| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Schädling zwint Internet Explorer aufWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
13.03.2011, 16:17
| #1 |
 |  Schädling zwint Internet Explorer auf Liebes Trojaner-Board Team, also, folgendes ist geschehen: Vor etwa 1 oder 2 Wochen ist urplötzlich mein Internet Explorer abgeschmiert. Nachdem eine Rückinstallation auf IE7 und das anschließende Wiederinstallieren von IE8 keine Hilfe brachte, entschied ich mich dazu, vorrübergehend auf Firefox umzusteigen. Da ich Firefox aber nicht sonderlich mochte, downloadete ich mir Opera. Als ich dieses allerdings startete, kam nicht Opera sondern der beschädigte Internet Explorer. Die Verknüpfung aber war korrekt, also ging ich von einem Schädling aus. Nachdem ich einen Virenscan von einer selbstbootenden CD (Computer Bild Notfall CD 3.0) ausgeführt hatte, funktionierte Opera wieder. Trotzdem woltte ich sichergehen, dass der Virus keine Backdoor oder ähnliches erstellt hatte. Habe also Malwarebytes laufen lassen und siehe da: 5 Schädlinge Deswegen meine Frage an euch: Ist der Schädling weg oder ist mein System nicht mehr vertrauenswürdig? Hier der Befund von MalwareBytes: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6042 Windows 6.0.6000 Internet Explorer 8.0.6001.18882 13.03.2011 15:59:17 mbam-log-2011-03-13 (15-59-02).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 173032 Laufzeit: 6 Minute(n), 24 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 1 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 1 Infizierte Dateien: 2 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> No action taken. Infizierte Registrierungswerte: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ONWERETETR.exe (Trojan.SpyEyes) -> Value: ONWERETETR.exe -> No action taken. Infizierte Dateiobjekte der Registrierung: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken. Infizierte Verzeichnisse: c:\onweretetr.exe (Trojan.SpyEyes) -> No action taken. Infizierte Dateien: c:\Windows\System32\h@tkeysh@@k.dll (Trojan.Agent) -> No action taken. c:\onweretetr.exe\config.bin (Trojan.SpyEyes) -> No action taken. Und hier OTL.txt: OTL logfile created on: 13.03.2011 16:01:08 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Tobias\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free 7,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 41,20 Gb Free Space | 17,69% Space Free | Partition Type: NTFS Drive D: | 7,88 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: TOBIAS-PC | User Name: Tobias | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Tobias\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Opera\opera.exe (Opera Software) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\DNA\btdna.exe (BitTorrent, Inc.) PRC - C:\Windows\System32\msfeedssync.exe (Microsoft Corporation) PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\Programme\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.) PRC - C:\Programme\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Tobias\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll (Logitech Inc.) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Akamai) -- c:\Programme\Common Files\Akamai\netsession_win_dbc0250.dll () SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (LVSrvLauncher) -- C:\Programme\Common Files\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.) SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (LVCOMSer) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation) DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation) DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (RsFx0102) -- C:\Windows\System32\drivers\RsFx0102.sys (Microsoft Corporation) DRV - (LVcKap) -- C:\Windows\System32\drivers\Lvckap.sys (Logitech Inc.) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (LVMVDrv) -- C:\Windows\System32\drivers\LVMVdrv.sys (Logitech Inc.) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (USBMULCD) -- C:\Windows\System32\drivers\CM106.sys (C-Media Inc) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation) DRV - (SilverLink) Texas Instruments SilverLink (USB GraphLink) -- C:\Windows\System32\drivers\SilvrLnk.sys (Texas Instruments Incorporated) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.schuelervz.net/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.05 12:09:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.05 12:09:41 | 000,000,000 | ---D | M] [2009.05.28 19:45:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\Extensions [2009.05.03 13:21:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\extensions [2009.05.03 13:21:53 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2011.03.07 15:42:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\ghplxtz1.default\extensions [2011.02.25 09:03:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\ghplxtz1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.03.02 20:20:20 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\ghplxtz1.default\searchplugins\icqplugin-1.xml [2011.02.24 13:36:29 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\ghplxtz1.default\searchplugins\icqplugin-2.xml [2011.03.02 23:36:27 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\ghplxtz1.default\searchplugins\icqplugin-3.xml [2011.03.02 23:36:29 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\ghplxtz1.default\searchplugins\icqplugin-4.xml [2011.03.02 23:36:31 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\ghplxtz1.default\searchplugins\icqplugin-5.xml [2011.03.05 12:09:49 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\ghplxtz1.default\searchplugins\icqplugin-6.xml [2008.03.31 08:52:00 | 000,000,168 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\ghplxtz1.default\searchplugins\icqplugin.gif [2008.03.31 08:52:00 | 000,000,618 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\ghplxtz1.default\searchplugins\icqplugin.src [2011.02.22 23:01:27 | 000,001,056 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\ghplxtz1.default\searchplugins\icqplugin.xml [2011.03.07 15:42:16 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.07.16 22:47:30 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2009.07.16 22:47:30 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07} [2010.07.27 16:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Programme\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll [2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (WebSpeechBHO Class) - {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} - C:\Programme\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.) O4 - HKLM..\Run: [Cm106Sound] File not found O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [ICQ] File not found O4 - HKCU..\Run: [srvzg] File not found O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\RunOnce: [Shockwave Updater] File not found O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Product Registration.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: Free YouTube Download - C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: WebSpeech - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\Programme\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG) O9 - Extra 'Tools' menuitem : Seite/Markierung vorlesen (WebSpeech) - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\Programme\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {00000130-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/ACELPACM.CAB (Reg Error: Key error.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Tobias\Pictures\Bearbeitet\tod_pudel_1920x1200.jpg O24 - Desktop BackupWallPaper: C:\Users\Tobias\Pictures\Bearbeitet\tod_pudel_1920x1200.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010.10.01 17:20:00 | 000,000,067 | R--- | M] () - D:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{79002552-9887-11dd-a28f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{79002552-9887-11dd-a28f-806e6f6e6963}\Shell\AutoRun\command - "" = D:\lotrosetup.exe -- [2010.10.01 19:26:00 | 000,864,784 | R--- | M] (Turbine, Inc. ) O33 - MountPoints2\{79002553-9887-11dd-a28f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{79002553-9887-11dd-a28f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\CdAutoRun.exe O33 - MountPoints2\{d6d659a3-9fd5-11df-a0c3-00196649a38e}\Shell - "" = AutoRun O33 - MountPoints2\{d6d659a3-9fd5-11df-a0c3-00196649a38e}\Shell\AutoRun\command - "" = K:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.03.13 15:28:55 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Malwarebytes [2011.03.13 15:28:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.03.13 15:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.03.13 15:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.03.13 15:28:43 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.03.13 15:28:43 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.03.13 15:26:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Tobias\Desktop\OTL.exe [2011.03.12 18:13:11 | 000,000,000 | ---D | C] -- C:\Users\Tobias\{7a954602-b1a0-4570-bbf3-3af2ee952891} [2011.03.12 17:56:26 | 000,132,424 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdmdm.sys [2011.03.12 17:56:26 | 000,014,920 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdmdfl.sys [2011.03.12 17:56:26 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdcmnt.sys [2011.03.12 17:56:26 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdcm.sys [2011.03.12 17:56:26 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdwhnt.sys [2011.03.12 17:56:26 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdwh.sys [2011.03.12 17:56:25 | 000,104,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdbus.sys [2011.03.12 17:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2011.03.12 17:37:08 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Documents\Samsung [2011.03.12 14:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmUnitedForever [2011.03.12 14:11:07 | 000,000,000 | ---D | C] -- C:\Programme\TmUnitedForever [2011.03.08 08:27:25 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\PlanetWerks [2011.03.08 08:26:43 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\SimAquarium [2011.03.08 08:23:34 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Arkadion-X [2011.03.08 08:07:33 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Opera [2011.03.08 08:07:33 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Opera [2011.03.08 08:07:30 | 000,000,000 | ---D | C] -- C:\Programme\Opera [2011.02.28 21:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2011.02.24 09:20:15 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.02.24 09:20:15 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.02.24 09:20:15 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.02.24 09:20:15 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.02.24 09:20:15 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.02.24 09:20:15 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.02.24 09:20:15 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.02.24 09:20:15 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.02.24 09:20:15 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.02.24 09:20:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.02.24 09:20:15 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.02.24 09:20:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.02.24 09:20:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.02.24 09:20:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.02.23 11:29:35 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.02.23 11:29:34 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.02.23 11:11:17 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.02.23 11:11:17 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.02.23 11:11:17 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011.02.23 11:11:16 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011.02.23 11:11:16 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011.02.23 11:11:16 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011.02.23 11:11:16 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011.02.23 11:11:16 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.02.23 11:11:16 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011.02.23 11:11:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll [2011.02.23 11:11:15 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.02.23 11:11:15 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.02.23 11:11:15 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe [2011.02.23 11:11:15 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.02.23 11:11:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.02.23 11:11:15 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011.02.23 11:11:15 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011.02.23 11:11:14 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.02.23 11:11:14 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.02.23 11:11:13 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011.02.23 11:11:13 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.02.23 11:11:13 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011.02.23 11:11:13 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe [2011.02.23 11:11:13 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011.02.23 11:11:13 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011.02.20 10:14:39 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.03.13 16:01:31 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2F50D3BF-7AE3-4F33-8167-D23F466B904E}.job [2011.03.13 15:59:33 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\ymomrq.sys [2011.03.13 15:45:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.03.13 15:30:45 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.03.13 15:30:45 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.03.13 15:28:46 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.03.13 15:26:49 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tobias\Desktop\OTL.exe [2011.03.13 14:49:52 | 000,706,418 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.03.13 14:49:52 | 000,675,256 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.03.13 14:49:52 | 000,140,902 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.03.13 14:49:52 | 000,128,128 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.03.13 12:30:58 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.03.13 12:30:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.03.13 12:30:41 | 3757,367,296 | -HS- | M] () -- C:\hiberfil.sys [2011.03.08 08:07:31 | 000,001,638 | ---- | M] () -- C:\Users\Tobias\Desktop\Internet.lnk [2011.02.11 16:54:14 | 000,073,728 | ---- | M] () -- C:\Users\Tobias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.03.13 15:59:33 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\ymomrq.sys [2011.03.13 15:28:46 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.03.08 08:27:25 | 000,001,865 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetWerks.lnk [2011.03.08 08:26:43 | 000,001,865 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SimAquarium.lnk [2011.03.08 08:23:35 | 000,001,849 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arkadion-X.lnk [2011.03.08 08:07:31 | 000,001,638 | ---- | C] () -- C:\Users\Tobias\Desktop\Internet.lnk [2011.03.08 08:07:31 | 000,001,626 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2011.02.24 09:20:15 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2010.11.25 18:10:12 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll [2010.10.14 09:39:11 | 000,000,527 | ---- | C] () -- C:\Windows\eReg.dat [2010.06.12 13:23:23 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2010.06.12 13:23:23 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll [2010.06.12 13:23:23 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll [2010.06.10 15:13:34 | 000,086,520 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2010.05.16 10:48:37 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2010.05.16 10:48:37 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2010.03.15 18:10:17 | 000,000,008 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\DofusAppId0_2 [2010.03.15 18:09:00 | 000,000,173 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\D2Info0 [2010.03.15 18:09:00 | 000,000,008 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\DofusAppId0_1 [2009.09.14 18:53:40 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.05.28 19:45:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.04.23 17:55:32 | 000,466,944 | ---- | C] () -- C:\Windows\System32\Cmeau106.exe [2009.04.23 17:54:11 | 000,003,329 | ---- | C] () -- C:\Windows\Cm106.ini.cfg [2009.04.23 17:54:11 | 000,001,399 | ---- | C] () -- C:\Windows\Cm106.ini.imi [2009.04.23 17:54:11 | 000,000,171 | ---- | C] () -- C:\Windows\Cm106.ini.cfl [2009.04.23 17:54:10 | 000,000,335 | ---- | C] () -- C:\Windows\cm106.ini [2009.04.23 15:58:13 | 000,106,496 | ---- | C] () -- C:\Windows\Vmix.dll [2009.04.23 15:57:38 | 000,241,664 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll [2009.04.21 23:19:06 | 000,172,173 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2008.11.24 19:55:35 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2008.11.24 19:55:34 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2008.11.18 11:11:58 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI [2008.11.02 18:56:20 | 000,073,728 | ---- | C] () -- C:\Users\Tobias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.11.01 17:11:01 | 000,018,056 | ---- | C] () -- C:\Windows\War3Unin.dat [2008.10.12 19:46:41 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2008.10.12 18:46:09 | 000,003,936 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2008.10.12 18:46:07 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS [2008.10.12 18:40:56 | 000,001,356 | ---- | C] () -- C:\Users\Tobias\AppData\Local\d3d9caps.dat [2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008.06.05 07:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2007.10.25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007.10.11 17:59:24 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2006.11.02 16:33:31 | 000,706,418 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 16:33:31 | 000,140,902 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,261,920 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,675,256 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,128,128 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.11.02 08:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2006.11.02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin ========== LOP Check ========== [2010.02.05 14:49:06 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Ankh - Heart of Osiris [2009.06.21 09:29:40 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\AntMe [2010.03.15 18:09:02 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\app [2009.08.28 14:34:08 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Blender Foundation [2010.06.12 13:23:40 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\concept design [2009.11.08 09:58:27 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\congstar WebRadio [2011.03.13 16:01:24 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\DNA [2010.03.15 18:21:21 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Dofus 2 [2010.03.15 18:10:18 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.03.15 18:09:00 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.07.25 18:59:05 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers [2010.11.14 07:39:02 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Firaxis Games [2009.05.20 18:53:55 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\FOG Downloader [2010.08.16 15:31:03 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\gtk-2.0 [2011.02.03 18:20:57 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\ICQ [2011.01.06 18:05:45 | 000,000,000 | -H-D | M] -- C:\Users\Tobias\AppData\Roaming\ijjigame [2011.01.29 17:03:29 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Kalypso Media [2010.04.04 09:51:53 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Leadertech [2011.01.04 21:03:08 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\My Games [2011.03.08 08:27:27 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Opera [2010.05.16 11:07:53 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\PC Suite [2010.03.15 18:09:02 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\RegTesting.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.05.16 10:48:31 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Samsung [2009.11.08 10:00:11 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Splitscreen Studios [2009.08.10 14:19:44 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\SPORE [2009.02.10 13:28:55 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\TotalRecorder [2009.12.25 11:37:52 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Ubisoft [2011.03.13 00:07:34 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.03.13 16:01:31 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2F50D3BF-7AE3-4F33-8167-D23F466B904E}.job ========== Purity Check ========== < End of report > Und die Extras.txt OTL Extras logfile created on: 13.03.2011 16:01:08 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Tobias\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free 7,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 41,20 Gb Free Space | 17,69% Space Free | Partition Type: NTFS Drive D: | 7,88 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: TOBIAS-PC | User Name: Tobias | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2941950513-2167470703-3295120860-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{12BBF577-7FF5-4858-8CA9-763DA2CB6418}" = rport=445 | protocol=6 | dir=out | app=system | "{14D5E101-8BBB-4AD6-B92A-CF7CF9E69E4B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{188BD6FE-D3A0-4FAC-B10E-EF6DC4BF43D9}" = lport=445 | protocol=6 | dir=in | app=system | "{2C036AE0-8D06-474C-B506-0B82DDEECCE7}" = lport=6112 | protocol=6 | dir=in | name=guildwars | "{2FB21820-160D-4184-841D-224DF45EE8E5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{3C82BD57-BE23-4C34-9947-E21E350B10A0}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | "{5253BEAE-74F3-4076-ADFD-D96816304FA1}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface | "{52873EE1-CB83-4CF7-AD99-150B176679CA}" = lport=137 | protocol=17 | dir=in | app=system | "{61B78AEC-3EBE-4397-8B0D-B45A06B48072}" = lport=7011 | protocol=17 | dir=in | name=sacred 2 open net | "{69960F90-A93B-4CA2-95EB-0E6E7ACDB657}" = rport=139 | protocol=6 | dir=out | app=system | "{85B2F56E-0BE5-4824-A6AA-885D5946E153}" = rport=137 | protocol=17 | dir=out | app=system | "{8B1E30D0-4100-42CE-8BBA-9607EC509C53}" = lport=138 | protocol=17 | dir=in | app=system | "{941FFCFB-74B7-4B4F-953C-9765B2AF0C4B}" = lport=139 | protocol=6 | dir=in | app=system | "{A06D8AD2-33B4-4B38-815F-DE43EF53E6AE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{D3917297-8E65-4406-8786-95734AFF3A2D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{DD6DE54D-FAE7-4722-826E-618F86D41380}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | "{E7F06F9F-C274-4DFC-980C-36C4C4CF0DA4}" = lport=80 | protocol=6 | dir=in | name=1 | "{F35DFB87-5C5C-4199-AB88-AE30876B85A1}" = rport=138 | protocol=17 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00243682-5604-4E76-9DC4-8E25F4152FFF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{00540BDB-F407-43B0-9F76-438FA0346B62}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{00A7DB46-2F2A-4CEB-B8BA-E878D42901EE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{00D38AD2-5B55-4ABE-A9DA-E64D3BD23FAE}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | "{00F7A1AB-0E60-494C-A189-B9FFDED9A34D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{018273AB-DA75-40DB-909B-BD54FCD33DD6}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{01C0581B-6A6E-4BEC-A2D5-A74AD04122B1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{02AE1E67-D9B7-48F6-AD75-51B78B817BF1}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe | "{0370C053-C115-4EA0-A30D-7D05F959DD72}" = protocol=17 | dir=in | app=f:\programme\two worlds\twoworlds_radeon.exe | "{04A0DF07-FB75-4325-A85E-D1C904FFCFBC}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{06636A79-D65A-410B-A376-ADD76E39D7A7}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe | "{07C01119-66A0-4704-A7A4-5D5D62EB18D6}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{08FC8518-99E9-48BF-AAB5-B6AC4A7270E0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{091711FF-63EF-427F-9B38-929140E157E6}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{0B689179-BAF0-43C0-8BFA-7DC243860220}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{0D8535C4-728D-41BA-865E-B50E1B836C2D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{0E20D2E4-1C3A-47EF-A3CE-FAE986BEEE4B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{0E8090AC-5D8D-47DC-ACC2-ACDF4FA72212}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{12ADFF31-8CAF-4CC3-A356-A05B834C5FAD}" = protocol=6 | dir=in | app=c:\gpotato.eu\allods online\bin\aogame.exe | "{147301C5-DD4B-43C5-B2BC-C4741DD028AE}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | "{14DBD69D-DCE4-448E-AF14-DF3D7E4ADB78}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{14DBD974-57FE-4601-BB66-5C54E082469E}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{15BD4CC9-5E37-4B7A-B7EE-E45B24A8C6BA}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe | "{182DCB3F-2D13-4B53-9591-0EF4E040BEBE}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{18561C0F-3876-438A-BE8C-07EBB1DC919A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{192FB07E-B880-4D96-9DDA-D518072BB28E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{1943D562-F3AD-4E8D-A439-E5F76EB850B5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{1C3D516C-24B7-432A-80CE-1569976D3F86}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe | "{1E230610-7298-4433-9604-C34CC594DD4F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{204ECDCE-6C04-4DED-8C87-7B2AA6B3EDB5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{20B28D72-777C-485E-8731-784CD823CBAE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{21EBB0AE-E7D5-4B58-9C68-8263545169E9}" = protocol=17 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe | "{23731C93-CBE7-4A5F-ACF8-B7A0209DEC62}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{240FF944-AD4B-4A33-9F77-6F7C88645225}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2460F7FF-AC33-401B-985B-5680420CEA21}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{25945B03-2D8B-48A1-BDA3-F69629A3B8F9}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{26894F12-9344-4056-9ADA-AAF30F0C3AB5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{269921E9-4CEE-45BF-9FE1-1F0C1E5F4C21}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{27F4312F-1773-4788-8A81-ED2B70AAD3AF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{286AE712-4AC7-43E1-8069-7AB90DC5A799}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{296F87BC-4F05-4F5E-916F-990EF0E0ED99}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2A648DDD-37F3-42CA-A902-D9A9AD6E641F}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{2ACDFF02-EB4D-4307-8B38-D9E4F003CE1E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2B211F11-D7FD-4568-8015-EA73AC043A9A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2B793CEC-2EF5-40E1-B792-E92760C3F3B4}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{2D627A1A-FF1E-4781-B7A1-2AC669BA57CE}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe | "{2FC74658-2310-45BF-9ABC-44B75BA0D7AB}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{309BB197-FE94-4780-B470-10C7AB9A3184}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{310D5962-7694-4992-9F01-8DB00EEE99F5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{317850DA-5922-4393-9C8E-82788F3AABDB}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{31D4886F-01FC-4426-B31E-DC93D4E849CB}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{32A564A4-27DF-4905-BF4A-5A7AB0456D50}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{33483BC3-018C-4C67-AEF5-E3869525AACA}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{344C421E-C531-4D48-A56D-4986AD021D4E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{354F6A9E-8478-4228-8274-59AEA82FE83B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{37B90D3C-CB8F-4484-96E6-B9DC530134EF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{38A0C21A-FBE6-47FF-BB15-BAB36CB97214}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{38CDFEEF-B657-4270-B437-17EF71437942}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{39C7840A-7A16-42EF-A373-4AEDC10D1CEF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{3AFD03CB-6236-4F0D-86C3-BD3F667C0BE9}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{3BEFD30A-079D-4B73-9217-C52BEC0D6CBB}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{3CCB642A-616B-483A-80A5-E40BFC9E4BA4}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{3CFB62E3-8E68-4AF2-A114-31558B121CAE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{3D6F8176-7A0B-441F-AE7F-38EA1080F877}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{3D750D49-185F-447E-8778-7B2A539A90BB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{3DF63719-0565-4166-BB50-F3F00113FA1D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{42471269-45CB-499F-80CA-4272EA4B13A3}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{42D69775-F5BA-40BD-9FC4-DAC5AA4EF493}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{42DE7BC2-C620-4F97-8EE8-103BFC131DE1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{43BABF7D-E5B9-49AD-A671-934182BB7107}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | "{43E6A9AD-A698-4FD8-AADD-4C07A41EA841}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{44A43C1E-4A23-45C6-8400-A0A5CBF04E8E}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe | "{466009AA-29F5-4A24-937D-6A1A3A3F2C2B}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{46C5094A-9E41-40D3-A2A5-6B5AC3D2C0BE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{493D2AB0-D813-49A9-8E56-5C8CC5B9F228}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{498D2866-56D7-4E9D-9A5F-6720847523D1}" = protocol=17 | dir=in | app=f:\programme\two worlds\twoworlds.exe | "{4B4684FF-CEEE-4872-AA59-90ACCAD58E63}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{4D071EB1-1F5A-41FF-861C-BA898EE3BF08}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{4E52857E-D079-4BD6-8B80-4C8413C199DC}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | "{4FA4DF94-A29A-4A78-94AD-EADB98702098}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{512B0B19-4E75-471E-841A-C386ABA801D5}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | "{513E0B10-7EF0-42FA-9473-097F988BC209}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{526EACB7-389C-4F86-9236-B0A024584DE6}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{540F9F7D-73E0-426E-84DB-EEF9D03AA424}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5440E386-9007-4328-8D96-9E4E01B80F49}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{55203A95-AD72-4802-AE94-4066B03CDA4B}" = protocol=17 | dir=in | app=c:\program files\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe | "{5789B504-E99E-45B3-96BD-1139DA80F6E1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5A7E5054-B0FA-4D25-BCCA-CC85A149B53E}" = protocol=17 | dir=in | app=c:\program files\concept design\onlinetv 5\onlinetv.exe | "{5B20B7F3-9D3C-41B3-A731-F1CACE3A00CE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5B8D4A2E-84BE-47C3-8EF2-B1EB8D774E6C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5C7A541C-B286-45F5-9A0C-701040139F48}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5CDE9271-4F00-4817-9B1D-7B86FF087053}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{5FE85D48-0BB9-43C2-9406-2B1FD4DA6562}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{608251C9-4F10-4D8F-8AA9-4985107B218B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6195CC39-1392-4524-B501-038FBBED86A0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{63F83FBE-C2C1-43C5-A151-0F2067D11D12}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{64395C82-8C86-478C-87C8-F9D62B1EAFD4}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{6514C938-759F-49D7-A3ED-8BDA8E206EB3}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{658DA930-DDAD-4048-892C-BCD9178EA683}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{659890D5-E457-4BDC-92EE-3C852F04A878}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{66BFF2DC-77F8-4EC3-9D0B-6224B28583C0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{66C8FE1B-20C3-400B-B73F-03B03651EBFF}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | "{67479B7B-3F1F-4A3F-A64F-E266C81003B1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6818F7C0-F489-41EF-82D4-C0953B3C4855}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{69AD888E-FBBB-4057-926C-0A7458F39953}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{69D16AE4-D498-4FC6-BFE6-43B72AFA7CA8}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6D16C451-3371-4E2C-A704-4DAD922575A3}" = protocol=6 | dir=in | app=c:\program files\concept design\onlinetv 5\onlinetv.exe | "{6EB73501-1024-4C12-BD6C-F774DA372951}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{70974019-5E4E-4610-BF77-A73DD6156164}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{7101596C-C23A-4ABA-9757-044DD1575CCA}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{7145C4E3-43FE-4681-85E3-12CBCF627811}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{72158564-1F30-4D99-B026-AFA8C5D370D1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{728CB622-57CA-4B2F-BE49-E68274ECDB9C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{7523F388-FA2C-48B0-80EC-E3268C51022A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{785DD3E4-F6AF-4DBB-A3FB-7E31A7F70D23}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{795F3AA1-E181-4FBB-BABF-47BEDF7BEA3F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{7CA8833D-70D7-4A32-B4D0-9D9A24251212}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{7EA3EF2E-9A26-4901-94EC-9B7B577CFE94}" = protocol=17 | dir=in | app=c:\program files\ascaron entertainment\sacred 2 - fallen angel\system\s2gs.exe | "{7FA39631-C69F-4E5E-A370-840D7267B047}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{804A23AE-02BB-4294-8600-FD6527D5B338}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{812E9FF0-8551-417F-8328-B0D68BD6C268}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{82EC473C-1AB7-46BA-B71E-46FA43DA0DD6}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "{83575B1E-0D95-49B1-93B2-9E083C035CF1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{83C419D4-3703-4E61-89F1-D4F66C2D4F6D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{83C9DDCE-440A-49EC-9BF5-3E9E78D66AEF}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | "{84A77FA7-7E48-4941-80E2-B5E44FC5B703}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{87B24CB0-57AE-45FE-A80C-E6E747291C1A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{891928BC-092D-4954-A390-E134C3410991}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{8AE1F299-1BAB-4705-8554-7F684B4C6F3B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8AE225D7-6FF8-4A7B-BEF9-AA41EC86CBF4}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8B514C48-2EAC-4E1C-ABF3-8A9A504F0751}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8BAC5FC3-9CF8-4C7D-8F8D-E545C921330E}" = protocol=17 | dir=in | app=c:\gpotato.eu\allods online\bin\aogame.exe | "{8BDA9DD6-3D8E-4463-AFAB-903ECEEA534B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8D65C54B-CB97-4CFB-BDCD-0791FAF333B1}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{8E014BC9-C244-4DAF-A5F3-2DC1623CACAC}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe | "{8E3BB0A0-DFD6-4CAC-9DF2-B6B02BFB27DD}" = protocol=6 | dir=in | app=c:\program files\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe | "{8ED26C53-93E3-4DB0-9CE4-35A8B3FD7E7C}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | "{9207B460-89A4-4932-A231-B1BE7AA8C423}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9445EB73-6475-4F25-B085-8386CF4DEA9C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9465C461-ABA7-4EC0-A1EE-162D77A86907}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{951223E4-5A6D-4C2F-8B0F-3677C4CB2605}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{956B05A8-B5E7-488D-98C1-66845F4182AC}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{97849A32-1197-44DE-944D-3D5FB1656193}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{99913334-9CEC-4CC1-B24C-FF8B875C8451}" = protocol=6 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe | "{9A685A45-C498-41E3-8101-917DE19BCA8F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9AD04B93-A733-44FC-AE25-CD62EF2F9236}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A09313E9-B357-4076-96C4-590C6BFADBBD}" = protocol=17 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe | "{A18B5589-C0A4-4462-88C7-9282753FDD8B}" = protocol=6 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe | "{A2014631-820B-4811-92F6-F26CCED44BF8}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A410ECBC-C517-4382-ABC4-898C5933A335}" = protocol=6 | dir=in | app=f:\programme\two worlds\twoworlds.exe | "{A449EB6C-20D2-4469-BB50-7E129EA6EC57}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A477911E-7985-4571-8A04-3DBD01D54AC8}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A58164E0-4BB8-4B95-9439-7E352BF78C5E}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{A7203611-7A19-4326-99BB-7FB5A6129001}" = protocol=6 | dir=in | app=c:\program files\ascaron entertainment\sacred 2 - fallen angel\system\sacred2.exe | "{AA3DE754-DD68-490A-8009-EF227B29CA2C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{AA7776FE-366D-47ED-A16F-0B13EF9AE7F6}" = protocol=6 | dir=in | app=f:\programme\two worlds\twoworlds_radeon.exe | "{AB0A07BD-832F-40DB-941C-916BDCE4001D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{AB36F398-5DFA-48E5-A5E2-3E505CA93F57}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "{AD3400A5-086A-45A1-BB20-4D7249187624}" = protocol=6 | dir=in | app=c:\program files\gameforge4d\elsword_de\data\x2.exe | "{AE5AD349-6717-4B0D-A116-742489A5E870}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{AE679479-1F1F-440B-BE24-F0EC3432A530}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{AF76E783-EEFF-40DC-A3DA-54838B7AEC0B}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | "{AFB6A4E7-DD9D-4528-9C59-6F2D5578937D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B1DBDD14-92A9-43A2-9D47-82B9D75385D2}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B242C7CA-BB7B-44C3-96C6-21092E13D073}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B36ADA4F-9673-4874-91E8-0BB95A4F2EBB}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B3C41979-44B3-4E98-A862-84B01BA82F07}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B4959080-1EB8-436E-81F6-6F5806DA62F2}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B4B98AA8-8EDA-43BA-8407-EA63D9B2627A}" = protocol=17 | dir=in | app=c:\program files\concept design\onlinetv 5\onlinetv.exe | "{B53C16A5-5E93-48EA-8620-FCE4D440B38D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B5A68407-F2B9-4A7C-8FE6-885E300DF30D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B83FDE75-FB55-4CB0-9622-ABE0BB6E1C1E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BA44C6D5-AA59-48D5-8C70-D5F8912E40C2}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BA8C6389-EF30-4C35-985B-BD752595E86E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BAEE4119-4E7A-4B25-85A2-7B460B20E000}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BCD227D5-D8C2-40AE-ACCD-52CF994323F0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{C0FCE8A8-AF71-4F15-8E87-74979FE1032E}" = protocol=17 | dir=in | app=c:\program files\ascaron entertainment\sacred 2 - fallen angel\system\sacred2.exe | "{C219844E-7C14-4C20-8310-0A945477ECC8}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{C27DA363-D0EC-48F1-9734-11B5DA27EA04}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{C283E58A-D364-4F6A-B7AD-8201BD7A999A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{C2E142F7-E426-4101-AD2E-3676A85B97CB}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe | "{C4764DDC-BCA3-4A78-8F5D-527F1C52741C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{C483413E-FFA7-4271-BC6B-3612C9FAF886}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | "{C7F4602B-4F66-402D-928D-C48A142D46F8}" = protocol=17 | dir=in | app=c:\program files\gameforge4d\elsword_de\data\x2.exe | "{C9836BC2-B08D-414A-8786-31B1180D47B0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D00B7007-9D2C-4A2A-8A9F-5B14794EB2B8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{D11F422D-1803-43EF-BB1B-13299F32A5CE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D1E6214C-500B-4814-A7EE-533E9E8317F0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D1F40F79-EA06-4756-9744-3FF71852ADB3}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | "{D2B54D52-6E50-4CE8-B1D5-02FFB9E3869C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D2D6406B-23E8-49C5-B9A4-F46DF1ADB8CA}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{D3E127F4-EE15-4773-97CC-5B73E274C7AF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D543335C-666F-4272-95D8-163D58F0314E}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{D720B4FB-F9D3-43EC-8995-B9B4A88FB83F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D73726FD-7B6A-43AA-91C3-9B168371C224}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D7DA299E-8729-43D1-A2A0-4BCBC7E17DAF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D918519B-788A-443F-90E2-873A3C4B88B2}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D9748DD2-98A7-4B30-BE91-C723D8C7D450}" = protocol=6 | dir=in | app=c:\program files\ascaron entertainment\sacred 2 - fallen angel\system\s2gs.exe | "{DA320A80-7541-429B-9742-7649FAAA00BC}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{DA5895FB-9929-47E8-88ED-841A15E3C1DF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{DAB16C15-1623-4BC8-BEC4-216D3DF9CA55}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{DAEF5105-0ABE-43B4-A30F-4F965DAC4C64}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E04A9CB2-82BB-4DFC-8812-379EEB0AE1AB}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{E0B10EE2-F12D-44D9-AAE3-43CDEF65912F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E0D35F6D-E4FC-4033-BEF4-0C63D46ED342}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{E45B28E3-8276-462F-945C-E5B9D1A20BEA}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E5E94ABA-A601-4A4E-9642-4F09FA1C7DA8}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E610E054-00FF-4F31-9174-83ADBFF8ACF2}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E73BE370-2EB2-462D-8A4F-CD1355D50E7E}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe | "{E8A9E4FA-DDE3-4250-800C-5CE9C3428453}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{E8E0E521-F242-449A-BF28-8BB84A178E17}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E9CE2A0A-6A1D-4B30-B2E4-B8BAA6B04956}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EA31D69A-B78A-4A40-8939-A05CFD8F803D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EB14FA04-A6E5-4002-9ED6-83311889F160}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{ED2354DE-2755-4B88-BEA0-56710B50F3FF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{ED7655A4-6A05-4EB0-948C-9C7003DB8DC4}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EDE9C6BA-7494-4C54-AA69-4B5D14760FED}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EE9C7D5E-E743-4322-9747-3949A10B8678}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EF8ED0DD-BF05-464E-AA8D-03FC3D5AFA4A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F1081729-F9E5-47BE-BA29-9D6F1DF1D045}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe | "{F2D425DB-412B-4725-998E-BFBEADCAAABF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F4C447A9-9415-45BD-B4EC-6B9C9EB66689}" = protocol=6 | dir=in | app=c:\program files\concept design\onlinetv 5\onlinetv.exe | "{F6AC188D-0F41-41FD-B7CB-5D52F8BE674B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F7126C75-E160-4759-85AE-467E84FC434A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F80F92E3-0806-4B86-8786-E66E8BAD4053}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F88E9EC7-9C19-4DE0-8652-A30A3A365939}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F8EE747F-9398-4BB3-B307-8153C83BEB0F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{FD70CC3E-7D34-42C3-8A92-6085264B66BC}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{FF04F263-D16E-4128-BE51-4EF25A060B52}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{FF79A443-EEC1-4C0A-B8BC-89BD20A82A11}" = dir=in | app=c:\program files\skype\phone\skype.exe | "TCP Query User{05BADC51-D359-4B05-AD94-6D6EEC348198}C:\ijji\english\u_sf\soldierfront.exe" = protocol=6 | dir=in | app=c:\ijji\english\u_sf\soldierfront.exe | "TCP Query User{0854EAEC-CF45-4CD4-BAB0-D1484DC9FCAE}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "TCP Query User{0FB786EA-182E-41CA-A796-127DC3DF9C6E}C:\users\tobias\appdata\local\temp\7zs844.tmp\hl.exe" = protocol=6 | dir=in | app=c:\users\tobias\appdata\local\temp\7zs844.tmp\hl.exe | "TCP Query User{154A75F0-B7B7-4A98-B91E-BE3396622AA1}C:\program files\littlefighter2\lf2_v2.0\lf2.exe" = protocol=6 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0\lf2.exe | "TCP Query User{250EF89B-AADC-45EE-91E3-3A90DA155578}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe | "TCP Query User{2D7EFC09-B287-4020-BD09-4964E9CBFAAE}C:\users\tobias\downloads\yuleech-runesofmagic2_0_1_1821-de.exe" = protocol=6 | dir=in | app=c:\users\tobias\downloads\yuleech-runesofmagic2_0_1_1821-de.exe | "TCP Query User{301ECD48-21FD-4DA6-93A1-FA7BED9DC9A8}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | "TCP Query User{4A2C4267-7959-4B7B-A81B-650501606E82}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | "TCP Query User{4B57DDE1-88BD-41E2-9CB3-873F66ECE3DE}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "TCP Query User{4C1B9AC5-A21A-49CF-AC06-36E3D3BA5A5E}C:\users\tobias\appdata\local\temp\7zs8d32.tmp\hl.exe" = protocol=6 | dir=in | app=c:\users\tobias\appdata\local\temp\7zs8d32.tmp\hl.exe | "TCP Query User{4FF16205-513D-4CAD-BC15-1B229A3198D1}C:\program files\reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files\reactor\reactor.exe | "TCP Query User{5AA48F30-0466-469D-9011-2FC73CDADBA6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | "TCP Query User{5B42C2EF-0BAC-452D-9E4C-D11CD9BAD5D0}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | "TCP Query User{6B561602-27B3-4CBA-8778-15EF7B3C60EB}C:\program files\ascaron entertainment\sacred underworld\sacred.exe" = protocol=6 | dir=in | app=c:\program files\ascaron entertainment\sacred underworld\sacred.exe | "TCP Query User{6C50B3C2-AB35-4796-9076-74FF62E8D1ED}C:\users\tobias\appdata\local\temp\rar$ex00.391\volley.exe" = protocol=6 | dir=in | app=c:\users\tobias\appdata\local\temp\rar$ex00.391\volley.exe | "TCP Query User{6C79556B-1F3E-4D72-B824-BDD461F2BE5A}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | "TCP Query User{75E06BD1-80DD-453D-AFF3-C693D15787D5}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "TCP Query User{760F8E97-6133-4DC2-A49E-D9F37646C5D3}C:\program files\metin2_germany\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2_germany\metin2.bin | "TCP Query User{7E464E76-B14C-42AD-964F-A73FFFD1B660}C:\program files\tmunitedforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmunitedforever\tmforever.exe | "TCP Query User{7EE56D18-C9C9-4798-8B2F-83FDF46DF556}C:\program files\gamigo games\smash online\smashonline.exe" = protocol=6 | dir=in | app=c:\program files\gamigo games\smash online\smashonline.exe | "TCP Query User{84270D30-56F5-4656-BB49-913F1C58591D}C:\users\tobias\downloads\aion emulator\novos_easy_aionunique_emulator_repack_0.1.3\aionemulator\java portable\jdk\bin\java.exe" = protocol=6 | dir=in | app=c:\users\tobias\downloads\aion emulator\novos_easy_aionunique_emulator_repack_0.1.3\aionemulator\java portable\jdk\bin\java.exe | "TCP Query User{8B5A2185-9670-46C3-A403-2373C02EC722}C:\program files\congstar webradio\ps_olect.exe" = protocol=6 | dir=in | app=c:\program files\congstar webradio\ps_olect.exe | "TCP Query User{8E85F7B8-05A4-4FA5-9CF5-100E68C18201}C:\users\tobias\downloads\aion emulator\novos_easy_aionunique_emulator_repack_0.1.3\aionemulator\usr\local\apache2\bin\apache_16.exe" = protocol=6 | dir=in | app=c:\users\tobias\downloads\aion emulator\novos_easy_aionunique_emulator_repack_0.1.3\aionemulator\usr\local\apache2\bin\apache_16.exe | "TCP Query User{90C6AC0F-3A97-477F-A27E-79F7840B2EEB}C:\users\tobias\appdata\local\temp\7zsf0bd.tmp\hl.exe" = protocol=6 | dir=in | app=c:\users\tobias\appdata\local\temp\7zsf0bd.tmp\hl.exe | "TCP Query User{91629796-F03C-44A8-A18F-A72A10522328}C:\program files\blobby volley 2.0 alpha 6\blobby-server.exe" = protocol=6 | dir=in | app=c:\program files\blobby volley 2.0 alpha 6\blobby-server.exe | "TCP Query User{97084190-A27B-4517-A7D9-3FB3C4405FB5}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | "TCP Query User{9BD36B40-FF5C-444F-9448-7C6CA22207ED}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "TCP Query User{ABC18E0A-6266-4C9B-9540-B3B648D6FE1C}C:\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | "TCP Query User{B359707B-8156-4D8F-A869-9B9527A48B1C}C:\users\tobias\downloads\aion emulator\novos_easy_aionunique_emulator_repack_0.1.3\aionemulator\usr\local\mysql\bin\mysqld-opt.exe" = protocol=6 | dir=in | app=c:\users\tobias\downloads\aion emulator\novos_easy_aionunique_emulator_repack_0.1.3\aionemulator\usr\local\mysql\bin\mysqld-opt.exe | "TCP Query User{BCCC8756-0C10-490F-8EBC-96377B004EC1}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{BF259B30-29D9-47E8-87D8-CC90CDD0E5D4}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "TCP Query User{D4C5EE72-7BBD-4E98-99F0-EE187852A7FF}C:\users\gast\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\gast\program files\dna\btdna.exe | "TCP Query User{D766B075-6202-4D2B-959C-16F970362E7D}C:\program files\ascaron entertainment\sacred 2 - fallen angel\system\s2gs.exe" = protocol=6 | dir=in | app=c:\program files\ascaron entertainment\sacred 2 - fallen angel\system\s2gs.exe | "TCP Query User{DE7C9953-E417-407B-911B-4DEF7C0D58C8}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | "TCP Query User{DF0B0D1B-7ECE-4C6D-ADDB-40111657498B}C:\program files\ascaron entertainment\sacred underworld\gameserver.exe" = protocol=6 | dir=in | app=c:\program files\ascaron entertainment\sacred underworld\gameserver.exe | "TCP Query User{E785C909-0D97-4905-BF0A-6342A605EAEC}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{F7124DBB-85BE-4654-9572-3ACF5541571C}C:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | "UDP Query User{05EDAB25-812B-469E-A245-106412AC3A15}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | "UDP Query User{06FFB845-A650-4A6F-A911-680BA4E3074D}C:\users\tobias\appdata\local\temp\7zs844.tmp\hl.exe" = protocol=17 | dir=in | app=c:\users\tobias\appdata\local\temp\7zs844.tmp\hl.exe | "UDP Query User{08E55A0D-E001-49D0-9683-1EE00DD41A8D}C:\program files\ascaron entertainment\sacred underworld\sacred.exe" = protocol=17 | dir=in | app=c:\program files\ascaron entertainment\sacred underworld\sacred.exe | "UDP Query User{09EF8D30-504D-4A28-B4D5-0BE6FA6B4F5A}C:\program files\metin2_germany\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2_germany\metin2.bin | "UDP Query User{0D7AB41B-E428-4A40-9F32-5E619F118407}C:\program files\ascaron entertainment\sacred 2 - fallen angel\system\s2gs.exe" = protocol=17 | dir=in | app=c:\program files\ascaron entertainment\sacred 2 - fallen angel\system\s2gs.exe | "UDP Query User{18AA9E4A-083D-49B7-98E3-D2CC26860BB3}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | "UDP Query User{1A80EFF7-901F-43D0-A1AD-0A2322D908FD}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | "UDP Query User{20601EB6-51E9-4A5E-821E-1CEDD6709D58}C:\program files\gamigo games\smash online\smashonline.exe" = protocol=17 | dir=in | app=c:\program files\gamigo games\smash online\smashonline.exe | "UDP Query User{219734C4-9506-480E-932C-F8619A0D64D0}C:\users\tobias\downloads\aion emulator\novos_easy_aionunique_emulator_repack_0.1.3\aionemulator\java portable\jdk\bin\java.exe" = protocol=17 | dir=in | app=c:\users\tobias\downloads\aion emulator\novos_easy_aionunique_emulator_repack_0.1.3\aionemulator\java portable\jdk\bin\java.exe | "UDP Query User{2A62C4CB-661F-41A0-935C-819189A809E1}C:\program files\blobby volley 2.0 alpha 6\blobby-server.exe" = protocol=17 | dir=in | app=c:\program files\blobby volley 2.0 alpha 6\blobby-server.exe | "UDP Query User{33D17527-2222-4B35-A465-336D4993C068}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{47DF5660-2FD3-4AA3-9849-57EF4AB09DBE}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "UDP Query User{55217F21-E645-4EB7-AB11-D82976AD72B6}C:\program files\congstar webradio\ps_olect.exe" = protocol=17 | dir=in | app=c:\program files\congstar webradio\ps_olect.exe | "UDP Query User{55F1921A-CF13-4B16-8371-D258EC45308A}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe | "UDP Query User{580E9F6F-EB00-4B7B-B7BD-D3398A2D0E11}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{59964542-0EB0-46FE-BCE1-2BA937D1E4EF}C:\program files\littlefighter2\lf2_v2.0\lf2.exe" = protocol=17 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0\lf2.exe | "UDP Query User{59D07884-18FD-46AC-A258-1FACE4974DF4}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | "UDP Query User{64AFFDE6-944A-4CFB-983A-D16D5E854B13}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "UDP Query User{6C2D330E-C201-4C6D-9693-64EDF5B565F5}C:\users\tobias\appdata\local\temp\7zsf0bd.tmp\hl.exe" = protocol=17 | dir=in | app=c:\users\tobias\appdata\local\temp\7zsf0bd.tmp\hl.exe | "UDP Query User{6C5D866B-D205-4BB6-B7C4-0DA2DEDF45C4}C:\users\tobias\downloads\yuleech-runesofmagic2_0_1_1821-de.exe" = protocol=17 | dir=in | app=c:\users\tobias\downloads\yuleech-runesofmagic2_0_1_1821-de.exe | "UDP Query User{72CD431C-C8AD-44C5-8342-9DF4499D51F6}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | "UDP Query User{78C0AFD8-29D4-41E9-85D0-190ED2229FAD}C:\ijji\english\u_sf\soldierfront.exe" = protocol=17 | dir=in | app=c:\ijji\english\u_sf\soldierfront.exe | "UDP Query User{796DD58D-EE86-41D2-AC4F-6A262B2AF013}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "UDP Query User{8210B104-3946-4AA6-81B4-431E41CCA237}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | "UDP Query User{86845BA3-C7B7-4B45-8004-5BC27EAF7A06}C:\program files\ascaron entertainment\sacred underworld\gameserver.exe" = protocol=17 | dir=in | app=c:\program files\ascaron entertainment\sacred underworld\gameserver.exe | "UDP Query User{900AD234-0CEE-4BA8-BAD8-349554494E89}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{92F6B3F6-60AD-4F64-9D59-48A94F753957}C:\users\tobias\downloads\aion emulator\novos_easy_aionunique_emulator_repack_0.1.3\aionemulator\usr\local\mysql\bin\mysqld-opt.exe" = protocol=17 | dir=in | app=c:\users\tobias\downloads\aion emulator\novos_easy_aionunique_emulator_repack_0.1.3\aionemulator\usr\local\mysql\bin\mysqld-opt.exe | "UDP Query User{9773758B-0E81-4688-8BA6-17BE3545FC96}C:\program files\reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files\reactor\reactor.exe | "UDP Query User{B15E6B38-44B2-472F-830D-671A0E8888F6}C:\users\tobias\downloads\aion emulator\novos_easy_aionunique_emulator_repack_0.1.3\aionemulator\usr\local\apache2\bin\apache_16.exe" = protocol=17 | dir=in | app=c:\users\tobias\downloads\aion emulator\novos_easy_aionunique_emulator_repack_0.1.3\aionemulator\usr\local\apache2\bin\apache_16.exe | "UDP Query User{BE61808C-A11B-4D91-8751-195101E6CAFB}C:\users\gast\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\gast\program files\dna\btdna.exe | "UDP Query User{C015EEB5-EA55-4D23-B95A-C597C49DFA3D}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | "UDP Query User{C68A6ECC-61F7-4F57-B731-492F0BD9EB01}C:\program files\tmunitedforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmunitedforever\tmforever.exe | "UDP Query User{CDA97522-A0CE-4EAA-B266-178F8FB8AF40}C:\users\tobias\appdata\local\temp\7zs8d32.tmp\hl.exe" = protocol=17 | dir=in | app=c:\users\tobias\appdata\local\temp\7zs8d32.tmp\hl.exe | "UDP Query User{CE129915-2AE1-4AB2-9B4D-95F523A4BDD2}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{D5B3F91E-CF46-4080-A968-359647557E42}C:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | "UDP Query User{E848BDA1-E8D1-4D33-9486-B4E398D4A8B8}C:\users\tobias\appdata\local\temp\rar$ex00.391\volley.exe" = protocol=17 | dir=in | app=c:\users\tobias\appdata\local\temp\rar$ex00.391\volley.exe | "UDP Query User{EDD9EAA9-5F56-4AAB-BBED-2B236C897646}C:\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{007BECB0-17DD-4230-9D2F-185287262B14}" = Microsoft XNA Game Studio 3.1 (Platformer) "{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour "{0DC16794-7E69-4534-82FA-9DD0500FF338}" = Microsoft XNA Game Studio 3.1 (Redists) "{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu "{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2 "{13800ED7-C5CA-35FB-A612-2296DEF19BB0}" = Microsoft Visual Web Developer 2008 Express Edition with SP1 - DEU "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11 "{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}" = Microsoft SQL Server 2008 Setup Support Files (English) "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types "{38C7CB9E-1451-38D5-BB97-B7FC59E1A8B8}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Web - deu "{3BA37E38-B53D-4520-B8DA-1DD62AD3A74E}" = Microsoft XNA Game Studio 3.1 (VCSExpress) "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime "{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404 "{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared "{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files "{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008-Browser "{506DDFBE-983F-4BC3-84B8-65F423B2D798}" = NVIDIA PhysX "{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services "{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = PlayNC Launcher "{68D2A2E2-6B64-4433-8073-0605EB306C1B}" = Gothic 3 Gold "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2 "{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch) "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7C9C4474-74D6-42F4-A6D3-C9BD5C8871D3}" = Anno 1404 "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{7FD30AE7-281D-455F-AF9F-0C6C5E334EAD}" = Microsoft XNA Game Studio 3.1 Documentation "{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support "{88137A28-4E5B-4E56-B90C-E8AE768305A2}" = Rabbids Go Home - DVD "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A261769-9640-4DB4-B877-3E00C61967F3}_is1" = concept/design onlineTV 5 "{8ADE24B2-DCA4-4A1E-8B52-A5B435522D9E}" = Soldier Front "{8EDCE870-7A65-4448-B8CB-8045659F79CC}" = Chemicus II "{8F714418-F3C3-3BF0-B548-E4BDA7AD41DE}" = Microsoft Visual Basic 2008 Express Edition with SP1 - DEU "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007 "{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0021-0407-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (German) 2007 "{90120000-0021-0407-0000-0000000FF1CE}_VisualWebDeveloper_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_VisualWebDeveloper_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR "{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage "{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.3 "{9BB98644-282F-4B35-8851-1E04F6E1A33C}" = Microsoft DirectX 9.0 SDK "{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™ "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution "{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch "{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer "{AF9BDE67-11A5-449A-B9F0-BE572A093DDB}" = Microsoft XNA Game Studio 3.1 (Shared Components) "{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services "{B593FA46-32FA-4464-A786-A853F979EE3A}_is1" = Gear Full Circle 10/31/2010 Build "{B69F28DF-CBB1-41B7-008A-210E4D0518FC}" = Harry Potter und der Orden des Phönix™ "{BA96A695-E9CE-4B2A-919A-540B73E7A78E}" = Microsoft Platform SDK (3790.1830) "{BED4CEEC-863F-4AB3-BA23-541764E2D2CE}" = Microsoft XNA Game Studio Platform Tools "{C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}" = iTunes "{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client "{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program "{CC13FB47-0B90-46C3-9BB7-57D2DB455D4D}" = Microsoft Xbox 360 Accessories 1.1 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE111B5C-27F5-B74D-C15A-CAFDD2E21837}" = Reg (DOFUS Audio Subsystem) "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CECB5CA0-6908-45EA-B18E-64C61B11DA99}" = Family Tree Maker 2008 "{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005 "{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = DIE SIEDLER - Aufstieg eines Königreichs "{D5A7D7AB-3093-3619-9261-74DB250ECF7B}" = Microsoft Visual C++ 2008 Express Edition with SP1 - DEU "{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver "{DFB81F19-ED3A-4DA5-AFE4-1B999E2A8DC5}" = Microsoft XNA Game Studio 3.1 (XnaLiveProxy) "{E1D78366-91DA-4AD0-B417-28155743CC22}" = Microsoft XNA Game Studio 3.1 (ARP entry) "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}" = Microsoft WSE 3.0 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver "{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared "{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects "{F8D315CF-615E-3AAC-ABF6-C0FA91EDDDBA}" = Microsoft Visual C# 2008 Express Edition with SP1 - DEU "{F916C6DF-2601-4385-9500-C45FF398D4CB}" = Install(GE) "{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch) "{FB4F9000-04FC-11E0-85D2-001AA037B01E}" = Google Earth Plug-in "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files "3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Akamai" = Akamai NetSession Interface "ASIO4ALL" = ASIO4ALL "Ask Toolbar_is1" = Ask Toolbar "Audacity_is1" = Audacity 1.2.6 "Blender" = Blender (remove only) "Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1 "Clever" = Clever "C-Media CM106 Like Sound Driver" = SPEED-LINK Medusa 5.1 USB "Collab" = Collab "Dragonica(DE)" = Dragonica(DE) "DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar "E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Windows-Treiberpaket - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0) "EADM" = EA Download Manager "FormatFactory" = FormatFactory 2.30 "Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.0 "Free YouTube Download_is1" = Free YouTube Download 2.8 "GAMEFORGE Nostale(DE)_is1" = Nostale Online DE (Remove) "Grand Fantasia" = Grand Fantasia "Gtk+ Runtime Environment" = Gtk+ Runtime Environment 2.6.10-rc1 "HyperCam 2" = HyperCam 2 "ICQToolbar" = ICQ Toolbar "Icy Tower v1.4_is1" = Icy Tower v1.4 "IL Download Manager" = IL Download Manager "InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer "InstallShield_{CECB5CA0-6908-45EA-B18E-64C61B11DA99}" = Family Tree Maker 2008 "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "lgx4.lgx.server" = G DATA Logox 4 Speechengine "lvdrivers_11.50" = Logitech QuickCam-Treiberpaket "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 "Microsoft Visual Basic 2008 Express Edition with SP1 - DEU" = Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU "Microsoft Visual C# 2008 Express Edition with SP1 - DEU" = Microsoft Visual C# 2008 Express Edition mit SP1 - DEU "Microsoft Visual C++ 2008 Express Edition with SP1 - DEU" = Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU "Microsoft Visual Web Developer 2008 Express Edition with SP1 - DEU" = Microsoft Visual Web Developer 2008 Express Edition mit SP1 - DEU "Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15) "NVIDIA Drivers" = NVIDIA Drivers "OpenAL" = OpenAL "Opera 11.01.1190" = Opera 11.01 "PoiZone" = PoiZone "RegTesting.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1" = Reg (DOFUS Audio Subsystem) "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software "Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software "StarCraft II" = StarCraft II "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TiEmu" = TiEmu 3.02a "TmNationsForever_is1" = TmNationsForever Update 2010-03-15 "TmUnitedForever_is1" = TmUnitedForever "Two Worlds" = Two Worlds "Uninstall_is1" = Uninstall 1.0.0.1 "VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component "VLC media player" = VLC media player 0.9.8a "Warcraft III" = Warcraft III "WinGimp-2.0_is1" = GIMP 2.6.8 "WinRAR archiver" = WinRAR "World of Warcraft" = World of Warcraft "ws4.webspeech" = G DATA WebSpeech 4 "XMedia Recode" = XMedia Recode 2.1.1.1 "XNA Game Studio 3.1" = Microsoft XNA Game Studio 3.1 "Yenka" = Yenka ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "3d2559ee28c0dad9" = Notenplaner "Arkadion-X" = Arkadion-X "b75c21f1821527a0" = NosTale Wahrscheinlichkeitsprogramm "BitTorrent DNA" = DNA "CreepSmash.com" = CreepSmash.com "Move Media Player" = Move Media Player "PlanetWerks" = PlanetWerks "SimAquarium" = SimAquarium ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 01.03.2010 12:44:20 | Computer Name = Tobias-PC | Source = SecurityCenter | ID = 3 Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern zu überwachen. Error - 01.03.2010 12:46:51 | Computer Name = Tobias-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 01.03.2010 12:46:51 | Computer Name = Tobias-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 01.03.2010 16:43:29 | Computer Name = Tobias-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung icytower14.exe, Version 0.0.0.0, Zeitstempel 0x4a1e445f, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9, Ausnahmecode 0xc0000005, Fehleroffset 0x0003b15f, Prozess-ID 0xdb8, Anwendungsstartzeit 01cab97edf07ba8c. Error - 02.03.2010 09:01:10 | Computer Name = Tobias-PC | Source = SecurityCenter | ID = 3 Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern zu überwachen. Error - 02.03.2010 15:15:25 | Computer Name = Tobias-PC | Source = SecurityCenter | ID = 3 Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern zu überwachen. Error - 03.03.2010 13:10:40 | Computer Name = Tobias-PC | Source = SecurityCenter | ID = 3 Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern zu überwachen. Error - 04.03.2010 12:52:45 | Computer Name = Tobias-PC | Source = SecurityCenter | ID = 3 Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der WMI herstellen, um Antivirus, AntiSpyware- und Firewallprogramme von Drittanbietern zu überwachen. Error - 04.03.2010 12:55:14 | Computer Name = Tobias-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 04.03.2010 12:55:15 | Computer Name = Tobias-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = [ Media Center Events ] Error - 10.01.2009 14:20:00 | Computer Name = Tobias-PC | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.SqmFlushSession failed; Win32 GetLastError returned 0D Prozess: DefaultDomain Objektname: Media Center Guide Error - 02.05.2009 12:44:12 | Computer Name = Tobias-PC | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide Error - 24.05.2009 14:31:54 | Computer Name = Tobias-PC | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide Error - 24.05.2009 14:31:56 | Computer Name = Tobias-PC | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide Error - 24.05.2009 14:32:38 | Computer Name = Tobias-PC | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide Error - 24.05.2009 14:37:06 | Computer Name = Tobias-PC | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide Error - 30.07.2009 04:08:45 | Computer Name = Tobias-PC | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide Error - 09.09.2009 13:33:28 | Computer Name = Tobias-PC | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide Error - 20.03.2010 10:13:48 | Computer Name = Tobias-PC | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide [ System Events ] Error - 11.03.2011 09:01:34 | Computer Name = Tobias-PC | Source = ACPI | ID = 327686 Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz 6, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten. Error - 12.03.2011 09:02:44 | Computer Name = Tobias-PC | Source = ACPI | ID = 327686 Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz 2, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten. Error - 12.03.2011 09:02:44 | Computer Name = Tobias-PC | Source = ACPI | ID = 327686 Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz 4, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten. Error - 12.03.2011 09:02:44 | Computer Name = Tobias-PC | Source = ACPI | ID = 327686 Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz 6, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten. Error - 12.03.2011 19:03:40 | Computer Name = Tobias-PC | Source = ACPI | ID = 327686 Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz 2, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten. Error - 12.03.2011 19:03:40 | Computer Name = Tobias-PC | Source = ACPI | ID = 327686 Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz 4, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten. Error - 12.03.2011 19:03:40 | Computer Name = Tobias-PC | Source = ACPI | ID = 327686 Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz 6, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten. Error - 13.03.2011 07:30:23 | Computer Name = Tobias-PC | Source = ACPI | ID = 327686 Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz 2, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten. Error - 13.03.2011 07:30:23 | Computer Name = Tobias-PC | Source = ACPI | ID = 327686 Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz 4, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten. Error - 13.03.2011 07:30:23 | Computer Name = Tobias-PC | Source = ACPI | ID = 327686 Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz 6, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten. < End of report > Ich hoffe ihr könnt mir helfen. mfg Tobi |
| Themen zu Schädling zwint Internet Explorer auf |
| 0x00000001, akamai, askbar, audacity, backdoor, bonjour, computer, conduit, converter, device driver, error, excel, excel.exe, failed, firefox, flash player, google, home, install.exe, location, logfile, media center, metin2, mp3, ntdll.dll, nvlddmkm.sys, office 2007, oldtimer, opera.exe, otl.exe, otl.txt, plug-in, programdata, realtek, saver, scan, schädling, searchplugins, security, security update, server, shell32.dll, skype.exe, software, start menu, studio, system, teamspeak, tower, trojan.spyeyes, trojaner-board, virus, vista, visual studio, windows-sicherheitscenter |
Baum-Darstellung