010.05.19 17:45:58 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll [2010.05.17 16:13:02 | 000,243,703 | ---- | C] () -- C:\Users\Kevin\Desktop\Unbenannt.jpg [2010.05.12 07:43:53 | 000,974,848 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll [2010.04.21 16:57:37 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll [2010.04.19 17:27:25 | 000,524,288 | -HS- | C] () -- C:\Users\Kevin\NTUSER.DAT{aa84a174-4bc4-11df-916f-00248cf924d3}.TMContainer00000000000000000002.regtrans-ms [2010.04.19 17:27:25 | 000,524,288 | -HS- | C] () -- C:\Users\Kevin\NTUSER.DAT{aa84a174-4bc4-11df-916f-00248cf924d3}.TMContainer00000000000000000001.regtrans-ms [2010.04.19 17:27:25 | 000,065,536 | -HS- | C] () -- C:\Users\Kevin\NTUSER.DAT{aa84a174-4bc4-11df-916f-00248cf924d3}.TM.blf [2010.04.17 20:54:21 | 000,002,640 | ---- | C] () -- C:\Users\Kevin\Documents\Vegas Pro registrieren.htm [2010.04.15 07:23:58 | 001,420,688 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys [2010.04.15 07:23:57 | 000,224,256 | ---- | C] () -- C:\Windows\SysNative\iphlpsvc.dll [2010.04.15 07:23:57 | 000,029,696 | ---- | C] () -- C:\Windows\SysNative\drivers\tunnel.sys [2010.04.15 07:23:49 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys [2010.04.15 07:23:49 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys [2010.04.15 07:23:49 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys [2010.04.15 07:23:46 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe [2010.04.15 07:23:17 | 000,603,648 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll [2010.04.15 07:23:11 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm [2010.04.14 08:08:55 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll [2010.04.14 08:08:53 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll [2010.04.09 13:26:11 | 000,437,676 | ---- | C] () -- C:\Users\Kevin\AppData\Local\dd_vcredistMSI094F.txt [2010.04.09 13:26:10 | 000,011,678 | ---- | C] () -- C:\Users\Kevin\AppData\Local\dd_vcredistUI094F.txt [2010.04.05 23:56:10 | 006,220,854 | ---- | C] () -- C:\Users\Kevin\Documents\AutoItImage2.bmp [2010.04.05 23:56:10 | 006,220,854 | ---- | C] () -- C:\Users\Kevin\Documents\AutoItImage.bmp [2010.04.04 22:04:08 | 000,000,834 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2010.04.03 18:42:00 | 014,828,648 | ---- | C] () -- C:\Windows\SysNative\nvcpl.dll [2010.04.03 18:42:00 | 001,515,624 | ---- | C] () -- C:\Windows\SysNative\nvsvcr.dll [2010.04.03 18:42:00 | 001,067,624 | ---- | C] () -- C:\Windows\SysNative\nvsvc64.dll [2010.04.03 18:42:00 | 000,159,336 | ---- | C] () -- C:\Windows\SysNative\nvvsvc.exe [2010.04.03 18:42:00 | 000,116,328 | ---- | C] () -- C:\Windows\SysNative\nvmctray.dll [2010.04.03 18:41:38 | 000,276,196 | ---- | C] () -- C:\Windows\SysNative\NvApps.xml [2010.04.03 18:41:38 | 000,066,714 | ---- | C] () -- C:\Windows\SysNative\NvwsApps.xml [2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.04.01 16:45:53 | 000,000,569 | ---- | C] () -- C:\Users\Kevin\Desktop\Fraps.lnk [2010.03.05 02:11:22 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2010.02.28 12:36:04 | 000,676,224 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.dll [2010.02.14 18:56:22 | 000,000,051 | ---- | C] () -- C:\Windows\BRQIKMON.INI [2009.12.30 00:09:07 | 000,000,862 | ---- | C] () -- C:\Windows\SysWow64\SP7302.INI [2009.11.26 20:25:35 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2009.09.19 10:06:00 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2009.09.19 10:01:53 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX4400DEFGIPS.ini [2009.07.03 05:11:18 | 000,007,756 | ---- | C] () -- C:\Windows\cadx2.ini [2009.05.19 06:10:11 | 000,354,816 | ---- | C] () -- C:\Windows\SysWow64\pythoncom26.dll [2009.05.19 06:10:11 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\pywintypes26.dll [2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008.01.21 04:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== LOP Check ========== [2009.11.22 00:27:14 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\DAEMON Tools Pro [2010.06.05 19:54:29 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\DVDVideoSoftIEHelpers [2010.06.03 19:51:22 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\EPSON [2009.10.12 16:01:34 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\FileZilla [2009.11.30 23:06:45 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\GrabIt [2010.06.16 22:18:21 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\ICQ [2010.03.25 14:38:50 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\JonDo [2009.10.24 15:24:58 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Leadertech [2009.11.23 19:20:52 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Locktime [2010.06.05 21:03:58 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Mael [2009.11.26 20:29:16 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\MAGIX [2010.03.01 21:21:21 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\ManyCam [2009.12.18 15:01:09 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\OpenOffice.org [2010.04.09 13:41:56 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Sony [2010.06.01 14:53:35 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\TeamViewer [2009.09.30 18:16:19 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Template [2009.09.24 21:05:35 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\thriXXX [2010.03.05 23:53:12 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\TS3Client [2010.01.26 08:10:35 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\TuneUp Software [2010.06.24 17:21:55 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\uTorrent [2010.02.24 18:46:06 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Vodafone [2010.03.28 13:51:44 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\WildTangent [2010.01.29 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Windows Sidebar Styler [2009.11.11 07:48:46 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\WinSweep [2009.10.06 16:13:58 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\_MDLogs [2010.06.27 09:51:28 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010.06.27 12:51:02 | 000,000,286 | -H-- | M] () -- C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2010.06.27 12:24:02 | 000,000,286 | -H-- | M] () -- C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010.06.14 21:00:08 | 000,304,082 | ---- | M] () -- C:\aimbot_injekt.exe [2008.01.21 04:50:15 | 000,333,203 | RHS- | M] () -- C:\bootmgr [2009.05.19 14:37:42 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2010.05.05 17:08:37 | 010,638,341 | ---- | M] () -- C:\BottingPoint.txt [2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007.11.07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007.11.07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2010.04.19 17:36:05 | 000,009,534 | ---- | M] () -- C:\Fourier.log [2007.11.07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe [2007.11.07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007.11.07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007.11.07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007.11.07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007.11.07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007.11.07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007.11.07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007.11.07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007.11.07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007.11.07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2006.12.01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll [2010.01.10 14:36:11 | 000,921,632 | ---- | M] () -- C:\PA7302.DAT [2010.06.27 09:52:08 | 3992,977,406 | -HS- | M] () -- C:\pagefile.sys [2009.10.08 17:14:42 | 000,000,000 | ---- | M] () -- C:\Steam Gamex Crashed Exploit [2009.05.19 06:41:31 | 000,000,361 | ---- | M] () -- C:\updatedatfix.log [2007.11.07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007.11.07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab [2007.11.07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > < %systemroot%\system32\user32.dll /md5 > [2008.01.21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\SysWOW64\user32.dll < %systemroot%\system32\ws2_32.dll /md5 > [2008.01.21 04:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList|helpassistant /rs > < End of report > Und danke schon mal für deine Bemühungen! |
27.06.2010, 13:05 | #4 |
| Firefox öffnet sich und schließt wieder Hier die Extras.txt OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.06.2010 13:12:03 - Run 1 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\Kevin\Documents\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): c:\pagefile.sys 12000 12000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581,64 Gb Total Space | 271,42 Gb Free Space | 46,66% Space Free | Partition Type: NTFS Drive D: | 14,53 Gb Total Space | 2,06 Gb Free Space | 14,21% Space Free | Partition Type: NTFS Drive E: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KEVIN1 Current User Name: Kevin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" () piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l () scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06629786-AAF1-4FC4-B025-5021499121CC}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{13DB8AFD-E19F-425E-A9A6-1783085F3411}" = rport=139 | protocol=6 | dir=out | app=system | "{1C5547CA-443B-406A-9B94-A3EB4FC68815}" = lport=445 | protocol=6 | dir=in | app=system | "{25864D65-B4E9-4503-8318-ABE96714C06F}" = lport=10243 | protocol=6 | dir=in | app=system | "{2C61B7C3-D0FE-43EA-B535-88229B161433}" = lport=139 | protocol=6 | dir=in | app=system | "{3936DC16-D67E-4434-9170-E547E492DBCA}" = rport=138 | protocol=17 | dir=out | app=system | "{3CE39B04-3586-4615-926F-CB89029E0663}" = lport=137 | protocol=17 | dir=in | app=system | "{3EAE4731-4825-4659-BB05-C1879A53DA0C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{4A48B24E-CD91-4C49-90E8-70CAA8636C27}" = rport=10243 | protocol=6 | dir=out | app=system | "{4F389763-9F28-4299-ABC4-6E8CDC64009E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4FF2791E-3987-4B0A-BA64-0B6816489A99}" = rport=137 | protocol=17 | dir=out | app=system | "{56CAA5CC-6A9F-4144-B599-6E32F5BDC127}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{733497A6-E01A-4818-8DE9-DB264924712D}" = lport=138 | protocol=17 | dir=in | app=system | "{7362D1F8-EBD8-453D-8371-846C2DF85431}" = rport=445 | protocol=6 | dir=out | app=system | "{875C4718-72A7-4E9B-870A-4A539B77F8EF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{878D02AB-06BE-428A-9C95-80D7E0856622}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{8C0EB2D9-A9A4-4FF1-8B16-8386FACA3E57}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{BA0E02AD-1DFA-481B-A3A5-319FD18FD376}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DF4CFFE7-47E8-4270-B18C-87FCFCE0FAE8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{EBDFFE71-5709-4FFE-A1CE-9759792D0121}" = lport=2869 | protocol=6 | dir=in | app=system | "{F135723B-116C-4273-8D57-A1B338A0F1B1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0252E097-4E92-4542-9CAB-C6E54959E2E1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{03F06DA6-9905-4252-8C35-E88037E3C879}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{04357834-1AB0-43DD-A2BD-D7624A70A2CF}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | "{05DE5247-FDA4-4944-B36F-9E80308BE032}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{0940184A-B771-4489-9EA8-ED6C076B0DEC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{115F149D-AC1C-4746-9054-90473B3D6020}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "{1635B41D-2C8A-48C4-952B-1E59445148CA}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2 - beta\bfbc2betaupdater.exe | "{183A7637-1998-4D0D-AAD6-27D6BE7C00A5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1F7E41D8-A802-4652-8393-A145475DB814}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{2712534B-6C1C-41CF-9CA0-585B7B26FA2E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{27702E24-FC99-4DCD-8647-CCEC906B2B25}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{27BFFFB5-A12E-488E-AA82-F4BCA5935EEE}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2 - beta\bfbc2betaupdater.exe | "{2875A85D-7C08-4A53-AEA4-35904FFD152C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{29CA34E4-AAB5-49C4-B220-189452B50AD2}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe | "{2BF4B38B-02CD-4205-834D-94B90BD4063C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\kevinkev123388\counter-strike source\hl2.exe | "{2C4474AD-806A-4122-8DB2-EB101088884A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "{3045AE02-A594-4A8D-AAA6-B83899EC6ECA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{351E11CB-3270-405B-A9BD-84F44FBD6E1B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{37E22CB9-44FF-42BE-AB10-A193C6A1CAC5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{3A14FB92-C3A5-4755-AE86-E980DD84A506}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | "{3CB08CAE-0F9B-4DDF-9BCD-8ADB6C908BCE}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe | "{3D106C2B-6A4D-4D1F-B169-251CDE53CFD6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{45E81BAE-8536-4E83-AD3C-576F712414E8}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe | "{476F739B-7C70-4142-A584-E1AD0B09646C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{49B7CC35-7865-444C-9E97-BBCF4388B3EB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "{4B8798C2-FB28-4A2E-8EAD-820D194C6D0A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5091F4EB-4F39-468E-A36B-FA5C7FBC3262}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{5898B7B4-65FD-4218-98E6-E89EF81BF8E1}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | "{58B8B955-FA53-48E8-8E3B-2208A6B3B45B}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | "{5C18387C-9DFE-491B-815F-D136B118F56A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5C55A341-1263-4C62-BF61-BD99CCB767FA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{5D41FFF2-46C6-4D95-9FAD-39CCE1355717}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe | "{654EF3ED-2B80-4DEC-8614-BD63EC815F7E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{69824E77-9DFD-4678-9C13-E2B4E8DA084B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6B4DF07B-FD06-40B9-A9A0-32420B99D754}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{6B5BB1BA-EFC1-48C7-A390-80E57A606D9F}" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\call of duty - world at war\codwawmp.exe | "{7016E74F-62D0-4394-AF52-202ED7848FCC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{70F27431-6E23-4CC9-AE20-BA4F8729DF12}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version4\teamviewer.exe | "{73E189F4-F62A-499B-A3BB-523AA3196C62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{7674CE7F-2518-4C62-9936-22A0F01E679A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{76FF8951-07E1-45C5-84DE-D1C227981D38}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{774BE62A-C8F4-439D-B629-BF0E62FF956D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{7CBCEF11-C085-462C-AA3C-D32EA5258A55}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe | "{7E04C807-E86C-4784-B8C2-7586A26E84E1}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{7EFF3DFE-66DB-4F14-AAA6-FF8E4A9F22AA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "{7FE45B59-ED6A-4D0C-AB6F-C7430C032494}" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\gta4\rockstar games social club\rgsclauncher.exe | "{84C9F2CA-FC38-4E3C-9B27-118F9CB2EC38}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{8C3700D8-817C-4962-BD6C-3272296BA988}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{96F732A8-7E30-433F-AC75-B704BE1B8B0C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version4\teamviewer.exe | "{98C4B604-92DC-42BA-9090-A6E60027B5E2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9C11F19F-80B7-4E32-9C09-646F0909AB46}" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\call of duty - world at war\codwaw.exe | "{A64C2A01-E327-425C-B352-A392F1B4D284}" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\call of duty - world at war\codwaw.exe | "{A68F9E81-B38F-414F-B635-2B860ABF788E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{A8E542D4-C651-481E-9F32-A1E5BDF15A93}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{AA678312-B19B-42FF-ACA4-1852CD7D8108}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{BB758FEF-1C0B-4891-9E62-34E85434A3E9}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe | "{BBDB4AD3-AEE4-43A2-AD20-2920B72BBB12}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe | "{BFF2BD70-8614-483A-8FDB-A9CE1BD057FA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{C09EFDEC-765E-4984-BD1B-2A7FF9475D87}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{C6AD7B62-4CDC-4040-AD09-47934E9147B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{D262E105-02A8-4211-873A-0A7200B4915B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | "{D3FE670B-3C41-4C71-B6E4-772C59C71B61}" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\call of duty - world at war\codwawmp.exe | "{D836E769-A4CB-4E29-9EE4-7254AFBFB7F6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\kevinkev123388\counter-strike source\hl2.exe | "{DBA9C9F1-E319-4176-B55D-8DEECF802BB1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{DF53B06F-E119-4539-BC28-1B5C1EE2F023}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E4629A4F-9A2C-451E-ACA6-999BC1222BE8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{E62E1A5E-C40C-49C4-969A-1C846B888EC7}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe | "{E7971FD6-2BFB-45F9-AF0A-89EB46A43C21}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{EB539F27-AC0F-4E1F-8DAC-55F4CB634FFC}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | "{ECEDEEEA-1D7E-4B11-80D4-2AB789957192}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{ED39AEBC-248D-46B3-BA8E-3A19E20A3A32}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe | "{EE6A2AAC-A044-4709-AF58-AE21EB5B6AAB}" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\gta4\rockstar games social club\rgsclauncher.exe | "{F0AB9F84-9771-4204-87AD-F5FAFBBD15A4}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{F5C20972-2992-49D7-9E1A-8D79D5A7984B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{F5F692EB-5FF8-4A93-A690-AC6E774BCB8A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe | "{F97463AB-8AD7-4A4B-9FCC-EB4BBD3D2B60}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{FA91060D-C683-40AB-9D79-4346A4ECC699}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{FDB39A19-5200-4E99-B368-5C754463910F}" = protocol=6 | dir=out | app=system | "TCP Query User{06D6A90B-A612-4F3B-829D-596D16F56740}C:\users\kevin\temp\teamviewer\version4\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\kevin\temp\teamviewer\version4\teamviewer.exe | "TCP Query User{111B0916-F3F5-4DA4-A459-831085BBF019}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "TCP Query User{147F3110-BFB7-455E-BAC7-2109BD24B5CB}G:\spielespeicher\gta4\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=g:\spielespeicher\gta4\grand theft auto iv\gtaiv.exe | "TCP Query User{1650B0EC-115F-47B3-96A0-7ED0A5E57103}C:\users\kevin\desktop\spiritmt2\spiritmt2.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\spiritmt2\spiritmt2.exe | "TCP Query User{1867B23E-C2B5-4714-8813-B07096A91433}C:\users\kevin\desktop\games\spielespeicher\modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\modern warfare 2\iw4mp.exe | "TCP Query User{1CF1188C-E51E-4D3C-BB72-B25FE861A19E}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{1E2EE947-37ED-4FA5-A14F-79EB888AC3D7}C:\program files (x86)\modernrcon\modernrcon_v0.8.exe" = protocol=6 | dir=in | app=c:\program files (x86)\modernrcon\modernrcon_v0.8.exe | "TCP Query User{1F23904C-EE50-45FA-BFAD-273AC4F40D34}C:\users\kevin\desktop\games\spielespeicher\cs1.6\hl.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cs1.6\hl.exe | "TCP Query User{21C09F08-7F1E-4BC4-8091-2ECC3427CCEC}C:\users\kevin\desktop\edg-client(mod)\edgmt2\edgmt2.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\edg-client(mod)\edgmt2\edgmt2.exe | "TCP Query User{2B1831EE-E70B-4799-96F8-332AB02205BD}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe | "TCP Query User{309F8E12-3020-4D89-852C-F5862A3D3A02}C:\users\kevin\desktop\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\warcraft iii\war3.exe | "TCP Query User{38806DFE-027C-4281-A5D7-D8BB7F6BC060}C:\users\kevin\desktop\games\spielespeicher\cs beide protokolle\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cs beide protokolle\counter-strike\hl.exe | "TCP Query User{42E4542A-797A-4D43-99E3-9201DA9B20D4}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "TCP Query User{4F9DBBD8-3616-4E9A-8A27-D1581DB4AE99}C:\users\kevin\desktop\cod 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\cod 2\cod2mp_s.exe | "TCP Query User{566A2FB4-80E1-4B2F-A586-43608FF75304}C:\program files (x86)\steam\steamapps\common\zero gear\server\iw4mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\zero gear\server\iw4mp.exe | "TCP Query User{5754E0D5-219D-4FD1-9957-69AB71D3FE8A}C:\program files (x86)\steam\steamapps\volker13315\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\volker13315\counter-strike source\hl2.exe | "TCP Query User{5DA9E4A5-5BB0-415D-95D7-D63F24FE5EAF}C:\program files (x86)\modernrcon\modernrcon_v0.8.exe" = protocol=6 | dir=in | app=c:\program files (x86)\modernrcon\modernrcon_v0.8.exe | "TCP Query User{61364FB6-8EAA-45A5-ACFD-83B2B47BDA0D}C:\users\kevin\desktop\games\spielespeicher\cs1.6\counter-strike\hlds.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cs1.6\counter-strike\hlds.exe | "TCP Query User{6385305A-5F78-4FC7-9B49-BD76E2ECD63F}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "TCP Query User{66DD148C-E25A-487F-9257-4589D71055B1}C:\users\kevin\desktop\cod4\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\cod4\iw3mp.exe | "TCP Query User{6E4F4EF9-1B39-4D13-9913-AF2BEE5531B7}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "TCP Query User{6EC981EC-AEE0-4A48-B1B6-03DB65505483}C:\users\kevin\desktop\edg-client(mod)\edgmt2\edgmt2.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\edg-client(mod)\edgmt2\edgmt2.exe | "TCP Query User{6FC456D1-0D67-41E3-A106-9499F0992D13}C:\program files (x86)\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2.bin | "TCP Query User{6FF3AF0B-7590-44B0-B3F4-E31673D0D8C5}C:\users\kevin\desktop\games\spielespeicher\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\call of duty 4 - modern warfare\iw3mp.exe | "TCP Query User{7A93B8EB-F46A-415B-ACAF-204B38F21C0B}C:\users\kevin\desktop\valve\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\valve\counter-strike source\hl2.exe | "TCP Query User{7DF0FA5F-2752-49A9-827C-1F7DDA87F334}C:\users\kevin\desktop\flatout2\flatout2.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\flatout2\flatout2.exe | "TCP Query User{816851B7-CC61-4B5F-AC1C-2284B1274B3D}C:\program files (x86)\virtualdj\virtualdj_home5.exe" = protocol=6 | dir=in | app=c:\program files (x86)\virtualdj\virtualdj_home5.exe | "TCP Query User{85550C7D-D1F5-4C5C-8929-283E91E3549C}C:\users\kevin\desktop\games\spielespeicher\flatout2\flatout2.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\flatout2\flatout2.exe | "TCP Query User{91F0ACB9-D4CF-4D7F-8A9E-3486FAE4FDBA}C:\metin2server\execution\portmap.exe" = protocol=6 | dir=in | app=c:\metin2server\execution\portmap.exe | "TCP Query User{954F7A42-7DE6-40BB-BF69-C9358545EF51}C:\program files (x86)\teamviewer\version5\teamviewer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | "TCP Query User{9AA0D0D2-7371-4DAC-85F4-D816ECE8E962}C:\users\kevin\desktop\cod 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\cod 2\cod2mp_s.exe | "TCP Query User{9C9F1BDA-FD99-4882-BCA0-33BF6883DEB5}C:\users\kevin\desktop\games\spielespeicher\cs1.6\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cs1.6\counter-strike\hl.exe | "TCP Query User{A33BFBB1-D0A0-4508-8A40-D895CE982FB8}C:\users\kevin\desktop\games\spielespeicher\cod 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cod 2\cod2mp_s.exe | "TCP Query User{A5446B18-F726-43D7-93E6-6D7F1F801962}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | "TCP Query User{C46D4366-76D3-4053-ADBA-CD68E02FD311}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "TCP Query User{C71EECB2-86F1-4948-AE78-0881AD9C0DD8}G:\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=g:\call of duty 4 - modern warfare\iw3mp.exe | "TCP Query User{CD25BB43-F3D5-46AA-A9E5-C54D6D3DBF15}C:\users\kevin\desktop\games\spielespeicher\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\call of duty 4 - modern warfare\iw3mp.exe | "TCP Query User{CF5D894A-B4DF-445A-96FC-4A193F0B30C8}C:\users\kevin\appdata\local\virtualstore\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\users\kevin\appdata\local\virtualstore\program files (x86)\metin2\metin2client.bin | "TCP Query User{D05E2197-86D5-4EA2-8290-49C97DE343F9}C:\users\kevin\desktop\games\spielespeicher\cs beide protokolle\hl.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cs beide protokolle\hl.exe | "TCP Query User{D6448CE0-47B8-4887-B059-D2DAE5B2A4AB}C:\users\kevin\desktop\valve\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\valve\counter-strike source\hl2.exe | "TCP Query User{DB5C0C6C-1A91-48A4-BBC7-3438968101CE}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "TCP Query User{DD7C812A-9AB0-4CE0-97E6-435974AA21F1}C:\users\kevin\desktop\edg-client(mod)\edgmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\edg-client(mod)\edgmt2\mc.exe | "TCP Query User{DE3F41CB-206F-45B6-87F8-B7921EBDC673}C:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe | "TCP Query User{DFE40BD9-8C17-4B7E-AFCE-A3B435D44FBE}C:\metin2server\execution\metin2china\yaska\mc.exe" = protocol=6 | dir=in | app=c:\metin2server\execution\metin2china\yaska\mc.exe | "TCP Query User{E04F0E68-3AAD-47D8-B3D5-E037F5C2DF84}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | "TCP Query User{E5776C8F-633A-46B8-A643-5650C4885647}C:\users\kevin\desktop\games\spiritmt2\spiritmt2.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spiritmt2\spiritmt2.exe | "TCP Query User{E79B749F-03B5-4552-8903-1F4BC7EDD4D4}C:\program files (x86)\multiproxy\mproxy.exe" = protocol=6 | dir=in | app=c:\program files (x86)\multiproxy\mproxy.exe | "TCP Query User{E7C476BE-FBBD-43DC-BA28-13EFF1B5B77F}C:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe | "TCP Query User{E9A23D7C-A35A-43F5-ABD6-651C043D548C}C:\program files (x86)\steam\steamapps\kevinkev123388\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\kevinkev123388\counter-strike source\hl2.exe | "TCP Query User{EC8E420E-DCD0-49FD-B315-2151D84F48ED}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "TCP Query User{F47807E5-0E27-45EB-89F5-6116D28BE0A6}C:\users\kevin\kevin datein\spielespeicher\utorrent.exe" = protocol=6 | dir=in | app=c:\users\kevin\kevin datein\spielespeicher\utorrent.exe | "TCP Query User{F84123B7-84DF-4AB6-A30F-356C67F2B0FA}C:\users\kevin\desktop\games\spielespeicher\cod 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cod 2\cod2mp_s.exe | "TCP Query User{FC5054FB-7C2A-44BE-B97C-7D88ED2A20F5}C:\users\kevin\desktop\games\spiritmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spiritmt2\mc.exe | "TCP Query User{FC76FE17-A332-401E-BD31-556B7BE3172E}C:\users\kevin\desktop\games\spielespeicher\utorrent.exe" = protocol=6 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\utorrent.exe | "UDP Query User{0426BBF8-3DF2-4C16-823B-25CD13420748}C:\users\kevin\desktop\valve\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\valve\counter-strike source\hl2.exe | "UDP Query User{048941CE-957E-475F-9067-477E58611A92}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "UDP Query User{088868D2-D917-4548-B713-B9966C1A1B8E}C:\users\kevin\desktop\games\spiritmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spiritmt2\mc.exe | "UDP Query User{09771250-5153-41C6-AD32-A2922FAA0FDE}C:\program files (x86)\teamviewer\version5\teamviewer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | "UDP Query User{112D208A-ED94-424C-8855-16EAC787C0E6}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "UDP Query User{1DE9F002-74AB-40FC-9EE3-9A5D9062167D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{21AE0E9D-5DE4-4493-AF4B-09A4613CC110}C:\users\kevin\desktop\games\spielespeicher\cod 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cod 2\cod2mp_s.exe | "UDP Query User{3DB0B32E-D46D-456F-9EB2-3341B66214D8}C:\users\kevin\desktop\games\spielespeicher\cs1.6\hl.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cs1.6\hl.exe | "UDP Query User{4493068A-F46B-4F5F-BB6A-F4B4BE27E0D3}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "UDP Query User{44C9CF94-A09B-445B-98F9-BFCF4722B5CA}G:\spielespeicher\gta4\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=g:\spielespeicher\gta4\grand theft auto iv\gtaiv.exe | "UDP Query User{474B05EB-F8B3-41AC-85A5-AC10CC0881D9}C:\program files (x86)\modernrcon\modernrcon_v0.8.exe" = protocol=17 | dir=in | app=c:\program files (x86)\modernrcon\modernrcon_v0.8.exe | "UDP Query User{47EAEADB-A729-486D-9AFF-FA797B466D81}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "UDP Query User{4910EB3E-24C4-4393-9EE1-C62135673F2D}C:\users\kevin\temp\teamviewer\version4\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\kevin\temp\teamviewer\version4\teamviewer.exe | "UDP Query User{4BC6BE9F-B47F-4A39-980E-ED0BD43C0FBA}C:\users\kevin\desktop\games\spielespeicher\utorrent.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\utorrent.exe | "UDP Query User{531B95AC-FF84-47AE-8331-6084F765C881}C:\users\kevin\desktop\spiritmt2\spiritmt2.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\spiritmt2\spiritmt2.exe | "UDP Query User{5343B630-FB33-4B9E-B259-AAD4EB3E6556}C:\users\kevin\desktop\games\spielespeicher\cs beide protokolle\hl.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cs beide protokolle\hl.exe | "UDP Query User{5416C072-42AA-44E5-A60F-D3599BBB7512}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | "UDP Query User{54F0870A-C3F3-4F60-9295-51088BFC8782}C:\program files (x86)\virtualdj\virtualdj_home5.exe" = protocol=17 | dir=in | app=c:\program files (x86)\virtualdj\virtualdj_home5.exe | "UDP Query User{58CD7773-8830-47DF-B304-55A89166FA27}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "UDP Query User{60ED3C90-2462-4F59-B807-D0F52C275DCF}C:\users\kevin\desktop\cod4\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\cod4\iw3mp.exe | "UDP Query User{6521FD94-7996-4FE5-B31E-E63FB15441E4}C:\users\kevin\desktop\games\spielespeicher\flatout2\flatout2.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\flatout2\flatout2.exe | "UDP Query User{6E2DA0C2-D730-4210-B2AD-E13BA3DE9DC2}C:\program files (x86)\steam\steamapps\volker13315\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\volker13315\counter-strike source\hl2.exe | "UDP Query User{6F40BDE5-3085-4139-A9E0-874517A4F448}C:\users\kevin\desktop\edg-client(mod)\edgmt2\edgmt2.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\edg-client(mod)\edgmt2\edgmt2.exe | "UDP Query User{6FC98E1F-38CB-49B6-9405-B5944E74D993}C:\users\kevin\kevin datein\spielespeicher\utorrent.exe" = protocol=17 | dir=in | app=c:\users\kevin\kevin datein\spielespeicher\utorrent.exe | "UDP Query User{71DBE299-F3F1-4462-82AC-2C30565E91A2}C:\users\kevin\desktop\edg-client(mod)\edgmt2\edgmt2.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\edg-client(mod)\edgmt2\edgmt2.exe | "UDP Query User{72664B70-56DE-4270-8622-55616D9FA2B0}C:\users\kevin\appdata\local\virtualstore\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\users\kevin\appdata\local\virtualstore\program files (x86)\metin2\metin2client.bin | "UDP Query User{7B22CE8D-05BD-4245-9902-05458B7F2CB7}C:\users\kevin\desktop\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\warcraft iii\war3.exe | "UDP Query User{84AF3DA4-211D-4F2A-9478-696E14B50DE1}C:\users\kevin\desktop\cod 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\cod 2\cod2mp_s.exe | "UDP Query User{84E43A3B-A130-47D7-A304-CCEC07BDB56A}C:\users\kevin\desktop\games\spielespeicher\cs1.6\counter-strike\hlds.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cs1.6\counter-strike\hlds.exe | "UDP Query User{853B9B8F-B01E-410B-95D9-69F1B7E7EDC6}C:\users\kevin\desktop\cod 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\cod 2\cod2mp_s.exe | "UDP Query User{90F0014B-117D-4E46-B7FB-32EE7A013657}C:\users\kevin\desktop\games\spielespeicher\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\call of duty 4 - modern warfare\iw3mp.exe | "UDP Query User{99367A0A-0F2D-4CB9-824A-1A4BEDAC45E5}C:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe | "UDP Query User{B227382A-36E5-4067-B417-002FD7634A74}C:\users\kevin\desktop\games\spielespeicher\cod 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cod 2\cod2mp_s.exe | "UDP Query User{B3C591E7-C25B-44E6-B09D-7A6B7E80A5A2}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe | "UDP Query User{B9BDC137-2DC3-4422-9D39-CD3D58FBFC07}C:\metin2server\execution\portmap.exe" = protocol=17 | dir=in | app=c:\metin2server\execution\portmap.exe | "UDP Query User{BA8DCDB7-9A13-465A-B655-BAE1CE0AADF9}C:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe | "UDP Query User{BD7AE47D-D118-4C37-B809-4AEBBE0B8AC5}C:\users\kevin\desktop\games\spielespeicher\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\call of duty 4 - modern warfare\iw3mp.exe | "UDP Query User{BEDE8C63-D1F3-4621-8D03-8B1B66B35B63}C:\users\kevin\desktop\edg-client(mod)\edgmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\edg-client(mod)\edgmt2\mc.exe | "UDP Query User{C59AEB66-6F97-40CA-8614-FB2F8465F8F5}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "UDP Query User{C5C547A9-C539-4622-A832-8BAB9937E6E2}C:\program files (x86)\multiproxy\mproxy.exe" = protocol=17 | dir=in | app=c:\program files (x86)\multiproxy\mproxy.exe | "UDP Query User{C75A49FE-C6D8-4EDD-AD30-59E33F0BE583}G:\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=g:\call of duty 4 - modern warfare\iw3mp.exe | "UDP Query User{CA7F7442-10A9-4129-8BEF-ACE75466AFE9}C:\program files (x86)\steam\steamapps\kevinkev123388\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\kevinkev123388\counter-strike source\hl2.exe | "UDP Query User{D3FF45E2-BBF8-40F1-8302-1E015ABE1A54}C:\users\kevin\desktop\games\spiritmt2\spiritmt2.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spiritmt2\spiritmt2.exe | "UDP Query User{DD45088F-1232-4817-8181-CBD9CDBFA810}C:\metin2server\execution\metin2china\yaska\mc.exe" = protocol=17 | dir=in | app=c:\metin2server\execution\metin2china\yaska\mc.exe | "UDP Query User{DE11DD3C-065B-43CA-92A2-D9EDD7B9EC6A}C:\users\kevin\desktop\valve\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\valve\counter-strike source\hl2.exe | "UDP Query User{E4A832B7-05E1-495E-B624-159B276AD2F2}C:\users\kevin\desktop\flatout2\flatout2.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\flatout2\flatout2.exe | "UDP Query User{E5AB7CF5-E385-4282-8AB4-8B0C42972BDD}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | "UDP Query User{E87A34D6-5A42-454A-96F7-D6EA319D358D}C:\program files (x86)\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2.bin | "UDP Query User{F1998CA5-57CC-4C8B-A77F-34DE8ECE507E}C:\users\kevin\desktop\games\spielespeicher\modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\modern warfare 2\iw4mp.exe | "UDP Query User{F53D313E-EF96-4E8F-A5E0-2405193A4DB3}C:\program files (x86)\steam\steamapps\common\zero gear\server\iw4mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\zero gear\server\iw4mp.exe | "UDP Query User{F655D8F4-CB68-4198-ACD3-CB93283AD31B}C:\users\kevin\desktop\games\spielespeicher\cs beide protokolle\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cs beide protokolle\counter-strike\hl.exe | "UDP Query User{F757B6DC-728C-4304-879D-599086F94E95}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "UDP Query User{FAEE8B59-9F1D-419C-8CDD-3AE884BB9D05}C:\program files (x86)\modernrcon\modernrcon_v0.8.exe" = protocol=17 | dir=in | app=c:\program files (x86)\modernrcon\modernrcon_v0.8.exe | "UDP Query User{FFF96CEF-4289-4766-B9B8-5A04D80C0B15}C:\users\kevin\desktop\games\spielespeicher\cs1.6\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\users\kevin\desktop\games\spielespeicher\cs1.6\counter-strike\hl.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64 "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64 "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4 "{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007 "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4 "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4 "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit) "{DE2C9D5F-C55C-30E8-9322-2B8E8B5DF87C}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4 "{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 "Defraggler" = Defraggler "EPSON Printer and Utilities" = EPSON-Drucker-Software "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "WinRAR archiver" = WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R) "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0524D62A-72D6-4D01-B4E8-546BA5B0B9EC}_is1" = eDgMt2 Client 1.0 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{179F3115-969C-454C-B524-464A026FD202}" = NavyFIELD Europa (DE) "{1CC069FA-1A86-402E-9787-3F04E652C67A}" = HP Support Information "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 19 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager "{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3F425F12-3A1B-4511-97B2-E2BB4701B745}" = Crysis Wars(R) "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{4761EB82-E8BD-45A4-B19B-586FA9D1D7E6}" = Camtasia Studio 6 "{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E5EE953-0D92-A385-E3A0-FBFCB2DE15AA}" = EA Download Manager UI "{52F921D8-52A0-476A-9742-33F548ED7C00}_is1" = Black Amazon Skin 1.0.1 "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R) "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{784BEA84-FA66-4B19-BB80-7B545F248AC6}" = HP Total Care Setup "{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime "{7E4B7FD9-4ECE-4298-A910-3160B7918059}" = CryEngine(R)2 Sandbox(TM)2 "{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE) "{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}" = QuickTime "{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_STANDARDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_STANDARDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_STANDARDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_STANDARDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_STANDARDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_STANDARDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_STANDARDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_STANDARDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007 "{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1 "{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.1 - Deutsch "{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}" = EPSON Easy Photo Print "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player "{B84739A3-F943-47E4-95D8-96381EF5AC48}" = HP Customer Experience Enhancements "{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{D5A7D7AB-3093-3619-9261-74DB250ECF7B}" = Microsoft Visual C++ 2008 Express Edition with SP1 - DEU "{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1 "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004) "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "3DSexVilla2-055.001" = thriXXX 3DSexVilla2-055.001 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "AutoItv3" = AutoIt v3.3.2.0 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AVMWLANCLI" = AVM FRITZ!WLAN "CCleaner" = CCleaner "Cheat Engine 5.6_is1" = Cheat Engine 5.6 "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "Counter Strike 1.6 V34" = Counter Strike 1.6 V34 "Crysis WARHEAD(R)" = Crysis WARHEAD(R) "Crysis Wars(R)" = Crysis Wars(R) "CX4300_5500_DX4400 Handbuch" = CX4300_5500_DX4400 Handbuch "EA Download Manager" = EA Download Manager "EPSON Scanner" = EPSON Scan "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "EXPERTool_is1" = EXPERTool 7.5 "Fraps" = Fraps (remove only) "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.3 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.5 "Guild Wars" = GUILD WARS "HOMESTUDENTR" = Microsoft Office Home and Student 2007-Testversion "HxD Hex Editor_is1" = HxD Hex Editor Version 1.7.7.0 "InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "IsoBuster_is1" = IsoBuster 2.7 "Kill-ID für Chrome_is1" = Kill-ID 1.2.3.0 für Chrome "MAGIX Screenshare D" = MAGIX Screenshare "MAGIX Speed burnR D" = MAGIX Speed burnR "Metin2_is1" = Metin2 "Microsoft Visual C++ 2008 Express Edition with SP1 - DEU" = Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU "ModernRcon v0.8" = ModernRcon v0.8 "Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10) "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "PunkBusterSvc" = PunkBuster Services "pywin32-py2.6" = Python 2.6 pywin32-212 "save2pc_is1" = save2pc 4.07 "STANDARDR" = Microsoft Office Standard 2007-Testversion "Steam App 10180" = Call of Duty: Modern Warfare 2 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "Steam App 12910" = Audiosurf Demo "TeamViewer 5" = TeamViewer 5 "thriXXX WebLaunch" = thriXXX WebLaunch "TuneUp Utilities" = TuneUp Utilities "Uninstall_is1" = Uninstall 1.0.0.1 "Universal Extractor_is1" = Universal Extractor 1.6 "uTorrent" = µTorrent "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "Virtual DJ Home Edition - Atomix Productions" = Virtual DJ Home Edition - Atomix Productions "VLC media player" = VLC media player 1.0.1 "WildTangent hp Master Uninstall" = HP Games "Xfire" = Xfire (remove only) "Xvid_is1" = Xvid 1.2.1 final uninstall ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "TeamSpeak 3 Client" = TeamSpeak 3 Client ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > |
27.06.2010, 13:05 | #5 |
/// Selecta Jahrusso | Firefox öffnet sich und schließt wieder [2010.05.20 14:44:07 | 000,073,728 | ---- | M] () -- C:\Users\Kevin\Desktop\keygen.exe ???
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
27.06.2010, 13:08 | #6 |
| Firefox öffnet sich und schließt wieder Danke für deine schnelle Antwort Wurde in dem Keygen was gefunden oder ist es nur eine frage wofür? Klar ich weiß sowas schiebt sich oft als Virus durch doch den habe ich seit einigen Wochen auf dem PC und bis gestern war ja nix. |
27.06.2010, 13:10 | #7 |
/// Selecta Jahrusso | Firefox öffnet sich und schließt wieder Dateien, die crack.exe, keygen.exe oder patch.exe sind zu 99,9% gefährliche Schädlinge, mit denen man nicht Spaßen sollte. Ausserdem sind diese illegal und somit beschränkt sich der Support auf Anleitung zum Neu aufsetzten
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
27.06.2010, 13:14 | #8 |
| Firefox öffnet sich und schließt wieder -.-' Ich kann den Computer unmöglich neu aufsetzen ... Ich habe zwar die Vista Version mit dem Kauf des PC's erworben aber eine CD war nicht dabei ... außerdem sind viele Wichtige Datein drauf wie Bilder Musik und Meine Savegames aus Spielen -.- |
27.06.2010, 13:17 | #9 |
/// Selecta Jahrusso | Firefox öffnet sich und schließt wieder Regeln sind da um eingehalten zu werden. Der weitere Support wird mir von den Forenregeln untersagt. Ausserdem haben wir uns als deutsches Forum an deutsche Gesetze zu halten und die sind da nicht gerade zahm und ich mache mich keinesfalls der Beihilfe schuldig. Man lernt halt aus Fehlern am schnellsten.
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
27.06.2010, 13:28 | #10 |
| Firefox öffnet sich und schließt wieder Wahrscheinlich sitzt du jetzt da und lachst dir voll ein ab weil du mir nicht helfen willst gibt ja noch ein paar andere foren ... dies mal lösche ich die .exe aber -.- |
27.06.2010, 13:34 | #11 | |
| Firefox öffnet sich und schließt wiederZitat:
Und achja: Lachen is gesund
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! |
27.06.2010, 13:43 | #12 |
Firefox öffnet sich und schließt wieder Hier lacht keiner. Es geht auch nicht um das "nicht helfen wollen" sondern um das "nicht helfen dürfen. Jeder vom Team, ob nun KTler oder Helfer, hat sich an gewisse Regeln zu halten und eine davon besagt daß bei Fund von cracks, keygens und ähnlichem der Support einzustellen ist. Gruß Acid
__________________ Kein Support per PM Das befolgen der Tips und Anleitungen geschieht auf eigene Gefahr. |
Themen zu Firefox öffnet sich und schließt wieder |
antivir, avg, browser, computer, datei, dll, firefox, firefox.exe, folge, hijack, hijackthis, home premium, infiziert, local\temp, log, log's, microsoft, modul, probleme, prozesse, rundll, rundll32.exe, sched.exe, sekunden, skype.exe, software, suchlauf, svchost.exe, temp, virus, vista, warnung, windows, öffnet |