| maurice97 | 29.08.2012 13:22 |
OTL::OTL Logfile: Code:
OTL logfile created on: 29.08.2012 14:01:59 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\maurice\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 78,05% Memory free
4,00 Gb Paging File | 3,64 Gb Available in Paging File | 90,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,15 Gb Total Space | 7,35 Gb Free Space | 19,77% Space Free | Partition Type: NTFS
Drive D: | 76,69 Gb Total Space | 43,39 Gb Free Space | 56,58% Space Free | Partition Type: NTFS
Computer Name: MAURICE-PC | User Name: maurice | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\maurice\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\HelpPane.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Notepad++\NppShell_05.dll ()
========== Services (SafeList) ==========
SRV - (TunngleService) -- C:\Programme\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (TeamViewer7) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Hamachi2Svc) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (XDva399) -- C:\Users\maurice\AppData\Local\Temp\Din200B.tmp File not found
DRV - (XDva398) -- C:\Windows\system32\XDva398.sys File not found
DRV - (XDva397) -- C:\Windows\system32\XDva397.sys File not found
DRV - (EuMusDesignVirtualAudioCableWdm) -- C:\Windows\System32\drivers\vrtaucbl.sys (Eugene V. Muzychenko)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (WinRing0_1_2_0) -- C:\Programme\IObit\Game Booster 3\Driver\WinRing0.sys (OpenLibSys.org)
DRV - (fwlanusb4) -- C:\Windows\System32\drivers\fwlanusb4.sys (AVM GmbH)
DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (tap0901t) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\RTL8187B.sys (Realtek Semiconductor Corporation )
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9A 22 13 FE 06 66 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
IE - HKCU\..\SearchScopes\{DA9D3F15-F41C-4764-9D40-37D371185D11}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\maurice\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
[2012.07.25 18:16:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maurice\AppData\Roaming\mozilla\Firefox\extensions
[2012.07.25 18:16:22 | 000,000,000 | ---D | M] (uTorrentBar_DE) -- C:\Users\maurice\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2012.07.30 19:28:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maurice\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2012.07.30 19:28:32 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\maurice\AppData\Roaming\mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
[2012.07.31 06:03:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
O1 HOSTS File: ([2012.08.10 16:38:52 | 000,000,037 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 95.211.168.98 download.gameclub.com
O2 - BHO: (Claro LTD Helper Object) - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Programme\Claro LTD\claro\1.6.4.1\bh\claro.dll (Montera Technologeis LTD)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Claro LTD Toolbar) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Programme\Claro LTD\claro\1.6.4.1\claroTlbr.dll (Montera Technologeis LTD)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\maurice\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [BitTorrent] "D:\BitTorrent.exe" /MINIMIZED File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\maurice\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MediaGet2] C:\Users\maurice\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
O4 - HKCU..\Run: [RGSC] D:\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe (Somoto)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [WcnNetsh] C:\Users\maurice\AppData\Local\Microsoft\Windows\2838\WcnNetsh.exe ()
O4 - HKCU..\RunOnce: [Report] C:\AdwCleaner[S1].txt ()
O4 - Startup: C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Product Registration.lnk = File not found
O4 - Startup: C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\maurice\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13C5C56C-369A-427B-9C25-E2BAE89F11DD}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45BCC898-4277-49E4-8BDD-EEB03C29200D}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FE4E3BF-6564-41D4-AA56-D6FC06CAC775}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5ED5D355-F752-4565-B73C-F91A00CA2E12}: DhcpNameServer = 7.254.254.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8f548301-d33f-11e1-b2ce-bc05430b7e48}\Shell - "" = AutoRun
O33 - MountPoints2\{8f548301-d33f-11e1-b2ce-bc05430b7e48}\Shell\AutoRun\command - "" = L:\pushinst.exe
O33 - MountPoints2\{a9455acc-d33c-11e1-9faf-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a9455acc-d33c-11e1-9faf-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
========== Files/Folders - Created Within 30 Days ==========
[2012.08.28 17:49:21 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.08.28 17:47:02 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\hellomoto
[2012.08.28 17:36:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.08.28 17:27:43 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\maurice\Desktop\OTL.exe
[2012.08.28 16:48:51 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Malwarebytes
[2012.08.28 16:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.28 16:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.28 16:48:41 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.08.28 16:48:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.08.28 16:46:48 | 000,000,000 | ---D | C] -- C:\Users\maurice\Desktop\Wichtig
[2012.08.27 21:27:12 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2012.08.27 21:24:17 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\IClaro
[2012.08.27 21:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\Claro LTD
[2012.08.27 14:46:19 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\TeknoGods
[2012.08.26 15:55:48 | 012,166,108 | ---- | C] (Anti-Valve Software ) -- C:\Users\maurice\Desktop\CSIW_Setup_24_Aug_2012.exe
[2012.08.26 15:54:46 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
[2012.08.26 15:54:46 | 000,000,000 | ---D | C] -- C:\Program Files\FilesFrog Update Checker
[2012.08.26 15:39:46 | 000,000,000 | ---D | C] -- C:\Program Files\Cracked Steam
[2012.08.24 11:09:18 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\PunkBuster
[2012.08.23 16:54:39 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012.08.23 16:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2012.08.23 16:45:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012.08.23 16:45:11 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2012.08.21 14:17:01 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Media Get LLC
[2012.08.21 14:17:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Get LLC
[2012.08.21 14:16:30 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2
[2012.08.21 14:16:30 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\MediaGet2
[2012.08.21 14:16:30 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\Media Get LLC
[2012.08.21 10:25:45 | 000,000,000 | ---D | C] -- C:\Users\maurice\.thumbnails
[2012.08.20 20:06:12 | 000,000,000 | ---D | C] -- C:\Users\maurice\Desktop\Snd2
[2012.08.20 18:44:51 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Artweaver Plus
[2012.08.20 18:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artweaver Free
[2012.08.20 18:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\Artweaver Free 3.1
[2012.08.20 18:37:47 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Artweaver Free
[2012.08.20 18:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Artweaver
[2012.08.20 18:37:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Artweaver Free
[2012.08.17 22:44:48 | 000,000,000 | ---D | C] -- C:\Users\maurice\Documents\My Cheat Tables
[2012.08.17 22:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
[2012.08.17 22:44:38 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.2
[2012.08.17 01:51:25 | 000,000,000 | ---D | C] -- C:\Users\maurice\Desktop\hallo
[2012.08.16 13:58:45 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2012.08.16 13:25:10 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\Mato_Technologies
[2012.08.16 13:24:41 | 000,000,000 | ---D | C] -- C:\Users\maurice\Desktop\IMG Manager V.1.5
[2012.08.16 01:34:04 | 000,000,000 | ---D | C] -- C:\Users\maurice\Desktop\Eigene Killsounds
[2012.08.15 15:26:41 | 000,000,000 | ---D | C] -- C:\Users\maurice\Desktop\VA - Dubstepium vol.2 (2012)
[2012.08.14 18:29:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012.08.13 20:02:19 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\RagdollSoft
[2012.08.13 17:47:33 | 000,000,000 | ---D | C] -- C:\Users\maurice\Desktop\data
[2012.08.13 17:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
[2012.08.13 17:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bandicam
[2012.08.13 17:04:33 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\BANDISOFT
[2012.08.13 17:04:30 | 000,000,000 | ---D | C] -- C:\Users\maurice\Documents\Bandicam
[2012.08.13 17:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2012.08.13 17:03:59 | 006,550,928 | ---- | C] (Bandisoft) -- C:\Users\maurice\Desktop\bdcamsetup.exe
[2012.08.12 14:33:58 | 000,000,000 | ---D | C] -- C:\Users\maurice\Desktop\luizimloko CF [NA] D3D v1.0
[2012.08.12 01:13:19 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\MSDCSC
[2012.08.11 01:45:27 | 001,276,416 | ---- | C] (Mamo :D) -- C:\Users\maurice\Desktop\Mamo`s Injector V2.7.exe
[2012.08.10 15:04:22 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2012.08.10 14:27:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe
[2012.08.10 14:16:11 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\PMB Files
[2012.08.10 14:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012.08.10 14:15:58 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2012.08.09 23:25:53 | 000,000,000 | ---D | C] -- C:\Users\maurice\Documents\Tunngle
[2012.08.09 23:25:53 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Tunngle
[2012.08.09 23:25:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2012.08.09 23:25:48 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\Windows\System32\drivers\tap0901t.sys
[2012.08.09 23:25:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2012.08.09 23:25:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012.08.09 23:25:47 | 000,000,000 | ---D | C] -- C:\Program Files\Tunngle
[2012.08.08 21:19:07 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\fontconfig
[2012.08.08 21:19:05 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\gegl-0.2
[2012.08.08 21:19:05 | 000,000,000 | ---D | C] -- C:\Users\maurice\.gimp-2.8
[2012.08.08 16:16:35 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\.techniclauncher
[2012.08.08 16:16:25 | 000,052,736 | ---- | C] (Technic) -- C:\Users\maurice\Desktop\TechnicLauncher.exe
[2012.08.07 16:32:50 | 000,000,000 | ---D | C] -- C:\Users\maurice\Documents\BusCableCarSimulator
[2012.08.07 16:32:50 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\BusCableCarSimulator
[2012.08.06 18:29:55 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.08.06 18:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.08.06 18:29:49 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Notepad++
[2012.08.06 18:29:49 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2012.08.06 11:31:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Aeria Games
[2012.08.05 22:32:52 | 003,889,424 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2012.08.05 22:32:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2012.08.05 22:32:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012.08.05 22:32:22 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\Aeria Games
[2012.08.05 22:31:23 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2012.08.05 22:30:34 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2012.08.05 22:30:30 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Aeria Games & Entertainment
[2012.08.05 22:03:12 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\Akamai
[2012.08.05 22:03:10 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2012.08.05 17:47:54 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2012.08.05 17:47:48 | 000,000,000 | ---D | C] -- C:\Users\maurice\Documents\VirtualDJ
[2012.08.05 17:47:48 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
[2012.08.04 20:37:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
[2012.08.04 20:37:56 | 000,050,728 | ---- | C] (Eugene V. Muzychenko) -- C:\Windows\System32\drivers\vrtaucbl.sys
[2012.08.04 20:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual Audio Cable
[2012.08.04 17:33:37 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\TS3Client
[2012.08.04 17:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012.08.04 17:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2012.08.04 11:59:16 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\PFStaticIP
[2012.08.04 11:59:09 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
[2012.08.04 11:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\PFStaticIP
[2012.08.01 20:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
[2012.08.01 20:27:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2012.08.01 15:44:02 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\LogMeIn Hamachi
[2012.08.01 15:43:52 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2012.08.01 15:43:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.08.01 15:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2012.08.01 00:07:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
[2012.08.01 00:07:54 | 000,000,000 | ---D | C] -- C:\Program Files\RocketDock
[2012.07.31 21:31:35 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SA-MP Colorpicker
[2012.07.31 21:31:35 | 000,000,000 | ---D | C] -- C:\Program Files\SA-MP Colorpicker
[2012.07.31 14:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012.07.31 06:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.07.31 05:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012.07.31 05:38:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2012.07.31 05:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012.07.31 05:35:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2012.07.31 03:20:54 | 000,000,000 | ---D | C] -- C:\Users\maurice\Documents\Bus Simulator 2012
[2012.07.31 03:20:54 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\Bus Simulator 2012
[2012.07.30 21:21:05 | 000,000,000 | ---D | C] -- C:\Users\maurice\Documents\RCT3
[2012.07.30 21:21:05 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Atari
[2012.07.30 20:58:38 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Roaming\Leadertech
[2012.07.30 20:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[2012.07.30 19:01:18 | 000,000,000 | ---D | C] -- C:\Users\maurice\Documents\Rockstar Games
[2012.07.30 18:51:10 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012.07.30 18:50:52 | 000,000,000 | ---D | C] -- C:\Users\maurice\AppData\Local\Rockstar Games
[2012.07.30 18:49:42 | 000,000,000 | RH-D | C] -- C:\Users\maurice\AppData\Roaming\SecuROM
[2012.07.30 18:45:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012.07.30 18:45:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
========== Files - Modified Within 30 Days ==========
[2012.08.29 13:53:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.29 13:52:48 | 1610,063,872 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.28 18:07:50 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2728524724-2315069909-2840039285-1000UA.job
[2012.08.28 17:56:45 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2728524724-2315069909-2840039285-1000Core.job
[2012.08.28 17:27:43 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\maurice\Desktop\OTL.exe
[2012.08.28 16:48:43 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.28 16:23:21 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.28 16:23:21 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.28 14:07:26 | 000,000,273 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012.08.27 16:56:22 | 000,062,536 | ---- | M] () -- C:\Users\maurice\Desktop\sign.png
[2012.08.27 14:42:30 | 004,912,935 | ---- | M] () -- C:\Users\maurice\Desktop\loader.rar
[2012.08.26 19:08:21 | 004,992,679 | ---- | M] () -- C:\Users\maurice\Desktop\Overwerk - Buzzin'.mp3
[2012.08.26 19:05:59 | 002,678,857 | ---- | M] () -- C:\Users\maurice\Desktop\Fresh - Nu World Hustle.mp3
[2012.08.26 18:05:25 | 000,000,209 | ---- | M] () -- C:\Users\maurice\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url
[2012.08.26 16:14:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012.08.26 16:14:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012.08.26 15:58:22 | 012,166,108 | ---- | M] (Anti-Valve Software ) -- C:\Users\maurice\Desktop\CSIW_Setup_24_Aug_2012.exe
[2012.08.26 15:39:00 | 011,923,888 | ---- | M] () -- C:\Users\maurice\Desktop\ALL STEAM GAMES.rar
[2012.08.26 15:07:15 | 000,138,992 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.08.26 15:06:58 | 000,281,288 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012.08.26 13:36:06 | 002,359,350 | ---- | M] () -- C:\Users\maurice\Desktop\Crossfire20120826_0000.bmp
[2012.08.25 19:35:22 | 000,281,288 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012.08.24 11:19:42 | 000,138,904 | ---- | M] () -- C:\Users\maurice\AppData\Roaming\PnkBstrK.sys
[2012.08.23 16:54:39 | 000,000,216 | ---- | M] () -- C:\Users\maurice\Desktop\APB Reloaded.url
[2012.08.23 16:45:17 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012.08.22 17:01:55 | 000,195,952 | ---- | M] () -- C:\Users\maurice\Desktop\dubstep-wallpaper-1680x1260.jpg
[2012.08.21 14:19:05 | 000,026,160 | ---- | M] () -- C:\Users\maurice\Desktop\k81stmyt9sj2p1j.dlc
[2012.08.21 14:16:50 | 000,001,091 | ---- | M] () -- C:\Users\maurice\Desktop\MediaGet.lnk
[2012.08.21 10:27:05 | 000,827,055 | ---- | M] () -- C:\Users\maurice\Documents\Unbenannt.xcf
[2012.08.21 10:27:05 | 000,003,874 | ---- | M] () -- C:\Users\maurice\AppData\Local\recently-used.xbel
[2012.08.21 10:14:36 | 000,181,078 | ---- | M] () -- C:\Users\maurice\Desktop\Neue Bitmap.bmp
[2012.08.20 18:44:49 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\Artweaver Free 3.1.lnk
[2012.08.20 18:42:31 | 000,117,046 | ---- | M] () -- C:\Users\maurice\Desktop\Minecraft-Cartoon-Creeper-psd66170.png
[2012.08.20 18:37:05 | 000,296,404 | ---- | M] () -- C:\Users\maurice\Desktop\template_bearbeitet.jpg
[2012.08.17 22:44:41 | 000,001,047 | ---- | M] () -- C:\Users\maurice\Desktop\Cheat Engine.lnk
[2012.08.17 18:39:37 | 000,000,822 | ---- | M] () -- C:\Users\maurice\Desktop\k3979896.bmp
[2012.08.17 18:38:26 | 000,006,643 | ---- | M] () -- C:\Users\maurice\Desktop\k3979896.pdn
[2012.08.17 18:36:41 | 000,004,234 | ---- | M] () -- C:\Users\maurice\Desktop\k3979896.jpg
[2012.08.17 17:25:23 | 004,891,574 | ---- | M] () -- C:\Users\maurice\Desktop\Knife Party - Centipede (Official Video).mp3
[2012.08.17 15:48:55 | 000,169,004 | ---- | M] () -- C:\Users\maurice\Desktop\dawdaedqda.wav
[2012.08.17 01:49:41 | 000,050,688 | ---- | M] () -- C:\Users\maurice\AppData\Roaming\.NET EXTERNAL ESP V1.1 BY MASTER131.EXE
[2012.08.16 13:54:59 | 011,489,072 | ---- | M] () -- C:\Users\maurice\Desktop\Overdose-1.4-mit-overdose-1.3-blut.rar
[2012.08.16 01:13:48 | 000,202,796 | ---- | M] () -- C:\Users\maurice\Desktop\xD.wav
[2012.08.15 22:39:15 | 000,000,822 | ---- | M] () -- C:\Users\maurice\Desktop\CF.bmp
[2012.08.15 21:48:33 | 000,277,904 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.15 18:53:06 | 000,000,000 | ---- | M] () -- C:\Users\maurice\Desktop\maurice.avi
[2012.08.15 17:49:31 | 000,003,538 | ---- | M] () -- C:\Users\maurice\Desktop\Gamemagiz.com_kakdelas hack v0.3.rar
[2012.08.15 17:39:49 | 000,027,531 | ---- | M] () -- C:\Users\maurice\Desktop\Gamemagiz.com_xKickHack V8.rar
[2012.08.15 16:36:31 | 000,696,132 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.15 16:36:31 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.15 16:36:31 | 000,147,428 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.15 16:36:31 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.15 16:34:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.08.15 15:26:33 | 000,027,589 | ---- | M] () -- C:\Users\maurice\Desktop\Gamemagiz.com_Mamo`s Hack V2.1.rar
[2012.08.15 14:49:02 | 000,000,822 | ---- | M] () -- C:\Users\maurice\Desktop\CW.bmp
[2012.08.15 12:41:04 | 000,000,165 | ---- | M] () -- C:\Users\maurice\Desktop\eamconfig.ini
[2012.08.15 02:01:38 | 000,316,400 | ---- | M] () -- C:\Users\maurice\Desktop\GioVbt201264telFinaleVsSmaticx_8994.mp3.sfk
[2012.08.15 01:58:50 | 003,672,764 | ---- | M] () -- C:\Users\maurice\Desktop\GioVbt201264telFinaleVsSmaticx_8994.mp3
[2012.08.15 01:49:32 | 004,071,236 | ---- | M] () -- C:\Users\maurice\Desktop\Dubstep - High - Musik 6.mp3
[2012.08.15 01:02:36 | 000,000,621 | ---- | M] () -- C:\Users\Public\Desktop\Pivot Stickfigure Animator.lnk
[2012.08.14 18:22:03 | 000,070,343 | ---- | M] () -- C:\Users\maurice\Desktop\Gamemagiz.com_HMV9 (NA).rar
[2012.08.13 19:57:17 | 000,000,454 | ---- | M] () -- C:\Users\maurice\Desktop\listen-dsl.asx
[2012.08.13 17:39:01 | 000,000,950 | ---- | M] () -- C:\Users\maurice\Desktop\Bandicam.lnk
[2012.08.13 17:38:14 | 007,318,433 | ---- | M] () -- C:\Users\maurice\Desktop\Bandicam for free.zip
[2012.08.13 17:03:59 | 006,550,928 | ---- | M] (Bandisoft) -- C:\Users\maurice\Desktop\bdcamsetup.exe
[2012.08.13 13:48:19 | 000,454,458 | ---- | M] () -- C:\Users\maurice\Desktop\LWC.jar
[2012.08.11 22:45:36 | 000,102,400 | ---- | M] () -- C:\Users\maurice\Desktop\EAM.exe
[2012.08.11 22:45:31 | 000,008,192 | ---- | M] () -- C:\Users\maurice\Desktop\playerstats.bak
[2012.08.11 22:16:29 | 000,001,343 | ---- | M] () -- C:\Users\maurice\Desktop\Play MW2 Multiplayer.lnk
[2012.08.11 22:16:29 | 000,001,179 | ---- | M] () -- C:\Users\maurice\Desktop\Play MW2 SinglePlayer.lnk
[2012.08.11 03:22:04 | 011,165,139 | ---- | M] () -- C:\Users\maurice\Desktop\Döner.mp4
[2012.08.11 01:45:35 | 000,144,576 | ---- | M] () -- C:\Users\maurice\Desktop\Döner.veg
[2012.08.11 01:44:48 | 000,180,972 | ---- | M] () -- C:\Users\maurice\Desktop\Mamo`s Injector V2.7_mpgh.net.rar
[2012.08.11 00:06:08 | 000,001,266 | ---- | M] () -- C:\Users\maurice\Desktop\schwarz-karierten-kachel-hintergrund-vektor_34-16941.jpg
[2012.08.10 16:38:52 | 000,000,037 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.08.10 16:38:31 | 000,001,164 | ---- | M] () -- C:\Users\maurice\Desktop\Crossfire FG.lnk
[2012.08.10 15:04:22 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2012.08.10 15:02:07 | 000,000,990 | ---- | M] () -- C:\Users\maurice\Desktop\World of Subways Vol.1.lnk
[2012.08.10 12:07:10 | 001,276,416 | ---- | M] (Mamo :D) -- C:\Users\maurice\Desktop\Mamo`s Injector V2.7.exe
[2012.08.09 17:11:38 | 001,624,358 | ---- | M] () -- C:\Users\maurice\Desktop\mcpatcher-2.4.1_01.exe
[2012.08.09 16:07:36 | 000,000,600 | ---- | M] () -- C:\Users\maurice\AppData\Roaming\winscp.rnd
[2012.08.08 16:16:25 | 000,052,736 | ---- | M] (Technic) -- C:\Users\maurice\Desktop\TechnicLauncher.exe
[2012.08.05 18:08:22 | 000,001,416 | ---- | M] () -- C:\Users\maurice\Desktop\Virutal DJ.lnk
[2012.08.04 20:37:56 | 000,050,728 | ---- | M] (Eugene V. Muzychenko) -- C:\Windows\System32\drivers\vrtaucbl.sys
[2012.08.04 17:33:19 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012.08.03 15:28:17 | 002,859,525 | ---- | M] () -- C:\WorldofSanAndreas.amx
[2012.08.03 14:02:56 | 005,890,017 | ---- | M] () -- C:\larp.amx
[2012.08.02 01:33:04 | 001,994,752 | ---- | M] () -- C:\Users\maurice\Desktop\grplauncher0.7.2.exe
[2012.08.02 01:32:36 | 002,250,240 | ---- | M] () -- C:\Users\maurice\Desktop\SA-Keybinder.exe
[2012.08.01 20:27:34 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01009.Wdf
[2012.08.01 17:11:54 | 000,002,073 | ---- | M] () -- C:\Selfmade.amx
[2012.08.01 00:07:57 | 000,000,937 | ---- | M] () -- C:\Users\maurice\Desktop\RocketDock.lnk
[2012.07.31 21:31:35 | 000,001,077 | ---- | M] () -- C:\Users\maurice\Desktop\SA-MP Colorpicker.lnk
[2012.07.31 20:55:57 | 001,267,561 | ---- | M] () -- C:\CRL_Script.amx
[2012.07.31 20:31:55 | 002,393,566 | ---- | M] () -- C:\YVL.amx
[2012.07.31 06:14:16 | 000,001,015 | ---- | M] () -- C:\Users\maurice\Desktop\RollerCoaster Tycoon 3 ^^.lnk
[2012.07.30 21:20:54 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
[2012.07.30 21:20:51 | 000,001,205 | ---- | M] () -- C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Product Registration.lnk
========== Files Created - No Company Name ==========
[2012.08.28 16:48:43 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.28 14:07:26 | 000,000,273 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012.08.27 16:56:22 | 000,062,536 | ---- | C] () -- C:\Users\maurice\Desktop\sign.png
[2012.08.27 14:42:16 | 004,912,935 | ---- | C] () -- C:\Users\maurice\Desktop\loader.rar
[2012.08.26 19:08:09 | 004,992,679 | ---- | C] () -- C:\Users\maurice\Desktop\Overwerk - Buzzin'.mp3
[2012.08.26 19:05:53 | 002,678,857 | ---- | C] () -- C:\Users\maurice\Desktop\Fresh - Nu World Hustle.mp3
[2012.08.26 18:05:24 | 000,000,209 | ---- | C] () -- C:\Users\maurice\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url
[2012.08.26 16:14:36 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012.08.26 16:14:36 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012.08.26 15:38:25 | 011,923,888 | ---- | C] () -- C:\Users\maurice\Desktop\ALL STEAM GAMES.rar
[2012.08.26 13:36:06 | 002,359,350 | ---- | C] () -- C:\Users\maurice\Desktop\Crossfire20120826_0000.bmp
[2012.08.24 11:09:23 | 000,281,288 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2012.08.24 11:05:20 | 000,138,992 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.08.24 11:05:19 | 000,138,904 | ---- | C] () -- C:\Users\maurice\AppData\Roaming\PnkBstrK.sys
[2012.08.24 11:04:43 | 000,281,288 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012.08.24 11:04:43 | 000,281,288 | ---- | C] () -- C:\Windows\System32\PnkBstrB.ex0
[2012.08.24 11:04:20 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012.08.23 16:54:39 | 000,000,216 | ---- | C] () -- C:\Users\maurice\Desktop\APB Reloaded.url
[2012.08.23 16:45:17 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012.08.22 17:01:55 | 000,195,952 | ---- | C] () -- C:\Users\maurice\Desktop\dubstep-wallpaper-1680x1260.jpg
[2012.08.21 14:18:32 | 000,026,160 | ---- | C] () -- C:\Users\maurice\Desktop\k81stmyt9sj2p1j.dlc
[2012.08.21 14:16:50 | 000,001,099 | ---- | C] () -- C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet.lnk
[2012.08.21 14:16:50 | 000,001,091 | ---- | C] () -- C:\Users\maurice\Desktop\MediaGet.lnk
[2012.08.21 10:27:05 | 000,003,874 | ---- | C] () -- C:\Users\maurice\AppData\Local\recently-used.xbel
[2012.08.21 10:25:45 | 000,827,055 | ---- | C] () -- C:\Users\maurice\Documents\Unbenannt.xcf
[2012.08.21 10:12:18 | 000,181,078 | ---- | C] () -- C:\Users\maurice\Desktop\Neue Bitmap.bmp
[2012.08.20 18:44:49 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\Artweaver Free 3.1.lnk
[2012.08.20 18:42:31 | 000,117,046 | ---- | C] () -- C:\Users\maurice\Desktop\Minecraft-Cartoon-Creeper-psd66170.png
[2012.08.20 18:37:05 | 000,296,404 | ---- | C] () -- C:\Users\maurice\Desktop\template_bearbeitet.jpg
[2012.08.17 22:44:41 | 000,001,047 | ---- | C] () -- C:\Users\maurice\Desktop\Cheat Engine.lnk
[2012.08.17 18:39:33 | 000,000,822 | ---- | C] () -- C:\Users\maurice\Desktop\k3979896.bmp
[2012.08.17 18:38:26 | 000,006,643 | ---- | C] () -- C:\Users\maurice\Desktop\k3979896.pdn
[2012.08.17 18:36:41 | 000,004,234 | ---- | C] () -- C:\Users\maurice\Desktop\k3979896.jpg
[2012.08.17 17:25:20 | 004,891,574 | ---- | C] () -- C:\Users\maurice\Desktop\Knife Party - Centipede (Official Video).mp3
[2012.08.17 15:48:55 | 000,169,004 | ---- | C] () -- C:\Users\maurice\Desktop\dawdaedqda.wav
[2012.08.17 01:49:05 | 000,000,117 | ---- | C] () -- C:\Users\maurice\Desktop\config.ini
[2012.08.16 13:54:48 | 011,489,072 | ---- | C] () -- C:\Users\maurice\Desktop\Overdose-1.4-mit-overdose-1.3-blut.rar
[2012.08.16 01:13:48 | 000,202,796 | ---- | C] () -- C:\Users\maurice\Desktop\xD.wav
[2012.08.15 22:36:50 | 000,000,822 | ---- | C] () -- C:\Users\maurice\Desktop\CF.bmp
[2012.08.15 18:52:13 | 000,000,000 | ---- | C] () -- C:\Users\maurice\Desktop\maurice.avi
[2012.08.15 17:49:31 | 000,003,538 | ---- | C] () -- C:\Users\maurice\Desktop\Gamemagiz.com_kakdelas hack v0.3.rar
[2012.08.15 17:39:48 | 000,027,531 | ---- | C] () -- C:\Users\maurice\Desktop\Gamemagiz.com_xKickHack V8.rar
[2012.08.15 16:34:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.08.15 15:26:33 | 000,027,589 | ---- | C] () -- C:\Users\maurice\Desktop\Gamemagiz.com_Mamo`s Hack V2.1.rar
[2012.08.15 14:47:45 | 000,000,822 | ---- | C] () -- C:\Users\maurice\Desktop\CW.bmp
[2012.08.15 01:59:04 | 000,316,400 | ---- | C] () -- C:\Users\maurice\Desktop\GioVbt201264telFinaleVsSmaticx_8994.mp3.sfk
[2012.08.15 01:58:48 | 003,672,764 | ---- | C] () -- C:\Users\maurice\Desktop\GioVbt201264telFinaleVsSmaticx_8994.mp3
[2012.08.15 01:49:32 | 004,071,236 | ---- | C] () -- C:\Users\maurice\Desktop\Dubstep - High - Musik 6.mp3
[2012.08.15 01:02:36 | 000,000,621 | ---- | C] () -- C:\Users\Public\Desktop\Pivot Stickfigure Animator.lnk
[2012.08.15 01:02:36 | 000,000,621 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Stickfigure Animator.lnk
[2012.08.14 18:22:03 | 000,070,343 | ---- | C] () -- C:\Users\maurice\Desktop\Gamemagiz.com_HMV9 (NA).rar
[2012.08.13 19:57:16 | 000,000,454 | ---- | C] () -- C:\Users\maurice\Desktop\listen-dsl.asx
[2012.08.13 17:39:01 | 000,000,950 | ---- | C] () -- C:\Users\maurice\Desktop\Bandicam.lnk
[2012.08.13 17:37:54 | 007,318,433 | ---- | C] () -- C:\Users\maurice\Desktop\Bandicam for free.zip
[2012.08.13 13:48:19 | 000,454,458 | ---- | C] () -- C:\Users\maurice\Desktop\LWC.jar
[2012.08.12 01:13:18 | 000,050,688 | ---- | C] () -- C:\Users\maurice\AppData\Roaming\.NET EXTERNAL ESP V1.1 BY MASTER131.EXE
[2012.08.11 22:47:23 | 000,008,192 | ---- | C] () -- C:\Users\maurice\Desktop\playerstats.bak
[2012.08.11 22:45:58 | 000,000,165 | ---- | C] () -- C:\Users\maurice\Desktop\eamconfig.ini
[2012.08.11 22:45:36 | 000,102,400 | ---- | C] () -- C:\Users\maurice\Desktop\EAM.exe
[2012.08.11 22:16:29 | 000,001,343 | ---- | C] () -- C:\Users\maurice\Desktop\Play MW2 Multiplayer.lnk
[2012.08.11 22:16:29 | 000,001,179 | ---- | C] () -- C:\Users\maurice\Desktop\Play MW2 SinglePlayer.lnk
[2012.08.11 02:42:19 | 011,165,139 | ---- | C] () -- C:\Users\maurice\Desktop\Döner.mp4
[2012.08.11 01:45:35 | 000,144,576 | ---- | C] () -- C:\Users\maurice\Desktop\Döner.veg
[2012.08.11 01:44:47 | 000,180,972 | ---- | C] () -- C:\Users\maurice\Desktop\Mamo`s Injector V2.7_mpgh.net.rar
[2012.08.11 00:05:02 | 000,001,266 | ---- | C] () -- C:\Users\maurice\Desktop\schwarz-karierten-kachel-hintergrund-vektor_34-16941.jpg
[2012.08.10 16:38:39 | 000,001,164 | ---- | C] () -- C:\Users\maurice\Desktop\Crossfire FG.lnk
[2012.08.10 15:02:07 | 000,000,990 | ---- | C] () -- C:\Users\maurice\Desktop\World of Subways Vol.1.lnk
[2012.08.09 17:11:32 | 001,624,358 | ---- | C] () -- C:\Users\maurice\Desktop\mcpatcher-2.4.1_01.exe
[2012.08.05 22:32:34 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2012.08.05 18:08:22 | 000,001,416 | ---- | C] () -- C:\Users\maurice\Desktop\Virutal DJ.lnk
[2012.08.04 17:33:19 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012.08.03 14:21:25 | 002,859,525 | ---- | C] () -- C:\WorldofSanAndreas.amx
[2012.08.02 01:33:04 | 001,994,752 | ---- | C] () -- C:\Users\maurice\Desktop\grplauncher0.7.2.exe
[2012.08.02 01:32:36 | 002,250,240 | ---- | C] () -- C:\Users\maurice\Desktop\SA-Keybinder.exe
[2012.08.01 22:49:20 | 005,890,017 | ---- | C] () -- C:\larp.amx
[2012.08.01 20:27:34 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01009.Wdf
[2012.08.01 16:30:12 | 000,002,073 | ---- | C] () -- C:\Selfmade.amx
[2012.08.01 00:07:57 | 000,000,937 | ---- | C] () -- C:\Users\maurice\Desktop\RocketDock.lnk
[2012.07.31 21:31:35 | 000,001,077 | ---- | C] () -- C:\Users\maurice\Desktop\SA-MP Colorpicker.lnk
[2012.07.31 20:55:57 | 001,267,561 | ---- | C] () -- C:\CRL_Script.amx
[2012.07.31 20:31:55 | 002,393,566 | ---- | C] () -- C:\YVL.amx
[2012.07.31 06:14:27 | 000,001,015 | ---- | C] () -- C:\Users\maurice\Desktop\RollerCoaster Tycoon 3 ^^.lnk
[2012.07.30 21:20:54 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2012.07.30 21:20:51 | 000,001,205 | ---- | C] () -- C:\Users\maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Product Registration.lnk
[2012.07.30 19:20:31 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012.07.25 20:38:50 | 000,000,600 | ---- | C] () -- C:\Users\maurice\AppData\Roaming\winscp.rnd
[2012.07.25 20:24:25 | 000,000,600 | ---- | C] () -- C:\Users\maurice\AppData\Local\PUTTY.RND
[2012.07.24 20:16:09 | 000,000,065 | ---- | C] () -- C:\Users\maurice\AppData\Roaming\VoiceSFX.ini
[2012.07.24 20:15:40 | 000,000,066 | ---- | C] () -- C:\Windows\System32\MASHTWTY.SYS
[2012.07.21 16:04:21 | 000,049,792 | ---- | C] () -- C:\Windows\System32\drivers\fwlanusb4.bin
[2012.07.20 01:38:52 | 000,007,601 | ---- | C] () -- C:\Users\maurice\AppData\Local\Resmon.ResmonCfg
[2012.06.07 13:04:54 | 004,176,896 | ---- | C] () -- C:\Windows\System32\LS3Renderer.dll
[2012.02.29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.09.26 12:39:04 | 004,073,472 | ---- | C] () -- C:\Windows\System32\ColoristaRenderer.dll
[2011.09.19 09:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2011.09.19 09:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2011.06.29 07:07:48 | 003,617,280 | ---- | C] () -- C:\Windows\System32\CosmoRenderer.dll
========== LOP Check ==========
[2012.08.23 19:06:26 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\.minecraft
[2012.08.28 18:27:46 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\.techniclauncher
[2012.08.05 22:30:30 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Aeria Games & Entertainment
[2012.08.20 18:37:47 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Artweaver Free
[2012.08.20 18:44:51 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Artweaver Plus
[2012.07.30 21:21:05 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Atari
[2012.08.13 17:04:33 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\BANDISOFT
[2012.08.28 20:21:40 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\BrowserCompanion
[2012.08.14 18:29:17 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\DAEMON Tools Lite
[2012.07.25 20:37:48 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\FileZilla
[2012.08.28 17:47:28 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\hellomoto
[2012.08.27 21:24:17 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\IClaro
[2012.07.30 20:58:38 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Leadertech
[2012.07.24 16:24:22 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\MAXON
[2012.08.27 07:49:41 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Media Get LLC
[2012.08.28 17:29:48 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\MSDCSC
[2012.08.06 18:30:18 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Notepad++
[2012.07.20 01:52:01 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Opera
[2012.08.04 12:02:20 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\PFStaticIP
[2012.07.24 13:40:41 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Publish Providers
[2012.07.24 14:09:21 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Red Giant Link
[2012.07.24 20:23:06 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Screaming Bee
[2012.07.25 00:25:24 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Sony
[2012.07.27 17:15:18 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Sony Creative Software Inc
[2012.07.24 22:58:14 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\TeamViewer
[2012.08.27 07:49:41 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\TS3Client
[2012.08.09 23:49:20 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\Tunngle
[2012.08.28 20:21:23 | 000,000,000 | ---D | M] -- C:\Users\maurice\AppData\Roaming\uTorrent
[2012.08.28 17:56:45 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2728524724-2315069909-2840039285-1000Core.job
[2012.08.28 18:07:50 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2728524724-2315069909-2840039285-1000UA.job
[2009.07.14 06:53:46 | 000,026,332 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.07.20 06:22:19 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.08.05 22:03:10 | 000,000,000 | ---D | M] -- C:\AeriaGames
[2012.08.27 18:15:20 | 000,000,000 | ---D | M] -- C:\CFLog
[2012.07.20 06:18:49 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.07.30 12:40:49 | 000,000,000 | ---D | M] -- C:\m-r-software
[2012.07.20 01:47:34 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 04:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.08.28 18:06:23 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.08.28 18:06:23 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.07.20 06:18:50 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.07.20 06:18:50 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.08.27 14:25:41 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.07.24 14:04:28 | 000,000,000 | ---D | M] -- C:\temp
[2012.07.20 01:47:52 | 000,000,000 | R--D | M] -- C:\Users
[2012.08.29 13:56:47 | 000,000,000 | ---D | M] -- C:\Windows
[2012.08.28 17:36:02 | 000,000,000 | ---D | M] -- C:\_OTL
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.07.14 03:14:11 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: IASTORV.SYS >
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %USERPROFILE%\*.* >
[2012.08.29 14:05:39 | 002,359,296 | -HS- | M] () -- C:\Users\maurice\ntuser.dat
[2012.08.29 14:05:39 | 000,262,144 | -HS- | M] () -- C:\Users\maurice\ntuser.dat.LOG1
[2012.07.20 06:21:59 | 000,000,000 | -HS- | M] () -- C:\Users\maurice\ntuser.dat.LOG2
[2012.08.03 22:03:43 | 000,065,536 | -HS- | M] () -- C:\Users\maurice\NTUSER.DAT{47f2a26a-dda6-11e1-9f22-bc05430b7e48}.TM.blf
[2012.08.03 22:03:43 | 000,524,288 | -HS- | M] () -- C:\Users\maurice\NTUSER.DAT{47f2a26a-dda6-11e1-9f22-bc05430b7e48}.TMContainer00000000000000000001.regtrans-ms
[2012.08.03 22:03:44 | 000,524,288 | -HS- | M] () -- C:\Users\maurice\NTUSER.DAT{47f2a26a-dda6-11e1-9f22-bc05430b7e48}.TMContainer00000000000000000002.regtrans-ms
[2012.07.20 01:53:30 | 000,065,536 | -HS- | M] () -- C:\Users\maurice\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012.07.20 01:53:30 | 000,524,288 | -HS- | M] () -- C:\Users\maurice\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012.07.20 01:53:30 | 000,524,288 | -HS- | M] () -- C:\Users\maurice\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012.08.27 07:00:55 | 000,065,536 | -HS- | M] () -- C:\Users\maurice\ntuser.dat{beccfc13-f002-11e1-b1f4-bc05430b7e48}.TM.blf
[2012.08.27 07:00:55 | 000,524,288 | -HS- | M] () -- C:\Users\maurice\ntuser.dat{beccfc13-f002-11e1-b1f4-bc05430b7e48}.TMContainer00000000000000000001.regtrans-ms
[2012.08.27 07:00:55 | 000,524,288 | -HS- | M] () -- C:\Users\maurice\ntuser.dat{beccfc13-f002-11e1-b1f4-bc05430b7e48}.TMContainer00000000000000000002.regtrans-ms
[2012.07.20 06:22:00 | 000,000,020 | -HS- | M] () -- C:\Users\maurice\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< >
< End of report >
--- --- ---
extras:OTL Logfile: Code:
OTL Extras logfile created on: 29.08.2012 14:01:59 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\maurice\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 78,05% Memory free
4,00 Gb Paging File | 3,64 Gb Available in Paging File | 90,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,15 Gb Total Space | 7,35 Gb Free Space | 19,77% Space Free | Partition Type: NTFS
Drive D: | 76,69 Gb Total Space | 43,39 Gb Free Space | 56,58% Space Free | Partition Type: NTFS
Computer Name: MAURICE-PC | User Name: maurice | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F5D60B-82AF-4E4F-B03D-22ECC2E914D4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1F8F7BE4-11C3-4059-9633-0FD01579A5C6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{28C1B6AF-BFB1-4040-98B1-D358ADFCBAA7}" = rport=139 | protocol=6 | dir=out | app=system |
"{3064061D-D0A8-4BC3-8BEE-2BA026B50CF9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31613C44-D704-4A51-AEF3-638A284F9879}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4E97F6B3-39DA-4F72-B9BD-9D8302691F27}" = rport=138 | protocol=17 | dir=out | app=system |
"{512972F1-2534-48F0-BBBC-51DD87A156DF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5E56A2EA-3BC4-40C8-9448-80E241E38606}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5EA7A818-B5A8-4110-8470-557E7BB62E2C}" = lport=138 | protocol=17 | dir=in | app=system |
"{68C52C88-32B4-47CE-936F-31738B1C1BB8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6B5B8B9C-4596-4F71-9690-91A06C3A80F4}" = lport=56712 | protocol=6 | dir=in | name=pando media booster |
"{792BA950-BB6C-4B0A-B088-3A340A072017}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7B7ECA33-C2A8-4338-B6A4-1872307DE8B2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7E6ADFB4-3A6C-4C8D-82BD-7159169F2E6B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8EEA3F4D-2203-4714-B62B-33867CDF0CE6}" = lport=56712 | protocol=17 | dir=in | name=pando media booster |
"{926DAB2B-B680-4D44-A621-4A257DFB07E8}" = lport=56712 | protocol=17 | dir=in | name=pando media booster |
"{AE28C7F0-214C-497C-84B5-CDF8F58977E9}" = rport=137 | protocol=17 | dir=out | app=system |
"{B0B2844D-0E77-4931-B075-9C1B2BE9DACE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9C972C8-D7B1-4C09-A477-E158308A95CC}" = lport=445 | protocol=6 | dir=in | app=system |
"{C05FD5BE-C652-4909-A871-217BAC08BAD8}" = rport=445 | protocol=6 | dir=out | app=system |
"{C98B9425-80FB-45AF-9E86-B5B4BBD3E9DF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CD40DDFF-DB7F-4B54-B77D-6EB431E77716}" = lport=137 | protocol=17 | dir=in | app=system |
"{D2515FFD-B558-4708-B7F4-87FC47171D0F}" = lport=56712 | protocol=6 | dir=in | name=pando media booster |
"{E6FE7CA0-7121-43FE-ADF0-A2E0FD082CB1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F4934021-595E-4579-9813-52FDDFBF19EE}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{046B2E28-DFF3-44FE-8F7F-59A2C20AB0DB}" = protocol=6 | dir=in | app=c:\program files\cracked steam\steam.exe |
"{1557941D-65E1-496B-A939-892A01109C15}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{15F0687D-0369-4152-BCF4-698A0A6012DD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1647335B-801E-4257-BDF3-E206A2B8D024}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{1FEAF024-0803-46B8-9B73-B1FDAFF07035}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{22DC5D54-A5E4-4E65-B084-82CFCFD92664}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{294B9672-ECBE-4CD5-8B39-3AD724028B72}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{2A25E645-72BA-4F8B-A713-90E4C57549E0}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{2B561945-4BD5-4E55-8191-14CD4C915B27}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C54A432-CCA8-4015-8005-7DB51A67B2F3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{2DDA3A5D-8035-4EEC-8279-91BD2FD86505}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2EC96978-5E67-40A5-A026-15CA5CC41D6B}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{34B583F8-F7C1-4651-8895-ACAD66E07CF1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3630A125-7F01-43CE-9935-A9302CCF17C0}" = protocol=17 | dir=in | app=c:\users\maurice\appdata\local\opera\opera\temporary_downloads\crossfire_downloader.exe |
"{37D69D3A-B615-4467-8859-594C41AD602D}" = protocol=17 | dir=in | app=d:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{3D47978B-8EF2-401B-8240-F95A92ED7AFB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3FD6BD31-5CB8-458C-8ECB-86E8FA6D0732}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{43228140-1FE9-466D-9EFE-0ADE9D257043}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{43DCB8B3-1F91-489D-843F-F087DFB28A4C}" = protocol=17 | dir=in | app=c:\program files\cracked steam\steam.exe |
"{44173F5D-21E4-4909-B7C9-8B6EC5247788}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{468D993F-4146-4CD2-AC9E-38C107341EBF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{4A0CAE81-43C9-475C-8A6A-540414D80F2F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{4E82A082-04C0-47AF-B0BA-0E104AC35FBB}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5737172E-0E6A-487A-9D42-E2F2326E4494}" = protocol=6 | dir=in | app=d:\cracked steam\steam.exe |
"{591A6650-9D2C-4654-A8CA-55F7D2EAE5CE}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5F28EC99-A149-43F7-A4A6-893DEE1483D9}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{5F67547D-1553-47ED-A577-8336E5CA5EDD}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6121F582-25C1-40FB-B84D-40C126185BF8}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{632BD552-BF52-4BE7-A7C2-1A2DB730C46A}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{67D91C10-5E87-4650-BF1C-58848EE6DB07}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{6C6871E5-DF94-467B-9B32-18303550CF25}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{6E38BC17-5370-4430-8B7E-698EF5820C5C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{751FA3AB-B695-4EF2-8171-C413F7CA5E47}" = protocol=6 | dir=in | app=c:\users\maurice\appdata\local\mediaget2\mediaget.exe |
"{7658C9EB-C5CD-42C6-90EB-A885CAB2EE8E}" = protocol=6 | dir=in | app=d:\\bittorrent.exe |
"{769B1ADA-C44B-4DFD-9BEE-835EA8EAAC7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{784DEC02-9E3F-49E2-AF80-D4B3E87F7704}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{7AF9CC19-43C6-4537-A8CE-E199A092B954}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{8079DDD4-DE99-4D11-8602-E170D74EAA2D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{81F16145-71C3-4E4A-A723-A9B9E7AE189A}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{81F53B06-4691-425C-B4B6-25B866088849}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{8D31B7DA-ACA4-430E-ACDC-57259EBFB59F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{903A0E3D-E17B-4300-9CFF-B6263A5D510B}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{90D5B0E6-FD0A-45E5-9079-110B6D95066E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{91563820-BA37-4E1F-B8F4-1935350043F0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9758B295-5982-48E6-A9DB-93C91D33EAEE}" = dir=in | app=c:\users\maurice\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{98267AB5-68EC-4DDD-B22C-5E691F2E5308}" = protocol=6 | dir=in | app=d:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{9C465438-72FB-493E-8919-ADA79A51CF25}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{9D2552B2-F233-407F-B90C-A15338C66D5E}" = protocol=17 | dir=in | app=c:\users\maurice\appdata\local\mediaget2\mediaget.exe |
"{A729F528-577A-484F-A78E-FAF03DD33DED}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{A9B94A8E-462C-4496-93C6-0BBDAA7B9C0B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ACFB1857-6CC4-41B8-B122-5D99C336D291}" = protocol=6 | dir=out | app=system |
"{ADEFE4B6-C225-46B9-81F1-432C6E989CA1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AEBCDBDB-EFD5-47CA-93F5-F7248B4CC7CC}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{AFA37EB5-114A-41A2-91E0-46EE8473C018}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B35313F9-CFA2-4F10-8ED7-26C8E68E1E99}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{B3FD15C8-6D2A-49FB-85A4-1314F6B61B71}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{BF0840B1-2AEF-49AF-A8A9-DE812D956278}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CCAC3EFA-7D8D-4544-8101-1522E1B375E0}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{CD0F3AF9-18EC-4BE3-AC5B-D9A78EF514B1}" = protocol=6 | dir=in | app=c:\users\maurice\appdata\local\opera\opera\temporary_downloads\crossfire_downloader.exe |
"{D16F2D40-1F7F-41F6-8287-935BA869FD2F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D6FC7821-1545-4004-AECE-22D1F6C831CC}" = protocol=17 | dir=in | app=d:\\bittorrent.exe |
"{D9C378E6-71EB-43D2-8186-10B2B0438A3A}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{DE6F963F-31D1-4573-99A2-06814D518AF2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DFDBC2F0-D74E-48D7-B6C5-8BB81B7D4F33}" = protocol=17 | dir=in | app=d:\cracked steam\steam.exe |
"{E42B68ED-AA97-45F5-819D-8C58B2560356}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F1E05683-A231-4DEF-8A9E-D84502F42A37}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA9A3E35-F4A7-483D-866E-DD7A2780D7CD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FF4B40D1-4EED-4A48-94F1-1FCDD70EEDAE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{FF640783-2682-4F7A-B8E6-925A1DAB0DB9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{FFAE1FC7-1439-41DB-A678-168C4779FD8B}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FFCC3BE6-4F69-4EBB-82FD-0C0B84AFC6F3}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{09C279B6-700F-4CAB-9A9E-5C506371A640}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{0B54C144-EAA2-4BC1-B172-7E4BA00D460D}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{136CAC94-9BAA-43A5-A4F3-EE60E47BFB83}C:\users\maurice\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\maurice\appdata\local\akamai\netsession_win.exe |
"TCP Query User{253AD7FE-BA85-418F-A5C9-D6B3CFB76A1D}D:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe" = protocol=6 | dir=in | app=d:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"TCP Query User{2ABD3A57-3FD5-46BA-B551-7839A2A78484}D:\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=d:\gta san andreas\gta_sa.exe |
"TCP Query User{2BC82A9B-606C-4993-A1DC-E743CAFD4AB2}D:\bittorrent.exe" = protocol=6 | dir=in | app=d:\bittorrent.exe |
"TCP Query User{36680161-7EED-403B-8745-AE98C6BC6358}D:\maurice\counter strike source\hl2.exe" = protocol=6 | dir=in | app=d:\maurice\counter strike source\hl2.exe |
"TCP Query User{36DE763E-5DFC-4563-B2F7-BF253ACA6F12}D:\wolfteam\wolfteam-de\wolfteam.bin" = protocol=6 | dir=in | app=d:\wolfteam\wolfteam-de\wolfteam.bin |
"TCP Query User{41FEA978-E3F8-47A9-9935-81D69B5BFA7A}D:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe" = protocol=6 | dir=in | app=d:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"TCP Query User{454726A5-B0DB-444B-AA3E-CA965904FE06}D:\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\grand theft auto iv\gtaiv.exe |
"TCP Query User{4A59DA04-A6E1-4AD0-A28F-E196C6039E05}D:\maurice\users\spiele\desktop\alles!\ordner\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=d:\maurice\users\spiele\desktop\alles!\ordner\gta san andreas\gta_sa.exe |
"TCP Query User{513AEAB3-FD4A-475E-BF6A-01EDE747E47C}C:\program files\sony\vegas pro 11.0\vegas110.exe" = protocol=6 | dir=in | app=c:\program files\sony\vegas pro 11.0\vegas110.exe |
"TCP Query User{54B34E46-9184-4C19-B4E7-299FDA52EDB6}D:\call of duty modern warfare 2 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 2\iw4m.exe" = protocol=6 | dir=in | app=d:\call of duty modern warfare 2 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 2\iw4m.exe |
"TCP Query User{5F41CC8E-3CDD-4E5D-940C-BD4A193C4627}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{6FD107C8-DDE2-4538-B6D2-D3D1111D34D2}C:\users\maurice\desktop\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=c:\users\maurice\desktop\gta san andreas\gta_sa.exe |
"TCP Query User{709182EC-2B98-4C3B-A8ED-B5D34019605C}C:\program files\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"TCP Query User{81FA1FF6-2C8B-4FDC-8A7D-DA249E7FD8BB}D:\hl.exe" = protocol=6 | dir=in | app=d:\hl.exe |
"TCP Query User{8201CC5B-B5F7-47AA-9633-D4906D2B8E6B}D:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=d:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"TCP Query User{92DE7545-DF26-4569-A58E-9997D7743D44}C:\users\maurice\desktop\world of san andreas 4.0\samp-server.exe" = protocol=6 | dir=in | app=c:\users\maurice\desktop\world of san andreas 4.0\samp-server.exe |
"TCP Query User{B890F7FD-B357-4B9D-990D-C6065C1BC663}C:\users\maurice\desktop\miniyodarockz! 0.3d\samp-server.exe" = protocol=6 | dir=in | app=c:\users\maurice\desktop\miniyodarockz! 0.3d\samp-server.exe |
"TCP Query User{C26C72DA-0AA9-485E-AD6B-4A11CCECBDE7}D:\hl.exe" = protocol=6 | dir=in | app=d:\hl.exe |
"TCP Query User{CA5581F7-29B5-485F-9DC6-1D56FA1C813E}D:\maurice\users\spiele\desktop\alles!\ordner\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=d:\maurice\users\spiele\desktop\alles!\ordner\gta san andreas\gta_sa.exe |
"TCP Query User{CD6FB87F-AEE8-42B1-A9EE-812A18F6DAF0}C:\users\maurice\desktop\world of san andreas 4.0\samp-server.exe" = protocol=6 | dir=in | app=c:\users\maurice\desktop\world of san andreas 4.0\samp-server.exe |
"TCP Query User{D9953EF3-BBFA-4E04-9F32-5CFEC14256D5}C:\program files\mta san andreas 1.3\server\mta server.exe" = protocol=6 | dir=in | app=c:\program files\mta san andreas 1.3\server\mta server.exe |
"UDP Query User{0A2C83CB-D14A-43B4-91C1-9AEBE49F24AC}C:\users\maurice\desktop\world of san andreas 4.0\samp-server.exe" = protocol=17 | dir=in | app=c:\users\maurice\desktop\world of san andreas 4.0\samp-server.exe |
"UDP Query User{14B3B538-D04E-4721-9357-31D441358F1D}D:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=d:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"UDP Query User{3C8020C3-8497-424F-A937-D8A1F14CB537}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{3E5D13F0-EF1D-4A47-99C3-B35437B38179}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{45C93978-7437-49C1-81EA-5A793CC4190A}C:\program files\mta san andreas 1.3\server\mta server.exe" = protocol=17 | dir=in | app=c:\program files\mta san andreas 1.3\server\mta server.exe |
"UDP Query User{45C95D94-EF62-44C4-964F-8EBE1F16D953}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{47B9709A-AD91-4AEC-91B3-DC04EBFCCE93}D:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe" = protocol=17 | dir=in | app=d:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"UDP Query User{48FBAEF9-1444-42DF-AB5A-F69F971291CA}C:\program files\sony\vegas pro 11.0\vegas110.exe" = protocol=17 | dir=in | app=c:\program files\sony\vegas pro 11.0\vegas110.exe |
"UDP Query User{5934824F-39A2-414B-ABFC-004C8B3CA5B0}D:\wolfteam\wolfteam-de\wolfteam.bin" = protocol=17 | dir=in | app=d:\wolfteam\wolfteam-de\wolfteam.bin |
"UDP Query User{5BA842D5-C7CB-4582-9E85-EC049BA32683}D:\maurice\users\spiele\desktop\alles!\ordner\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=d:\maurice\users\spiele\desktop\alles!\ordner\gta san andreas\gta_sa.exe |
"UDP Query User{7A131157-1FAC-4BDB-825B-3ADC9CBEA7A0}C:\users\maurice\desktop\miniyodarockz! 0.3d\samp-server.exe" = protocol=17 | dir=in | app=c:\users\maurice\desktop\miniyodarockz! 0.3d\samp-server.exe |
"UDP Query User{932BF28C-C24C-4EE0-829A-A695677DCC16}C:\users\maurice\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\maurice\appdata\local\akamai\netsession_win.exe |
"UDP Query User{9505DAE7-7494-4D29-A7EE-ED3147B8D5EA}D:\call of duty modern warfare 2 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 2\iw4m.exe" = protocol=17 | dir=in | app=d:\call of duty modern warfare 2 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 2\iw4m.exe |
"UDP Query User{97129A15-8362-42CA-B641-947F987414FB}C:\program files\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"UDP Query User{9B08C917-CA6E-48B7-B86D-9FDC6E5CED0C}D:\maurice\counter strike source\hl2.exe" = protocol=17 | dir=in | app=d:\maurice\counter strike source\hl2.exe |
"UDP Query User{A6735917-4FED-4EE9-8C89-108CCD29D5B3}D:\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=d:\gta san andreas\gta_sa.exe |
"UDP Query User{AEE87754-1E22-4AAE-B348-652B0229ECA8}D:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe" = protocol=17 | dir=in | app=d:\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"UDP Query User{B68A09B0-555C-46C8-A507-C6E3FDD1001E}C:\users\maurice\desktop\world of san andreas 4.0\samp-server.exe" = protocol=17 | dir=in | app=c:\users\maurice\desktop\world of san andreas 4.0\samp-server.exe |
"UDP Query User{BA9DC491-177F-48D8-B911-5DAE96314764}D:\bittorrent.exe" = protocol=17 | dir=in | app=d:\bittorrent.exe |
"UDP Query User{C75ADB58-5296-4F99-BE41-021DD59E0DD2}D:\hl.exe" = protocol=17 | dir=in | app=d:\hl.exe |
"UDP Query User{DA6680DD-BE1E-47B0-8606-5EC72C69B18B}D:\maurice\users\spiele\desktop\alles!\ordner\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=d:\maurice\users\spiele\desktop\alles!\ordner\gta san andreas\gta_sa.exe |
"UDP Query User{DA69940D-50C9-4C2A-A8FA-F4B2D4DFDC5E}C:\users\maurice\desktop\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=c:\users\maurice\desktop\gta san andreas\gta_sa.exe |
"UDP Query User{F8829819-A181-4379-B95A-A1CDE82256D2}D:\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\grand theft auto iv\gtaiv.exe |
"UDP Query User{F94F1EFA-81CD-4EA0-A651-55865E142295}D:\hl.exe" = protocol=17 | dir=in | app=d:\hl.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4769E972-2E92-49C5-B6F9-465EFD0C4D94}" = VirtualDJ PRO Full
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5C2B3F57-A149-4BFC-92DB-5AF59A707750}" = MorphVOX Pro
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6BE7495E-8DF1-11E1-BB7D-F04DA23A5C58}" = Vegas Pro 11.0
"{70CB6C40-8DF1-11E1-BDCF-F04DA23A5C58}" = MSVCRT Redists
"{74AF34F6-ACF4-438C-9C7E-FA0307B60E45}" = IClaroInstaller
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1" = Cinema 4D version R12
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{96A9A1C8-FBAD-4703-ABF1-E93AA8FE85A0}_is1" = Artweaver Free 3.1
"{9754C724-ECEF-47E2-AD67-A02462BEEA6D}" = Magic Bullet Suite 32-bit
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"1ClickDownload" = 1ClickDownloader
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 1.2.6
"AutoHotkey" = AutoHotkey 1.0.48.05
"AVMWLANCLI" = AVM FRITZ!WLAN
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"claro" = Claro LTD toolbar on IE
"Cross Fire_is1" = Cross Fire En
"DAEMON Tools Lite" = DAEMON Tools Lite
"FilesFrog Update Checker" = FilesFrog Update Checker
"Fraps" = Fraps (remove only)
"Game Booster_is1" = Game Booster 3
"InstallShield_{9754C724-ECEF-47E2-AD67-A02462BEEA6D}" = Magic Bullet Suite 32-bit
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MTA:SA 1.3" = MTA:SA v1.3
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.01.1532" = Opera 12.01
"Pivot Stickfigure Animator_is1" = Pivot Stickfigure Animator version 2.2.6
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"RollerCoaster Tycoon 3_is1" = RollerCoaster Tycoon 3
"SA-MP Colorpicker" = SA-MP Colorpicker 1.1.0
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"winscp3_is1" = WinSCP 4.3.9
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"MediaGet" = MediaGet
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.08.2012 16:53:23 | Computer Name = maurice-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: opera.exe, Version: 12.1.1532.0,
Zeitstempel: 0x5017c7c8 Name des fehlerhaften Moduls: speedhack-i386.dll, Version:
0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000092 Fehleroffset: 0x0001e036
ID
des fehlerhaften Prozesses: 0xdf0 Startzeit der fehlerhaften Anwendung: 0x01cd7cb64fa87f81
Pfad
der fehlerhaften Anwendung: C:\Program Files\Opera\opera.exe Pfad des fehlerhaften
Moduls: C:\Program Files\Cheat Engine 6.2\speedhack-i386.dll Berichtskennung: 953abe6c-e8ad-11e1-8d0c-bc05430b7e48
Error - 17.08.2012 17:14:04 | Computer Name = maurice-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: opera.exe, Version: 12.1.1532.0,
Zeitstempel: 0x5017c7c8 Name des fehlerhaften Moduls: speedhack-i386.dll, Version:
0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000092 Fehleroffset: 0x0001e036
ID
des fehlerhaften Prozesses: 0x1738 Startzeit der fehlerhaften Anwendung: 0x01cd7cba5a4f2be6
Pfad
der fehlerhaften Anwendung: C:\Program Files\Opera\opera.exe Pfad des fehlerhaften
Moduls: C:\Program Files\Cheat Engine 6.2\speedhack-i386.dll Berichtskennung: 78bd86c6-e8b0-11e1-8d0c-bc05430b7e48
Error - 20.08.2012 13:10:33 | Computer Name = maurice-PC | Source = Application Hang | ID = 1002
Description = Programm patcher_cf.exe, Version 1.0.0.9 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1504 Startzeit:
01cd7ef68afe1396 Endzeit: 4 Anwendungspfad: D:\Crossfire Europe\patcher_cf.exe Berichts-ID:
f1deb532-eae9-11e1-863e-bc05430b7e48
Error - 20.08.2012 13:28:45 | Computer Name = maurice-PC | Source = Application Hang | ID = 1002
Description = Programm UNKNOWN, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 700 Startzeit:
01cd7ef8854d978c Endzeit: 0 Anwendungspfad: UNKNOWN Berichts-ID: 7b40fabe-eaec-11e1-863e-bc05430b7e48
Error - 21.08.2012 10:58:28 | Computer Name = maurice-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\maurice\program
files\crossfire\Aegis64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.08.2012 10:58:30 | Computer Name = maurice-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\crossfire
europe\Aegis64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 24.08.2012 05:03:44 | Computer Name = maurice-PC | Source = VSS | ID = 8194
Description =
Error - 24.08.2012 11:28:19 | Computer Name = maurice-PC | Source = Application Hang | ID = 1002
Description = Programm wmplayer.exe, Version 12.0.7600.16667 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 10d0 Startzeit: 01cd820d05d12c42 Endzeit: 28 Anwendungspfad:
C:\Program Files\Windows Media Player\wmplayer.exe Berichts-ID: 51502620-ee00-11e1-a5c1-bc05430b7e48
Error - 26.08.2012 10:08:47 | Computer Name = maurice-PC | Source = VSS | ID = 8194
Description =
Error - 27.08.2012 08:25:26 | Computer Name = maurice-PC | Source = VSS | ID = 8194
Description =
[ System Events ]
Error - 28.08.2012 11:30:15 | Computer Name = maurice-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.08.2012 11:30:16 | Computer Name = maurice-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.08.2012 11:30:16 | Computer Name = maurice-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.08.2012 11:44:39 | Computer Name = maurice-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 28.08.2012 11:49:29 | Computer Name = maurice-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?28.?08.?2012 um 17:46:39 unerwartet heruntergefahren.
Error - 28.08.2012 11:49:29 | Computer Name = MAURICE-PC | Source = BugCheck | ID = 1001
Description =
Error - 28.08.2012 11:49:04 | Computer Name = maurice-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 28.08.2012 11:54:14 | Computer Name = maurice-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?28.?08.?2012 um 17:52:04 unerwartet heruntergefahren.
Error - 28.08.2012 11:54:14 | Computer Name = MAURICE-PC | Source = BugCheck | ID = 1001
Description =
Error - 28.08.2012 11:53:47 | Computer Name = maurice-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
< End of report >
--- --- --- |
