Gvu trojaner 2013 mit webcam infiziert

cosinus · 14.02.2013, 16:47

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Danach eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in CODE-Tags hier in den Thread.

PascalReger · 14.02.2013, 17:15

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v2.112 - Datei am 14/02/2013 um 17:07:01 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Pascal - PASCAL-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Pascal\Downloads\adwcleaner0.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\ConduitEngine
Ordner Gelöscht : C:\Program Files\NCH_EN
Ordner Gelöscht : C:\Users\Pascal\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk
Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\NCH_EN
Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\nni4695t.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\nni4695t.default\extensions\support@predictad.com

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\NCH_EN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37483B40-C254-4A72-BDA4-22EE90182C1E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37483B40-C254-4A72-BDA4-22EE90182C1E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKCU\Software\SMTTB2009
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Somoto Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{37483B40-C254-4A72-BDA4-22EE90182C1E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7E82357-91F1-4842-96C5-A0443A074A73}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DC4427D-D4FF-41D3-BFD7-C50946034E26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B18D985C-27AC-4415-BC90-D7053BDF140C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9E10C00-BF0F-4EDE-BA35-A10426086DC5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37483B40-C254-4A72-BDA4-22EE90182C1E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7E82357-91F1-4842-96C5-A0443A074A73}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NCH_EN Toolbar
Schlüssel Gelöscht : HKLM\Software\NCH_EN
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{37483B40-C254-4A72-BDA4-22EE90182C1E}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{37483B40-C254-4A72-BDA4-22EE90182C1E}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{37483B40-C254-4A72-BDA4-22EE90182C1E}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v12.0 (de)

Datei : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\nni4695t.default\prefs.js

C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\nni4695t.default\user.js ... Gelöscht !

Gelöscht : user_pref("somoto.bubble_src", "hxxp%3A//www.bigseekpro.com/widget/aa1b63e83e71f843065e768f5e6a3daf/[...]

-\\ Google Chrome v24.0.1312.57

Datei : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [9682 octets] - [14/02/2013 17:07:01]

########## EOF - C:\AdwCleaner[S1].txt - [9742 octets] ##########

--- --- ---

Code:

ATTFilter

OTL logfile created on: 14.02.2013 17:13:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Pascal\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 68,08% Memory free
6,00 Gb Paging File | 4,94 Gb Available in Paging File | 82,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 173,40 Gb Free Space | 37,23% Space Free | Partition Type: NTFS
Drive E: | 2,01 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: PASCAL-PC | User Name: Pascal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Pascal\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG)
PRC - C:\Programme\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\XFastUsb\XFastUsb.exe (FNet Co., Ltd.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Programme\Mobile Partner Manager\AssistantServices.exe ()
PRC - C:\Programme\Mobile Partner Manager\UIExec.exe ()
PRC - C:\Programme\Ashampoo\Ashampoo WinOptimizer 8\DfSdkS.exe (mst software GmbH, Germany)
PRC - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
PRC - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
PRC - C:\Programme\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\Mobile Partner Manager\UIExec.exe ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Netzmanager Service) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (UI Assistant Service) -- C:\Programme\Mobile Partner Manager\AssistantServices.exe ()
SRV - (DfSdkS) -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 8\DfSdkS.exe (mst software GmbH, Germany)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MSICDSetup) -- D:\CDriver.sys File not found
DRV - (catchme) -- C:\Users\Pascal\AppData\Local\Temp\catchme.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (Apowersoft_AudioDevice) -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (FNETTBOH_305) -- C:\Windows\System32\drivers\FNETTBOH_305.SYS (FNet Co., Ltd.)
DRV - (FNETURPX) -- C:\Windows\System32\drivers\FNETURPX.SYS (FNet Co., Ltd.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (WinRing0_1_2_0) -- C:\Programme\IObit\Game Booster 3\Driver\WinRing0.sys (OpenLibSys.org)
DRV - (TelekomNM3) -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation                           )
DRV - (AsrAppCharger) -- C:\Windows\System32\drivers\AsrAppCharger.sys (Windows (R) Win 7 DDK provider)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (AndGps) -- C:\Windows\System32\drivers\lgandgps.sys (LG Electronics Inc.)
DRV - (AndDiag) -- C:\Windows\System32\drivers\lganddiag.sys (LG Electronics Inc.)
DRV - (ANDModem) -- C:\Windows\System32\drivers\lgandmodem.sys (LG Electronics Inc.)
DRV - (Andbus) -- C:\Windows\System32\drivers\lgandbus.sys (LG Electronics Inc.)
DRV - (androidusb) -- C:\Windows\System32\drivers\lgandadb.sys (Google Inc)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (hwusbdev) -- C:\Windows\System32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (CLEDX) -- C:\Windows\System32\drivers\cledx.sys (Team H2O)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 04 0B 92 16 C7 46 CC 01  [binary data]
IE - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\..\SearchScopes\{0A7C8B4E-A7AB-46CF-898F-9C093B798333}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\..\SearchScopes\{34F6E3FD-A231-441A-8F85-DA39992B2FD9}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\..\SearchScopes\{3DB9F006-E73E-4648-A5AF-31EB1D2C7439}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MXGB_deDE510
IE - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\..\SearchScopes\{FDC14845-92E0-4300-BE4C-BB33F1F0F4BB}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.8
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files\Battlelog Web Plugins\1.138.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\Pascal\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pascal\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pascal\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.02.14 16:19:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.23 13:22:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.13 18:36:53 | 000,000,000 | ---D | M]
 
[2011.06.07 10:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pascal\AppData\Roaming\mozilla\Extensions
[2013.02.14 17:07:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pascal\AppData\Roaming\mozilla\Firefox\Profiles\nni4695t.default\extensions
[2013.02.14 16:00:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\PASCAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NNI4695T.DEFAULT\EXTENSIONS\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2012.07.21 14:50:53 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.08.16 20:42:07 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.07.21 14:50:50 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.21 14:50:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.21 14:50:50 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.21 14:50:50 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.21 14:50:50 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.21 14:50:50 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pascal\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pascal\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Pascal\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pascal\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Protect Disc License Acquisition Plugin (Enabled) = C:\Users\Pascal\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
 
O1 HOSTS File: ([2013.02.14 14:43:24 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [FILSHtray] C:\Program Files\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
O4 - HKLM..\Run: [H2O] C:\Programme\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [UIExec] C:\Program Files\Mobile Partner Manager\UIExec.exe ()
O4 - HKLM..\Run: [XFastUsb] C:\Programme\XFastUsb\XFastUsb.exe (FNet Co., Ltd.)
O4 - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAVolume = 0
O7 - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCANetwork = 0
O7 - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCABattery = 0
O7 - HKU\S-1-5-21-3180806219-2987136475-2523560488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.196.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.80.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4005449D-608D-4766-86BE-D3619A65B178}: NameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4EC166F5-11BE-4B20-A332-F9BE4608AD23}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD8D62F5-4B09-46B2-A88F-EEBE97EFE6EC}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.01.24 13:37:24 | 000,120,128 | -H-- | M] () - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2005.09.06 18:33:30 | 000,000,156 | -H-- | M] () - E:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.14 16:19:19 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013.02.14 15:59:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.02.14 14:44:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.02.14 14:44:30 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.02.14 14:44:30 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\temp
[2013.02.14 14:37:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.02.14 14:37:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.02.14 14:37:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.02.14 14:12:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.02.14 14:12:29 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.02.14 13:00:42 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Pascal\Desktop\tdsskiller.exe
[2013.02.14 12:33:03 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Pascal\Desktop\aswMBR.exe
[2013.02.14 11:13:03 | 000,000,000 | ---D | C] -- C:\Users\Pascal\Desktop\mbar-1.01.0.1020
[2013.02.13 12:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.13 12:51:39 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.02.13 02:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\Astroburn Lite
[2013.02.13 02:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Astroburn Lite
[2013.02.13 01:33:54 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\Malwarebytes
[2013.02.13 01:33:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.02.13 01:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.04 21:57:04 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments Massive
[2013.02.04 21:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments Massive
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.14 17:10:49 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.14 17:10:48 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2013.02.14 17:08:26 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.14 17:08:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.14 17:00:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3180806219-2987136475-2523560488-1000UA.job
[2013.02.14 16:34:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.14 16:28:20 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.14 16:28:20 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.14 16:19:18 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.02.14 16:05:07 | 000,018,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.14 16:05:07 | 000,018,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.14 14:43:24 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.02.14 13:00:50 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Pascal\Desktop\tdsskiller.exe
[2013.02.14 12:56:07 | 000,000,512 | ---- | M] () -- C:\Users\Pascal\Desktop\MBR.dat
[2013.02.14 12:34:16 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Pascal\Desktop\aswMBR.exe
[2013.02.14 11:12:24 | 013,711,621 | ---- | M] () -- C:\Users\Pascal\Desktop\mbar-1.01.0.1020.zip
[2013.02.13 13:09:42 | 000,000,156 | ---- | M] () -- C:\Users\Pascal\defogger_reenable
[2013.02.13 12:51:41 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.13 11:56:48 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.13 11:56:48 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.13 11:56:48 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.13 11:56:48 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.13 03:57:56 | 000,024,064 | ---- | M] (Gerhard Schlager) -- C:\Windows\System32\ctfmon.exe
[2013.02.07 20:00:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3180806219-2987136475-2523560488-1000Core.job
[2013.02.03 18:50:03 | 000,036,104 | ---- | M] () -- C:\Users\Pascal\Documents\not-sure-if-meme-hipster.jpg
[2013.02.03 13:17:40 | 000,113,768 | ---- | M] () -- C:\Users\Pascal\Documents\deadmau5.jpg
[2013.01.30 20:04:26 | 000,049,902 | ---- | M] () -- C:\Users\Pascal\Documents\1281462591_51vtryqyvvl__ss500_.jpg
[2013.01.26 10:14:50 | 000,204,871 | ---- | M] () -- C:\Users\Pascal\Documents\73387_425298960871872_1425311602_n.jpg
[2013.01.23 10:36:09 | 000,063,344 | ---- | M] () -- C:\Users\Pascal\Documents\43858944.jpg
 
========== Files Created - No Company Name ==========
 
[2013.02.14 14:37:10 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.02.14 14:37:10 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.02.14 14:37:10 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.02.14 14:37:10 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.02.14 14:37:10 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.02.14 12:56:07 | 000,000,512 | ---- | C] () -- C:\Users\Pascal\Desktop\MBR.dat
[2013.02.14 11:11:28 | 013,711,621 | ---- | C] () -- C:\Users\Pascal\Desktop\mbar-1.01.0.1020.zip
[2013.02.13 13:09:40 | 000,000,156 | ---- | C] () -- C:\Users\Pascal\defogger_reenable
[2013.02.13 12:51:41 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.03 18:50:09 | 000,036,104 | ---- | C] () -- C:\Users\Pascal\Documents\not-sure-if-meme-hipster.jpg
[2013.02.03 13:17:56 | 000,113,768 | ---- | C] () -- C:\Users\Pascal\Documents\deadmau5.jpg
[2013.01.30 20:04:30 | 000,049,902 | ---- | C] () -- C:\Users\Pascal\Documents\1281462591_51vtryqyvvl__ss500_.jpg
[2013.01.26 10:15:20 | 000,204,871 | ---- | C] () -- C:\Users\Pascal\Documents\73387_425298960871872_1425311602_n.jpg
[2013.01.23 10:36:14 | 000,063,344 | ---- | C] () -- C:\Users\Pascal\Documents\43858944.jpg
[2012.12.05 15:41:37 | 000,065,536 | -H-- | C] () -- C:\Windows\System32\WebCamLib.dll
[2012.11.18 22:58:34 | 000,139,080 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.11.18 22:58:34 | 000,138,056 | ---- | C] () -- C:\Users\Pascal\AppData\Roaming\PnkBstrK.sys
[2012.11.18 22:58:11 | 000,270,240 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012.11.18 22:58:10 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012.11.02 20:15:33 | 000,828,671 | ---- | C] () -- C:\Users\Pascal\AppData\Local\Tempmusic.ogg
[2012.10.26 18:40:44 | 003,536,817 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012.10.08 20:26:10 | 000,001,467 | ---- | C] () -- C:\Users\Pascal\.recently-used.xbel
[2012.05.19 16:14:18 | 000,001,206 | ---- | C] () -- C:\Users\Pascal\AppData\Roaming\CamStudio.Producer.ini
[2012.05.19 16:14:18 | 000,000,000 | ---- | C] () -- C:\Users\Pascal\AppData\Roaming\CamStudio.Producer.Data.ini
[2012.05.03 20:30:40 | 000,000,001 | ---- | C] () -- C:\Users\Pascal\0.cdat
[2012.01.30 22:35:09 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2012.01.30 22:35:09 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011.12.07 18:24:28 | 000,000,280 | ---- | C] () -- C:\Windows\game.ini
[2011.09.02 19:44:44 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.08.13 14:01:33 | 000,000,313 | ---- | C] () -- C:\Windows\System32\aptmp.exe
[2011.08.10 17:09:08 | 000,000,604 | ---- | C] () -- C:\Windows\Edofma.INI
[2011.06.07 12:44:38 | 000,000,550 | ---- | C] () -- C:\Windows\eReg.dat
[2011.06.06 21:30:49 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2011.06.06 21:30:49 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2011.06.06 17:36:20 | 000,704,512 | R--- | C] () -- C:\Windows\System32\cohelper.dll
[2011.06.06 17:36:20 | 000,005,940 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Code:

ATTFilter

OTL Extras logfile created on: 14.02.2013 17:13:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Pascal\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 68,08% Memory free
6,00 Gb Paging File | 4,94 Gb Available in Paging File | 82,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 173,40 Gb Free Space | 37,23% Space Free | Partition Type: NTFS
Drive E: | 2,01 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: PASCAL-PC | User Name: Pascal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1DE06E1C-72A2-4658-B707-1906837ED91B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3107194F-24E8-4460-88F7-B232E65D6DAE}" = lport=138 | protocol=17 | dir=in | app=system | 
"{353BA680-E2A4-44E1-81C9-9A7B81EFA9B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{76A10545-3C38-4F0E-99BC-79D1B7BBF047}" = rport=138 | protocol=17 | dir=out | app=system | 
"{77977981-9C9B-4E08-9116-2558F6554D61}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{7E568506-1C74-4B46-9C17-6A1C25F4F561}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{86F83E5E-1B10-48FA-9CB1-113C9CAE9EB9}" = lport=137 | protocol=17 | dir=in | app=system | 
"{A6825819-2EFA-410B-8734-6749691F1B49}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B39A7E4E-EE49-4E2A-9E55-10F995F12867}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B8FE9BDC-FB13-4549-AFA1-FB593B100B86}" = lport=139 | protocol=6 | dir=in | app=system | 
"{D8CEA302-CF4D-4185-8394-F4AA7B3E5FAE}" = rport=445 | protocol=6 | dir=out | app=system | 
"{E1403F13-7383-428C-B8CB-B451EB2A1043}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{E881C05E-2D2E-4151-81B5-30B8C4A838D1}" = rport=137 | protocol=17 | dir=out | app=system | 
"{EE5A7302-0665-4B92-A030-14D02B4A03D6}" = lport=445 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0359E3BF-4328-4868-AB04-DCA8F7728F12}" = protocol=6 | dir=in | app=c:\program files\ubisoft\world in conflict\wic.exe | 
"{0406422B-E2BD-4854-B536-BABB469B33B4}" = protocol=6 | dir=in | app=c:\program files\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
"{0597DAC2-EDA8-4DA3-B6BB-B7A0BD921FAB}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{0856CAA2-5BBA-433E-B0E8-F32DD0D5A44B}" = protocol=17 | dir=in | app=c:\program files\rockstar games\eflc\launcheflc.exe | 
"{0C8B7CB3-2971-457E-A2C5-DD3499D5F4AB}" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe | 
"{0D7A9C9A-06B6-42B6-B844-0B26B5400B59}" = protocol=6 | dir=in | app=c:\program files\rockstar games\eflc\launcheflc.exe | 
"{0F8FD49F-5F01-4E1B-BE93-58A22D10FC55}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\lexusluger\counter-strike source\hl2.exe | 
"{11E10E45-FE36-4AB3-ABAE-F328933AFCC0}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2\arma2.exe | 
"{1638D10E-D7B0-4AF3-A4B4-A1FF076C9638}" = protocol=17 | dir=in | app=c:\program files\ubisoft\world in conflict\wic.exe | 
"{192A9B63-F900-4747-B7FE-2A05C8276D60}" = protocol=17 | dir=in | app=c:\program files\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe | 
"{1FDC2394-2CE8-4DEA-A657-4E04D5D18D80}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{20FD62CD-62D5-41E9-A54D-74E8FF7EB220}" = protocol=6 | dir=in | app=c:\program files\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 
"{2111D42D-09F1-46E2-805C-935C2F0FE4D0}" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe | 
"{23B66CF0-B1F9-474A-804E-F1A5284D9D04}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{317EA025-5DDD-47D1-B293-F2B4C78DF1A2}" = protocol=17 | dir=in | app=c:\program files\ubisoft\world in conflict\wic_ds.exe | 
"{32F7863C-03A0-46FC-AD0A-4B515FAF070C}" = protocol=6 | dir=in | app=c:\program files\ubisoft\world in conflict\wic_online.exe | 
"{35E53B8E-2D9E-4E1A-8BE9-BBD5356D55AB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe | 
"{38B87E17-E494-4497-A892-E8B39EC21442}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter 2\graw2_dedicated.exe | 
"{44B40EFD-8F7C-42BF-B868-580C5FEAF7E5}" = protocol=17 | dir=in | app=c:\program files\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe | 
"{48BDE269-0346-413B-ABBB-9E1D4C3BF070}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | 
"{4BB3551E-8BD2-4466-B97E-7791180F94F9}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{4E1E7D20-7C2D-4CF8-9333-CF7E44E51A85}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{4E2E0BE6-B43B-4ADE-8C9C-AEF899411184}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{544241BD-143F-44A3-890A-D656F9B9D337}" = protocol=17 | dir=in | app=c:\program files\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
"{5596AEA6-0FC4-4215-AF36-621D6190174C}" = protocol=6 | dir=in | app=c:\program files\valve\steam\steam.exe | 
"{57782BCF-B4F7-4D34-A78E-A45C4B922C54}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\lexusluger\day of defeat source\hl2.exe | 
"{57C255AF-76B3-432C-A794-708D28ED5734}" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe | 
"{6374BA1A-A706-4B58-A544-7D60361A82E5}" = protocol=6 | dir=in | app=c:\users\pascal\appdata\roaming\dropbox\bin\dropbox.exe | 
"{6742D14A-682E-41AC-B32F-F0FF35B0A444}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{677C3915-1459-46A7-97B3-B5846A800CBC}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{6896FDCE-09FA-42CC-90E1-408FFBDD69E5}" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx_dx10.exe | 
"{6A856107-E0F2-46E1-8D3F-5911EA75E8D9}" = protocol=17 | dir=in | app=c:\users\pascal\appdata\roaming\dropbox\bin\dropbox.exe | 
"{6F9FC5B7-188A-46DF-BEE5-18F373378819}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter 2\graw2_dedicated.exe | 
"{6FA43757-7268-4BB6-888C-6AC18E830B40}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{730AE2A4-4784-42A4-A2BF-E432734D28B6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{77B59D61-591A-45B7-8389-F72AF6C301B9}" = dir=in | app=c:\program files\apowersoft\screen recording suite\screen-recording-suite.exe | 
"{7AB5C482-8E89-408E-BB31-EFAEC923FA57}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter 2\graw2.exe | 
"{7B8B1CC0-1CDC-42BA-BD89-F9976E76220A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{7C870BEF-6779-4B47-B2E2-101AA453AB31}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | 
"{84B6F821-5111-4ACB-AE78-272E10680ACA}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2\arma2.exe | 
"{8E67F54F-A0BE-45D0-A11B-90CFF83FAF85}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{963643A9-8F5F-4BB7-BD4E-5D4A0EED1640}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter 2\graw2.exe | 
"{96CA6A62-9313-4856-8AC0-237DDE4074D1}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{998C8197-EDE0-402A-BDEF-E28493062A37}" = protocol=17 | dir=in | app=c:\program files\ubisoft\world in conflict\wic_online.exe | 
"{9DB07269-A3D6-4DC5-A931-1DD088C2FE16}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{9F032C83-0FFE-4428-8D09-7F3CFA2920D6}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{9FCD7B25-86DB-487E-9829-467F2F13DDE7}" = protocol=17 | dir=in | app=c:\program files\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 
"{9FD87759-A00D-47C1-AFFF-8B4D38F870F6}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{A14EF884-1F4D-44CE-AA1D-936244CB4F94}" = protocol=6 | dir=in | app=c:\program files\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe | 
"{ACEAFE3E-49F4-4763-A061-7AE397A4632F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe | 
"{AFF81E3D-594A-432E-B98F-9BB512779FC7}" = protocol=17 | dir=in | app=c:\program files\reality pump\earth 2160\earth2160_no_sse.exe | 
"{B72C7430-78A0-45F0-9BFE-83E3C69A0FE7}" = protocol=17 | dir=in | app=c:\program files\valve\steam\steam.exe | 
"{BB21FBBD-DFDF-4C67-9614-C54868DFE2A0}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{BB9AF177-7D03-47C3-BCFB-CCD017D4B4F9}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{C424638E-76D4-454D-AC74-C2E857A863C5}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{C9E6FC7E-2F93-479B-BEFF-D12F16C04E0A}" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe | 
"{D093524A-B325-42D1-908A-87DE17FB28C9}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{D9037877-97D9-4ACD-9C75-5D696CDD53D8}" = dir=in | app=c:\program files\apowersoft\screen recording suite\screenrecordingsuite.exe | 
"{DA828283-DCC9-442B-A5B8-17B880868EDF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\metro 2033\metro2033.exe | 
"{DA82D65F-3376-4A3F-989D-10F03C8AF3CA}" = protocol=6 | dir=in | app=c:\program files\reality pump\earth 2160\earth2160_sse.exe | 
"{DD1EAA7B-A289-4315-B384-FA628B69FD5E}" = protocol=6 | dir=in | app=c:\program files\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe | 
"{DE0FCFDA-B84D-4FD6-AB76-643BA2693791}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\r.u.s.e\ruse.exe | 
"{DF4C2C86-0F9A-4EA2-A4B5-ED012678BD13}" = protocol=6 | dir=in | app=c:\program files\ubisoft\world in conflict\wic_ds.exe | 
"{E21960A6-7B79-4F78-9EC6-6002A90AAF38}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\metro 2033\metro2033.exe | 
"{E7B56168-278A-4F21-9B55-08C26007A4AA}" = protocol=17 | dir=in | app=c:\program files\origin games\battlefield 1942\bf1942.exe | 
"{E82B536D-93E8-40FA-8A9D-39BC0BD1E6FC}" = protocol=17 | dir=in | app=c:\program files\reality pump\earth 2160\earth2160_sse.exe | 
"{EB522692-9BC1-404B-AEC7-92ABEB476D5B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx_dx10.exe | 
"{ECE5F10A-4CA3-41C6-9060-9C606260AAD9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\r.u.s.e\ruse.exe | 
"{EE68A0F6-29C1-40A9-9DCF-20071211D386}" = protocol=6 | dir=in | app=c:\program files\reality pump\earth 2160\earth2160_no_sse.exe | 
"{F4FA4662-5406-4859-9AEE-40040DEB93B7}" = protocol=6 | dir=in | app=c:\program files\origin games\battlefield 1942\bf1942.exe | 
"{FABEDBCD-346B-4C25-8C9D-D599A32CC4CA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\lexusluger\counter-strike source\hl2.exe | 
"{FB1DD3B7-3F71-40D6-94F4-A2921D911CBB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{FE34076F-F38A-49B2-A2DE-5AB5F44D0A5F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\lexusluger\day of defeat source\hl2.exe | 
"TCP Query User{090BF863-3579-45F5-9E45-C5C4F26F2C71}C:\program files\ea games\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield vietnam\bfvietnam.exe | 
"TCP Query User{232DF918-79AB-44C7-A99E-08B72E9BBA1D}C:\program files\steam\steamapps\lexusluger\insurgency\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\lexusluger\insurgency\hl2.exe | 
"TCP Query User{263B8034-81B3-4032-A2D7-5BCFF9F61595}C:\program files\ea games\medal of honor pacific assault(tm) demo\mohpa_demo.exe" = protocol=6 | dir=in | app=c:\program files\ea games\medal of honor pacific assault(tm) demo\mohpa_demo.exe | 
"TCP Query User{2A8B322C-FF83-429C-9C34-FB45953257F1}C:\program files\duty calls\binaries\win32\dutycalls.exe" = protocol=6 | dir=in | app=c:\program files\duty calls\binaries\win32\dutycalls.exe | 
"TCP Query User{41A8E26B-E872-4883-B8C9-4DA20731BF74}C:\users\pascal\desktop\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\pascal\desktop\call of duty 4 - modern warfare\iw3mp.exe | 
"TCP Query User{522E8EB8-962B-425B-BD99-CE8AD7C8AEBE}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | 
"TCP Query User{52FB9875-306A-4EB9-91D5-46352001881C}C:\program files\ea games\battlefield heroes\bfheroes.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield heroes\bfheroes.exe | 
"TCP Query User{5AB30AF2-DB34-4B3E-A23F-17304FD352B9}C:\users\pascal\appdata\local\temp\b4c780c1800342968e70e4f2d0e206ed\relicdownloader.exe" = protocol=6 | dir=in | app=c:\users\pascal\appdata\local\temp\b4c780c1800342968e70e4f2d0e206ed\relicdownloader.exe | 
"TCP Query User{71B140E9-A2C9-4DF7-8827-6D6F96629CB1}C:\program files\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty\codmp.exe | 
"TCP Query User{7D2F6781-1B1A-4501-9B9F-435BBC49C9FB}C:\program files\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe | 
"TCP Query User{8703D626-DC2D-443F-99C4-6C5BE363C235}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe | 
"TCP Query User{A25BA49F-5A99-4EC6-977B-E92AE5C7A567}C:\users\pascal\appdata\local\temp\edcfce51166845da8e9ba9aa58bdd7c8\relicdownloader.exe" = protocol=6 | dir=in | app=c:\users\pascal\appdata\local\temp\edcfce51166845da8e9ba9aa58bdd7c8\relicdownloader.exe | 
"TCP Query User{A4537B76-6E2A-422C-9775-A1F2D6B31EAB}C:\program files\activision\empires dawn of the modern world\empires_dmw.exe" = protocol=6 | dir=in | app=c:\program files\activision\empires dawn of the modern world\empires_dmw.exe | 
"TCP Query User{AA4C50C6-A6C9-426E-9CA0-1F1DEB3D5B37}C:\program files\ubisoft\ghost recon advanced warfighter\graw.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter\graw.exe | 
"TCP Query User{B101C106-CC1F-4C00-87E9-0A59CD5FBE1E}C:\program files\ea games\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 1942\bf1942.exe | 
"TCP Query User{C59CADEB-FA7C-42A4-B0B5-97CDEF5253FA}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe | 
"TCP Query User{E86E99A3-E9D4-4F65-A650-07B253B6411B}C:\users\pascal\appdata\local\apps\2.0\rgcc854z.kjm\whp6tr47.mz9\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=6 | dir=in | app=c:\users\pascal\appdata\local\apps\2.0\rgcc854z.kjm\whp6tr47.mz9\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe | 
"TCP Query User{F1B96DAD-AC3D-4EB3-9910-8431FC95DF46}C:\program files\rockstar games\eflc\eflc.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\eflc\eflc.exe | 
"TCP Query User{FAE4E562-BB45-49D6-B1A7-E2370D4535E0}C:\users\pascal\appdata\local\temp\c391d4b36b2c4cb2942dff35b485372b\relicdownloader.exe" = protocol=6 | dir=in | app=c:\users\pascal\appdata\local\temp\c391d4b36b2c4cb2942dff35b485372b\relicdownloader.exe | 
"UDP Query User{19F4F651-66A4-4315-90B8-185B4D3C9B3E}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | 
"UDP Query User{1DC3C6F5-16DD-40FE-AD58-4C27341C7C60}C:\program files\ea games\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield vietnam\bfvietnam.exe | 
"UDP Query User{257C17CA-995F-4767-BF30-D15AE607A2B5}C:\program files\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty\codmp.exe | 
"UDP Query User{34B175F6-8772-4460-9B28-42F4D73AFD6A}C:\program files\duty calls\binaries\win32\dutycalls.exe" = protocol=17 | dir=in | app=c:\program files\duty calls\binaries\win32\dutycalls.exe | 
"UDP Query User{4A9694D4-0B68-45C4-A935-778F236997CF}C:\program files\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe | 
"UDP Query User{61377129-202F-485A-98F2-11145BDB35D9}C:\program files\rockstar games\eflc\eflc.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\eflc\eflc.exe | 
"UDP Query User{6D4C5CAD-5311-49E3-A0AF-CE47F0EF6C27}C:\program files\activision\empires dawn of the modern world\empires_dmw.exe" = protocol=17 | dir=in | app=c:\program files\activision\empires dawn of the modern world\empires_dmw.exe | 
"UDP Query User{8146C230-E73F-4746-B25B-7BC874B7417B}C:\program files\steam\steamapps\lexusluger\insurgency\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\lexusluger\insurgency\hl2.exe | 
"UDP Query User{8EF0A02D-4275-4196-90CB-DB7BF2D71594}C:\users\pascal\appdata\local\temp\b4c780c1800342968e70e4f2d0e206ed\relicdownloader.exe" = protocol=17 | dir=in | app=c:\users\pascal\appdata\local\temp\b4c780c1800342968e70e4f2d0e206ed\relicdownloader.exe | 
"UDP Query User{91537DE3-35E1-4590-AFAE-E3F58CFF42E6}C:\users\pascal\desktop\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\pascal\desktop\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{BE51ABFB-BA2F-49F1-9081-85AC5F692113}C:\users\pascal\appdata\local\temp\c391d4b36b2c4cb2942dff35b485372b\relicdownloader.exe" = protocol=17 | dir=in | app=c:\users\pascal\appdata\local\temp\c391d4b36b2c4cb2942dff35b485372b\relicdownloader.exe | 
"UDP Query User{C218F04D-69D0-45EE-AF0B-F925D97D3150}C:\program files\ubisoft\ghost recon advanced warfighter\graw.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter\graw.exe | 
"UDP Query User{C44A2C36-4A1E-48B2-B310-2BC575F7E8C0}C:\program files\ea games\medal of honor pacific assault(tm) demo\mohpa_demo.exe" = protocol=17 | dir=in | app=c:\program files\ea games\medal of honor pacific assault(tm) demo\mohpa_demo.exe | 
"UDP Query User{CC64A711-957A-4C42-A265-8F381DAE1A52}C:\program files\ea games\battlefield heroes\bfheroes.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield heroes\bfheroes.exe | 
"UDP Query User{E147C511-9216-4EA1-8D2D-39A72DE9CCEB}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe | 
"UDP Query User{E4384E2A-0227-4653-AD7C-7DFD360B687B}C:\program files\ea games\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 1942\bf1942.exe | 
"UDP Query User{E547B145-3365-4B53-8FF6-967768BB8DBF}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe | 
"UDP Query User{ED54214A-E11F-4D15-8EB6-2888B6D62242}C:\users\pascal\appdata\local\apps\2.0\rgcc854z.kjm\whp6tr47.mz9\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=17 | dir=in | app=c:\users\pascal\appdata\local\apps\2.0\rgcc854z.kjm\whp6tr47.mz9\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe | 
"UDP Query User{FD18476B-A82C-4D1E-BB21-0194CE7293E1}C:\users\pascal\appdata\local\temp\edcfce51166845da8e9ba9aa58bdd7c8\relicdownloader.exe" = protocol=17 | dir=in | app=c:\users\pascal\appdata\local\temp\edcfce51166845da8e9ba9aa58bdd7c8\relicdownloader.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2DF2C6-08F7-40BD-8E85-D16CB436E7F0}" = Free NaturalReader
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}" = Microsoft XNA Framework Redistributable 2.0
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{25B25C84-6132-4662-972B-4E4DC1B00C98}" = Age of Empires III Trial
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02]
"{4209F371-4927-659B-6665-F7524E53AE40}_is1" = Ashampoo WinOptimizer 8 v.8.14.00
"{43B74FAB-FB58-447D-8D3A-5F638AF36FD1}" = Netzmanager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4E4F8163-9889-4BAB-B2E7-DBAAE248C1EB}" = LG Android Driver
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{549CE1BD-88E4-4C5E-BF75-B155624714CC}" = Belkin USB Wireless Adaptor
"{591B29D8-4A37-4202-9F74-3B43A45EC036}" = MAGIX Foto & Grafik Designer 6 SE
"{5928359F-BF46-4646-BF19-B64E55171EB5}_is1" = FILSHtray Version 0.11
"{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}" = Battlefield 1942™
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BC0CDD6-E0C2-434D-9365-23E79E42DA95}" = Battlestations: Midway
"{6D0042A0-9064-4C7F-B906-3EAC4427EE07}_is1" = Counter-Strike Source DZ
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobile Partner Manager
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}" = Oblivion
"{C9E270CC-AE42-4BD8-B9C6-1EB3A8657FF5}" = Just Cause 1.00.0000
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1" = Screen Recording Suite V2.5.0
"{EE74D039-45D7-44E9-BF95-B9CFB015964F}_is1" = ArcaniA - Gothic 4
"{EFC97089-04D6-42CE-A707-A343B4A7D2CD}" = Ghost Recon Advanced Warfighter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F78AC3C0-578C-49AB-BD4E-3107A6036A13}" = Tom Clancy's Ghost Recon Advanced Warfighter® 2
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.0.0
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"ArmA 2" = ArmA 2 Uninstall
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"ASIO4ALL" = ASIO4ALL
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"ASRock IES_is1" = ASRock IES v2.0.69
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.24
"ASRock OC DNA_is1" = ASRock OC DNA v1.6
"ASRock OC Tuner_is1" = ASRock OC Tuner v2.3.91
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"Battlestrike - Shadow of Stalingrad/DE-German_is1" = Battlestrike: Schlacht um Stalingrad
"Color Efex Pro 3.0 Stand-Alone Standard" = Color Efex Pro 3.0 Standard
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Company of Heroes" = Company of Heroes
"Counter-Strike 1.6" = Counter-Strike 1.6
"DAEMON Tools Lite" = DAEMON Tools Lite
"Drakensang_is1" = Drakensang
"Earth 2160" = Earth 2160
"Edirol HQ Orchestral VSTi v1.03" = Edirol HQ Orchestral VSTi v1.03
"Edirol Hyper Canvas VSTi DXi_is1" = Edirol Hyper Canvas VSTi DXi 1.6.0
"ESN Sonar-0.70.4" = ESN Sonar
"FarmingSimulator2009DE_is1" = Landwirtschafts-Simulator 2009
"FL Studio 9" = FL Studio 9
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2
"Free WAV to MP3 Converter" = Free WAV to MP3 Converter
"Game Booster_is1" = Game Booster 3
"Glary Utilities_is1" = Glary Utilities 2.35.0.1216
"Hardcore" = Hardcore
"Hidden & Dangerous 2 Sabre Squadron Demo" = Hidden & Dangerous 2 Sabre Squadron Demo
"HS2_is1" = Steinberg Hypersonic 2
"HyperCam 2" = HyperCam 2
"IL Download Manager" = IL Download Manager
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{25B25C84-6132-4662-972B-4E4DC1B00C98}" = Age of Empires III Trial
"InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}" = Belkin USB Wireless Adaptor
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"Live Lite Alesis Edition" = Live Lite Alesis Edition
"LUXONIX_Purity" = LUXONIX Purity
"MAGIX_{591B29D8-4A37-4202-9F74-3B43A45EC036}" = MAGIX Foto & Grafik Designer 6 SE
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3-Cutter" = MP3-Cutter
"Native Instruments Absynth 4" = Native Instruments Absynth 4
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Massive v1.0.1.008 VSTi DXi RTAS" = Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
"Native Instruments Service Center" = Native Instruments Service Center
"Netzmanager" = Netzmanager
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PoiZone" = PoiZone
"PokerTH 0.9.5" = PokerTH
"Predator_is1" = Rob Papen Predator V1.6.2a
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"Recuva" = Recuva
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"reFX Vanguard_is1" = reFX Vanguard VSTi RTAS v1.8.0
"Rob Papen Blade_is1" = Rob Papen Blade 1.0.0d
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"Sawer" = Sawer
"Steam App 17500" = Zombie Panic Source
"Steam App 17700" = Insurgency
"Steam App 21970" = R.U.S.E
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"Steam App 43110" = Metro 2033
"Steam App 80" = Counter-Strike: Condition Zero
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosofts Lizenz Kontrolle
"Tone2 Gladiator Retail_is1" = Gladiator v1.2.2.0
"Tone2 Gladiator VSTi_is1" = Tone2 Gladiator VSTi v2.2
"Toxic Biohazard" = Toxic Biohazard
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"XFastUsb" = XFastUsb
"YTdetect" = Yahoo! Detect
"z3ta+_x86_is1" = rgc:audio z3ta+ 1.5
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3180806219-2987136475-2523560488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"d8be6c3f847d7d92" = Ghost Recon Online
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.07.2012 13:12:10 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:10 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:10 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:10 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:10 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:10 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:11 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:11 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:11 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:40:59 | Computer Name = Pascal-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4febb13c  Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4febbadd  Ausnahmecode: 0xc0000005  Fehleroffset: 0x66eae279
ID
 des fehlerhaften Prozesses: 0x290  Startzeit der fehlerhaften Anwendung: 0x01cd58769606daf0
Pfad
 der fehlerhaften Anwendung: c:\program files\steam\steamapps\lexusluger\day of 
defeat source\hl2.exe  Pfad des fehlerhaften Moduls: filesystem_steam.dll  Berichtskennung:
 1552d41f-c46d-11e1-9e76-f88f0f62c6b0
 
[ System Events ]
Error - 14.02.2013 10:56:39 | Computer Name = Pascal-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 14.02.2013 10:58:09 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "mbamchameleon" wurde aufgrund folgenden Fehlers nicht 
gestartet:   %%2
 
Error - 14.02.2013 10:58:52 | Computer Name = Pascal-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{4EC166F5-11BE-4B20-A332-F9BE4608AD23} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 14.02.2013 10:58:52 | Computer Name = Pascal-PC | Source = NetBT | ID = 4321
Description = Der Name "PASCAL-PC      :20" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.102  registriert werden. Der Computer mit IP-Adresse 192.168.2.105
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 14.02.2013 11:00:04 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 14.02.2013 11:00:04 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 14.02.2013 12:10:49 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 14.02.2013 12:10:49 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 14.02.2013 12:11:32 | Computer Name = Pascal-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{4EC166F5-11BE-4B20-A332-F9BE4608AD23} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 14.02.2013 12:11:32 | Computer Name = Pascal-PC | Source = NetBT | ID = 4321
Description = Der Name "PASCAL-PC      :20" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.102  registriert werden. Der Computer mit IP-Adresse 192.168.2.105
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
 
< End of report >

PascalReger · 14.02.2013, 17:28

Code:

ATTFilter

OTL Extras logfile created on: 14.02.2013 17:13:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Pascal\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 68,08% Memory free
6,00 Gb Paging File | 4,94 Gb Available in Paging File | 82,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 173,40 Gb Free Space | 37,23% Space Free | Partition Type: NTFS
Drive E: | 2,01 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: PASCAL-PC | User Name: Pascal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1DE06E1C-72A2-4658-B707-1906837ED91B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3107194F-24E8-4460-88F7-B232E65D6DAE}" = lport=138 | protocol=17 | dir=in | app=system | 
"{353BA680-E2A4-44E1-81C9-9A7B81EFA9B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{76A10545-3C38-4F0E-99BC-79D1B7BBF047}" = rport=138 | protocol=17 | dir=out | app=system | 
"{77977981-9C9B-4E08-9116-2558F6554D61}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{7E568506-1C74-4B46-9C17-6A1C25F4F561}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{86F83E5E-1B10-48FA-9CB1-113C9CAE9EB9}" = lport=137 | protocol=17 | dir=in | app=system | 
"{A6825819-2EFA-410B-8734-6749691F1B49}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B39A7E4E-EE49-4E2A-9E55-10F995F12867}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B8FE9BDC-FB13-4549-AFA1-FB593B100B86}" = lport=139 | protocol=6 | dir=in | app=system | 
"{D8CEA302-CF4D-4185-8394-F4AA7B3E5FAE}" = rport=445 | protocol=6 | dir=out | app=system | 
"{E1403F13-7383-428C-B8CB-B451EB2A1043}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{E881C05E-2D2E-4151-81B5-30B8C4A838D1}" = rport=137 | protocol=17 | dir=out | app=system | 
"{EE5A7302-0665-4B92-A030-14D02B4A03D6}" = lport=445 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0359E3BF-4328-4868-AB04-DCA8F7728F12}" = protocol=6 | dir=in | app=c:\program files\ubisoft\world in conflict\wic.exe | 
"{0406422B-E2BD-4854-B536-BABB469B33B4}" = protocol=6 | dir=in | app=c:\program files\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
"{0597DAC2-EDA8-4DA3-B6BB-B7A0BD921FAB}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{0856CAA2-5BBA-433E-B0E8-F32DD0D5A44B}" = protocol=17 | dir=in | app=c:\program files\rockstar games\eflc\launcheflc.exe | 
"{0C8B7CB3-2971-457E-A2C5-DD3499D5F4AB}" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe | 
"{0D7A9C9A-06B6-42B6-B844-0B26B5400B59}" = protocol=6 | dir=in | app=c:\program files\rockstar games\eflc\launcheflc.exe | 
"{0F8FD49F-5F01-4E1B-BE93-58A22D10FC55}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\lexusluger\counter-strike source\hl2.exe | 
"{11E10E45-FE36-4AB3-ABAE-F328933AFCC0}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2\arma2.exe | 
"{1638D10E-D7B0-4AF3-A4B4-A1FF076C9638}" = protocol=17 | dir=in | app=c:\program files\ubisoft\world in conflict\wic.exe | 
"{192A9B63-F900-4747-B7FE-2A05C8276D60}" = protocol=17 | dir=in | app=c:\program files\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe | 
"{1FDC2394-2CE8-4DEA-A657-4E04D5D18D80}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{20FD62CD-62D5-41E9-A54D-74E8FF7EB220}" = protocol=6 | dir=in | app=c:\program files\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 
"{2111D42D-09F1-46E2-805C-935C2F0FE4D0}" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe | 
"{23B66CF0-B1F9-474A-804E-F1A5284D9D04}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{317EA025-5DDD-47D1-B293-F2B4C78DF1A2}" = protocol=17 | dir=in | app=c:\program files\ubisoft\world in conflict\wic_ds.exe | 
"{32F7863C-03A0-46FC-AD0A-4B515FAF070C}" = protocol=6 | dir=in | app=c:\program files\ubisoft\world in conflict\wic_online.exe | 
"{35E53B8E-2D9E-4E1A-8BE9-BBD5356D55AB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe | 
"{38B87E17-E494-4497-A892-E8B39EC21442}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter 2\graw2_dedicated.exe | 
"{44B40EFD-8F7C-42BF-B868-580C5FEAF7E5}" = protocol=17 | dir=in | app=c:\program files\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe | 
"{48BDE269-0346-413B-ABBB-9E1D4C3BF070}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | 
"{4BB3551E-8BD2-4466-B97E-7791180F94F9}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{4E1E7D20-7C2D-4CF8-9333-CF7E44E51A85}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{4E2E0BE6-B43B-4ADE-8C9C-AEF899411184}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{544241BD-143F-44A3-890A-D656F9B9D337}" = protocol=17 | dir=in | app=c:\program files\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
"{5596AEA6-0FC4-4215-AF36-621D6190174C}" = protocol=6 | dir=in | app=c:\program files\valve\steam\steam.exe | 
"{57782BCF-B4F7-4D34-A78E-A45C4B922C54}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\lexusluger\day of defeat source\hl2.exe | 
"{57C255AF-76B3-432C-A794-708D28ED5734}" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe | 
"{6374BA1A-A706-4B58-A544-7D60361A82E5}" = protocol=6 | dir=in | app=c:\users\pascal\appdata\roaming\dropbox\bin\dropbox.exe | 
"{6742D14A-682E-41AC-B32F-F0FF35B0A444}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{677C3915-1459-46A7-97B3-B5846A800CBC}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{6896FDCE-09FA-42CC-90E1-408FFBDD69E5}" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx_dx10.exe | 
"{6A856107-E0F2-46E1-8D3F-5911EA75E8D9}" = protocol=17 | dir=in | app=c:\users\pascal\appdata\roaming\dropbox\bin\dropbox.exe | 
"{6F9FC5B7-188A-46DF-BEE5-18F373378819}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter 2\graw2_dedicated.exe | 
"{6FA43757-7268-4BB6-888C-6AC18E830B40}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{730AE2A4-4784-42A4-A2BF-E432734D28B6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{77B59D61-591A-45B7-8389-F72AF6C301B9}" = dir=in | app=c:\program files\apowersoft\screen recording suite\screen-recording-suite.exe | 
"{7AB5C482-8E89-408E-BB31-EFAEC923FA57}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter 2\graw2.exe | 
"{7B8B1CC0-1CDC-42BA-BD89-F9976E76220A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{7C870BEF-6779-4B47-B2E2-101AA453AB31}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | 
"{84B6F821-5111-4ACB-AE78-272E10680ACA}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2\arma2.exe | 
"{8E67F54F-A0BE-45D0-A11B-90CFF83FAF85}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{963643A9-8F5F-4BB7-BD4E-5D4A0EED1640}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter 2\graw2.exe | 
"{96CA6A62-9313-4856-8AC0-237DDE4074D1}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{998C8197-EDE0-402A-BDEF-E28493062A37}" = protocol=17 | dir=in | app=c:\program files\ubisoft\world in conflict\wic_online.exe | 
"{9DB07269-A3D6-4DC5-A931-1DD088C2FE16}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{9F032C83-0FFE-4428-8D09-7F3CFA2920D6}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{9FCD7B25-86DB-487E-9829-467F2F13DDE7}" = protocol=17 | dir=in | app=c:\program files\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 
"{9FD87759-A00D-47C1-AFFF-8B4D38F870F6}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{A14EF884-1F4D-44CE-AA1D-936244CB4F94}" = protocol=6 | dir=in | app=c:\program files\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe | 
"{ACEAFE3E-49F4-4763-A061-7AE397A4632F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx.exe | 
"{AFF81E3D-594A-432E-B98F-9BB512779FC7}" = protocol=17 | dir=in | app=c:\program files\reality pump\earth 2160\earth2160_no_sse.exe | 
"{B72C7430-78A0-45F0-9BFE-83E3C69A0FE7}" = protocol=17 | dir=in | app=c:\program files\valve\steam\steam.exe | 
"{BB21FBBD-DFDF-4C67-9614-C54868DFE2A0}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{BB9AF177-7D03-47C3-BCFB-CCD017D4B4F9}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{C424638E-76D4-454D-AC74-C2E857A863C5}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{C9E6FC7E-2F93-479B-BEFF-D12F16C04E0A}" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe | 
"{D093524A-B325-42D1-908A-87DE17FB28C9}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{D9037877-97D9-4ACD-9C75-5D696CDD53D8}" = dir=in | app=c:\program files\apowersoft\screen recording suite\screenrecordingsuite.exe | 
"{DA828283-DCC9-442B-A5B8-17B880868EDF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\metro 2033\metro2033.exe | 
"{DA82D65F-3376-4A3F-989D-10F03C8AF3CA}" = protocol=6 | dir=in | app=c:\program files\reality pump\earth 2160\earth2160_sse.exe | 
"{DD1EAA7B-A289-4315-B384-FA628B69FD5E}" = protocol=6 | dir=in | app=c:\program files\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe | 
"{DE0FCFDA-B84D-4FD6-AB76-643BA2693791}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\r.u.s.e\ruse.exe | 
"{DF4C2C86-0F9A-4EA2-A4B5-ED012678BD13}" = protocol=6 | dir=in | app=c:\program files\ubisoft\world in conflict\wic_ds.exe | 
"{E21960A6-7B79-4F78-9EC6-6002A90AAF38}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\metro 2033\metro2033.exe | 
"{E7B56168-278A-4F21-9B55-08C26007A4AA}" = protocol=17 | dir=in | app=c:\program files\origin games\battlefield 1942\bf1942.exe | 
"{E82B536D-93E8-40FA-8A9D-39BC0BD1E6FC}" = protocol=17 | dir=in | app=c:\program files\reality pump\earth 2160\earth2160_sse.exe | 
"{EB522692-9BC1-404B-AEC7-92ABEB476D5B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's h.a.w.x\hawx_dx10.exe | 
"{ECE5F10A-4CA3-41C6-9060-9C606260AAD9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\r.u.s.e\ruse.exe | 
"{EE68A0F6-29C1-40A9-9DCF-20071211D386}" = protocol=6 | dir=in | app=c:\program files\reality pump\earth 2160\earth2160_no_sse.exe | 
"{F4FA4662-5406-4859-9AEE-40040DEB93B7}" = protocol=6 | dir=in | app=c:\program files\origin games\battlefield 1942\bf1942.exe | 
"{FABEDBCD-346B-4C25-8C9D-D599A32CC4CA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\lexusluger\counter-strike source\hl2.exe | 
"{FB1DD3B7-3F71-40D6-94F4-A2921D911CBB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{FE34076F-F38A-49B2-A2DE-5AB5F44D0A5F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\lexusluger\day of defeat source\hl2.exe | 
"TCP Query User{090BF863-3579-45F5-9E45-C5C4F26F2C71}C:\program files\ea games\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield vietnam\bfvietnam.exe | 
"TCP Query User{232DF918-79AB-44C7-A99E-08B72E9BBA1D}C:\program files\steam\steamapps\lexusluger\insurgency\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\lexusluger\insurgency\hl2.exe | 
"TCP Query User{263B8034-81B3-4032-A2D7-5BCFF9F61595}C:\program files\ea games\medal of honor pacific assault(tm) demo\mohpa_demo.exe" = protocol=6 | dir=in | app=c:\program files\ea games\medal of honor pacific assault(tm) demo\mohpa_demo.exe | 
"TCP Query User{2A8B322C-FF83-429C-9C34-FB45953257F1}C:\program files\duty calls\binaries\win32\dutycalls.exe" = protocol=6 | dir=in | app=c:\program files\duty calls\binaries\win32\dutycalls.exe | 
"TCP Query User{41A8E26B-E872-4883-B8C9-4DA20731BF74}C:\users\pascal\desktop\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\pascal\desktop\call of duty 4 - modern warfare\iw3mp.exe | 
"TCP Query User{522E8EB8-962B-425B-BD99-CE8AD7C8AEBE}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | 
"TCP Query User{52FB9875-306A-4EB9-91D5-46352001881C}C:\program files\ea games\battlefield heroes\bfheroes.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield heroes\bfheroes.exe | 
"TCP Query User{5AB30AF2-DB34-4B3E-A23F-17304FD352B9}C:\users\pascal\appdata\local\temp\b4c780c1800342968e70e4f2d0e206ed\relicdownloader.exe" = protocol=6 | dir=in | app=c:\users\pascal\appdata\local\temp\b4c780c1800342968e70e4f2d0e206ed\relicdownloader.exe | 
"TCP Query User{71B140E9-A2C9-4DF7-8827-6D6F96629CB1}C:\program files\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty\codmp.exe | 
"TCP Query User{7D2F6781-1B1A-4501-9B9F-435BBC49C9FB}C:\program files\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe | 
"TCP Query User{8703D626-DC2D-443F-99C4-6C5BE363C235}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe | 
"TCP Query User{A25BA49F-5A99-4EC6-977B-E92AE5C7A567}C:\users\pascal\appdata\local\temp\edcfce51166845da8e9ba9aa58bdd7c8\relicdownloader.exe" = protocol=6 | dir=in | app=c:\users\pascal\appdata\local\temp\edcfce51166845da8e9ba9aa58bdd7c8\relicdownloader.exe | 
"TCP Query User{A4537B76-6E2A-422C-9775-A1F2D6B31EAB}C:\program files\activision\empires dawn of the modern world\empires_dmw.exe" = protocol=6 | dir=in | app=c:\program files\activision\empires dawn of the modern world\empires_dmw.exe | 
"TCP Query User{AA4C50C6-A6C9-426E-9CA0-1F1DEB3D5B37}C:\program files\ubisoft\ghost recon advanced warfighter\graw.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter\graw.exe | 
"TCP Query User{B101C106-CC1F-4C00-87E9-0A59CD5FBE1E}C:\program files\ea games\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 1942\bf1942.exe | 
"TCP Query User{C59CADEB-FA7C-42A4-B0B5-97CDEF5253FA}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe | 
"TCP Query User{E86E99A3-E9D4-4F65-A650-07B253B6411B}C:\users\pascal\appdata\local\apps\2.0\rgcc854z.kjm\whp6tr47.mz9\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=6 | dir=in | app=c:\users\pascal\appdata\local\apps\2.0\rgcc854z.kjm\whp6tr47.mz9\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe | 
"TCP Query User{F1B96DAD-AC3D-4EB3-9910-8431FC95DF46}C:\program files\rockstar games\eflc\eflc.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\eflc\eflc.exe | 
"TCP Query User{FAE4E562-BB45-49D6-B1A7-E2370D4535E0}C:\users\pascal\appdata\local\temp\c391d4b36b2c4cb2942dff35b485372b\relicdownloader.exe" = protocol=6 | dir=in | app=c:\users\pascal\appdata\local\temp\c391d4b36b2c4cb2942dff35b485372b\relicdownloader.exe | 
"UDP Query User{19F4F651-66A4-4315-90B8-185B4D3C9B3E}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | 
"UDP Query User{1DC3C6F5-16DD-40FE-AD58-4C27341C7C60}C:\program files\ea games\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield vietnam\bfvietnam.exe | 
"UDP Query User{257C17CA-995F-4767-BF30-D15AE607A2B5}C:\program files\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty\codmp.exe | 
"UDP Query User{34B175F6-8772-4460-9B28-42F4D73AFD6A}C:\program files\duty calls\binaries\win32\dutycalls.exe" = protocol=17 | dir=in | app=c:\program files\duty calls\binaries\win32\dutycalls.exe | 
"UDP Query User{4A9694D4-0B68-45C4-A935-778F236997CF}C:\program files\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe | 
"UDP Query User{61377129-202F-485A-98F2-11145BDB35D9}C:\program files\rockstar games\eflc\eflc.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\eflc\eflc.exe | 
"UDP Query User{6D4C5CAD-5311-49E3-A0AF-CE47F0EF6C27}C:\program files\activision\empires dawn of the modern world\empires_dmw.exe" = protocol=17 | dir=in | app=c:\program files\activision\empires dawn of the modern world\empires_dmw.exe | 
"UDP Query User{8146C230-E73F-4746-B25B-7BC874B7417B}C:\program files\steam\steamapps\lexusluger\insurgency\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\lexusluger\insurgency\hl2.exe | 
"UDP Query User{8EF0A02D-4275-4196-90CB-DB7BF2D71594}C:\users\pascal\appdata\local\temp\b4c780c1800342968e70e4f2d0e206ed\relicdownloader.exe" = protocol=17 | dir=in | app=c:\users\pascal\appdata\local\temp\b4c780c1800342968e70e4f2d0e206ed\relicdownloader.exe | 
"UDP Query User{91537DE3-35E1-4590-AFAE-E3F58CFF42E6}C:\users\pascal\desktop\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\pascal\desktop\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{BE51ABFB-BA2F-49F1-9081-85AC5F692113}C:\users\pascal\appdata\local\temp\c391d4b36b2c4cb2942dff35b485372b\relicdownloader.exe" = protocol=17 | dir=in | app=c:\users\pascal\appdata\local\temp\c391d4b36b2c4cb2942dff35b485372b\relicdownloader.exe | 
"UDP Query User{C218F04D-69D0-45EE-AF0B-F925D97D3150}C:\program files\ubisoft\ghost recon advanced warfighter\graw.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter\graw.exe | 
"UDP Query User{C44A2C36-4A1E-48B2-B310-2BC575F7E8C0}C:\program files\ea games\medal of honor pacific assault(tm) demo\mohpa_demo.exe" = protocol=17 | dir=in | app=c:\program files\ea games\medal of honor pacific assault(tm) demo\mohpa_demo.exe | 
"UDP Query User{CC64A711-957A-4C42-A265-8F381DAE1A52}C:\program files\ea games\battlefield heroes\bfheroes.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield heroes\bfheroes.exe | 
"UDP Query User{E147C511-9216-4EA1-8D2D-39A72DE9CCEB}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe | 
"UDP Query User{E4384E2A-0227-4653-AD7C-7DFD360B687B}C:\program files\ea games\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 1942\bf1942.exe | 
"UDP Query User{E547B145-3365-4B53-8FF6-967768BB8DBF}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe | 
"UDP Query User{ED54214A-E11F-4D15-8EB6-2888B6D62242}C:\users\pascal\appdata\local\apps\2.0\rgcc854z.kjm\whp6tr47.mz9\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=17 | dir=in | app=c:\users\pascal\appdata\local\apps\2.0\rgcc854z.kjm\whp6tr47.mz9\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe | 
"UDP Query User{FD18476B-A82C-4D1E-BB21-0194CE7293E1}C:\users\pascal\appdata\local\temp\edcfce51166845da8e9ba9aa58bdd7c8\relicdownloader.exe" = protocol=17 | dir=in | app=c:\users\pascal\appdata\local\temp\edcfce51166845da8e9ba9aa58bdd7c8\relicdownloader.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2DF2C6-08F7-40BD-8E85-D16CB436E7F0}" = Free NaturalReader
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}" = Microsoft XNA Framework Redistributable 2.0
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{25B25C84-6132-4662-972B-4E4DC1B00C98}" = Age of Empires III Trial
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02]
"{4209F371-4927-659B-6665-F7524E53AE40}_is1" = Ashampoo WinOptimizer 8 v.8.14.00
"{43B74FAB-FB58-447D-8D3A-5F638AF36FD1}" = Netzmanager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4E4F8163-9889-4BAB-B2E7-DBAAE248C1EB}" = LG Android Driver
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{549CE1BD-88E4-4C5E-BF75-B155624714CC}" = Belkin USB Wireless Adaptor
"{591B29D8-4A37-4202-9F74-3B43A45EC036}" = MAGIX Foto & Grafik Designer 6 SE
"{5928359F-BF46-4646-BF19-B64E55171EB5}_is1" = FILSHtray Version 0.11
"{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}" = Battlefield 1942™
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BC0CDD6-E0C2-434D-9365-23E79E42DA95}" = Battlestations: Midway
"{6D0042A0-9064-4C7F-B906-3EAC4427EE07}_is1" = Counter-Strike Source DZ
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobile Partner Manager
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}" = Oblivion
"{C9E270CC-AE42-4BD8-B9C6-1EB3A8657FF5}" = Just Cause 1.00.0000
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1" = Screen Recording Suite V2.5.0
"{EE74D039-45D7-44E9-BF95-B9CFB015964F}_is1" = ArcaniA - Gothic 4
"{EFC97089-04D6-42CE-A707-A343B4A7D2CD}" = Ghost Recon Advanced Warfighter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F78AC3C0-578C-49AB-BD4E-3107A6036A13}" = Tom Clancy's Ghost Recon Advanced Warfighter® 2
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.0.0
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"ArmA 2" = ArmA 2 Uninstall
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"ASIO4ALL" = ASIO4ALL
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"ASRock IES_is1" = ASRock IES v2.0.69
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.24
"ASRock OC DNA_is1" = ASRock OC DNA v1.6
"ASRock OC Tuner_is1" = ASRock OC Tuner v2.3.91
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"Battlestrike - Shadow of Stalingrad/DE-German_is1" = Battlestrike: Schlacht um Stalingrad
"Color Efex Pro 3.0 Stand-Alone Standard" = Color Efex Pro 3.0 Standard
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Company of Heroes" = Company of Heroes
"Counter-Strike 1.6" = Counter-Strike 1.6
"DAEMON Tools Lite" = DAEMON Tools Lite
"Drakensang_is1" = Drakensang
"Earth 2160" = Earth 2160
"Edirol HQ Orchestral VSTi v1.03" = Edirol HQ Orchestral VSTi v1.03
"Edirol Hyper Canvas VSTi DXi_is1" = Edirol Hyper Canvas VSTi DXi 1.6.0
"ESN Sonar-0.70.4" = ESN Sonar
"FarmingSimulator2009DE_is1" = Landwirtschafts-Simulator 2009
"FL Studio 9" = FL Studio 9
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2
"Free WAV to MP3 Converter" = Free WAV to MP3 Converter
"Game Booster_is1" = Game Booster 3
"Glary Utilities_is1" = Glary Utilities 2.35.0.1216
"Hardcore" = Hardcore
"Hidden & Dangerous 2 Sabre Squadron Demo" = Hidden & Dangerous 2 Sabre Squadron Demo
"HS2_is1" = Steinberg Hypersonic 2
"HyperCam 2" = HyperCam 2
"IL Download Manager" = IL Download Manager
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{25B25C84-6132-4662-972B-4E4DC1B00C98}" = Age of Empires III Trial
"InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}" = Belkin USB Wireless Adaptor
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"Live Lite Alesis Edition" = Live Lite Alesis Edition
"LUXONIX_Purity" = LUXONIX Purity
"MAGIX_{591B29D8-4A37-4202-9F74-3B43A45EC036}" = MAGIX Foto & Grafik Designer 6 SE
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3-Cutter" = MP3-Cutter
"Native Instruments Absynth 4" = Native Instruments Absynth 4
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Massive v1.0.1.008 VSTi DXi RTAS" = Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
"Native Instruments Service Center" = Native Instruments Service Center
"Netzmanager" = Netzmanager
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PoiZone" = PoiZone
"PokerTH 0.9.5" = PokerTH
"Predator_is1" = Rob Papen Predator V1.6.2a
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"Recuva" = Recuva
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"reFX Vanguard_is1" = reFX Vanguard VSTi RTAS v1.8.0
"Rob Papen Blade_is1" = Rob Papen Blade 1.0.0d
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"Sawer" = Sawer
"Steam App 17500" = Zombie Panic Source
"Steam App 17700" = Insurgency
"Steam App 21970" = R.U.S.E
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"Steam App 43110" = Metro 2033
"Steam App 80" = Counter-Strike: Condition Zero
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosofts Lizenz Kontrolle
"Tone2 Gladiator Retail_is1" = Gladiator v1.2.2.0
"Tone2 Gladiator VSTi_is1" = Tone2 Gladiator VSTi v2.2
"Toxic Biohazard" = Toxic Biohazard
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"XFastUsb" = XFastUsb
"YTdetect" = Yahoo! Detect
"z3ta+_x86_is1" = rgc:audio z3ta+ 1.5
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3180806219-2987136475-2523560488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"d8be6c3f847d7d92" = Ghost Recon Online
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.07.2012 13:12:10 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:10 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:10 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:10 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:10 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:10 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:11 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:11 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:12:11 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 02.07.2012 13:40:59 | Computer Name = Pascal-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4febb13c  Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4febbadd  Ausnahmecode: 0xc0000005  Fehleroffset: 0x66eae279
ID
 des fehlerhaften Prozesses: 0x290  Startzeit der fehlerhaften Anwendung: 0x01cd58769606daf0
Pfad
 der fehlerhaften Anwendung: c:\program files\steam\steamapps\lexusluger\day of 
defeat source\hl2.exe  Pfad des fehlerhaften Moduls: filesystem_steam.dll  Berichtskennung:
 1552d41f-c46d-11e1-9e76-f88f0f62c6b0
 
[ System Events ]
Error - 14.02.2013 10:56:39 | Computer Name = Pascal-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 14.02.2013 10:58:09 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "mbamchameleon" wurde aufgrund folgenden Fehlers nicht 
gestartet:   %%2
 
Error - 14.02.2013 10:58:52 | Computer Name = Pascal-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{4EC166F5-11BE-4B20-A332-F9BE4608AD23} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 14.02.2013 10:58:52 | Computer Name = Pascal-PC | Source = NetBT | ID = 4321
Description = Der Name "PASCAL-PC      :20" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.102  registriert werden. Der Computer mit IP-Adresse 192.168.2.105
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 14.02.2013 11:00:04 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 14.02.2013 11:00:04 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 14.02.2013 12:10:49 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 14.02.2013 12:10:49 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 14.02.2013 12:11:32 | Computer Name = Pascal-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{4EC166F5-11BE-4B20-A332-F9BE4608AD23} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 14.02.2013 12:11:32 | Computer Name = Pascal-PC | Source = NetBT | ID = 4321
Description = Der Name "PASCAL-PC      :20" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.102  registriert werden. Der Computer mit IP-Adresse 192.168.2.105
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
 
< End of report >

cosinus · 15.02.2013, 00:14

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Gvu trojaner 2013 mit webcam infiziert

Plagegeister aller Art und deren Bekämpfung: Gvu trojaner 2013 mit webcam infiziert