so hier mal allerlei logs... Code:
OTL Extras logfile created on: 22.02.2012 20:49:36 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Brauny\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 55,76% Memory free
6,69 Gb Paging File | 4,87 Gb Available in Paging File | 72,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 581,17 Gb Total Space | 209,45 Gb Free Space | 36,04% Space Free | Partition Type: NTFS
Drive D: | 14,99 Gb Total Space | 2,79 Gb Free Space | 18,64% Space Free | Partition Type: FAT32
Computer Name: HACKZ | User Name: Brauny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2A5584DC-3E74-4999-918F-278458991112}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 |
"{2ACD06B9-98CA-455F-8103-145E0D927AFB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2D969F34-8082-4DA4-868B-FDA3B71F1B10}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3164E200-5FBD-4C3E-B795-70662FDAC61A}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{37DA7497-3ABF-4C7A-8D23-1F21B9DB5599}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{3C67E93E-22E2-48AA-9562-932FBB30E196}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5155F739-5B72-4CEB-B65E-E127E119F0A8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{547B678F-6104-4E33-B3FB-C6C89981A0F7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{56D5AE3F-D311-4A27-B690-E215B57D05AD}" = rport=445 | protocol=6 | dir=out | app=system |
"{719EE466-77F1-405A-A3C0-4EFBD758200E}" = lport=445 | protocol=6 | dir=in | app=system |
"{71E530DD-1F0A-44A3-9341-51A303D85D76}" = lport=139 | protocol=6 | dir=in | app=system |
"{8BF934A9-AB4F-4358-8F95-B4B430CDA207}" = rport=137 | protocol=17 | dir=out | app=system |
"{A67003D5-AB8D-450F-8ACE-A9D41322F56B}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{A9AE49C1-DF9C-4A89-B8DC-C3140158CF4F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BABEB5CF-4050-4247-8B78-E857934F011C}" = lport=138 | protocol=17 | dir=in | app=system |
"{C3CB80D6-04AC-425A-BA94-8C25CB37670B}" = rport=139 | protocol=6 | dir=out | app=system |
"{D3FCF476-FFBD-4DA3-ABD9-57A969468687}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{DA34A1AC-E5CD-4F95-8864-C1AF49289A6B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E74D5524-8A19-4504-82A2-19A01BDCCF74}" = rport=138 | protocol=17 | dir=out | app=system |
"{E80CDD06-1943-4CCB-B830-A8D9E8149843}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E92B633D-0D36-4CBB-AA13-2A036CF0B3C0}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{F967B1A1-60E9-46C5-88BE-BA05736741DA}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F9F65100-3937-49C1-ADB2-C3E92BA5E653}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FCF49E12-3A17-4A2B-BA09-EE1157C236CB}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{074920DA-18B1-44AA-9439-8083421158ED}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\torchlight\torchlight.exe |
"{07B6652D-41E9-4E0D-8CF5-430C3C521DA7}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\satansdevil\day of defeat\hl.exe |
"{08BA1A61-F9B1-4B31-BE86-5C919B840C70}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{0B634310-E75E-496B-B863-3BB98CE9FC89}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\satansdevil\counter-strike source\hl2.exe |
"{0E8BDB56-DE1A-451A-8738-7BD1956A2A7D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\torchlight\torched\editor.exe |
"{128BB426-1765-49F1-B33C-2231D17764D7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{141BD56A-907E-41EB-9ACF-707A9AC69AC4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse_unrestricted.exe |
"{1474423A-850A-4ECF-BF61-E6AE584DDCE8}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{1A920FDA-5838-476D-833F-C07492AB14D8}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\rome total war gold\rometw.exe |
"{1B2D188E-F234-447C-8A03-B608F0CBC040}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1FFCDCAB-0DC5-481C-8C65-F0E3F300763E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\titan quest\titan quest.exe |
"{21A56F51-EA84-468C-BE77-F1FED9217A5C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\titan quest immortal throne\help.htm |
"{2603D8B4-CF63-455B-91E2-6311BA7E9829}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{2D77B85E-0A6C-4D42-9D48-D2A7B6051BE3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{2DD8E637-1413-4C1E-88D1-E17062BA4E6D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\satansdevil\half-life\hl.exe |
"{3255640F-996C-49CF-B4D9-DB55B3BCFEF2}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{33B9136E-9B54-49F2-B1C2-1F077A01A7A4}" = protocol=6 | dir=in | app=c:\users\brauny\appdata\local\apps\2.0\80lerqlb.kjd\84gr8pma.82k\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\curseclient.exe |
"{35411023-2774-4BC2-9B34-B93B454AD3F7}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\magicka\magicka.exe |
"{3646B45D-73C4-4769-9B99-03BD1A477633}" = protocol=6 | dir=in | app=c:\program files\realtek\wireless lan utility\rtwlan.exe |
"{3FAEE3EA-C68D-49F0-B150-6C144AB5C8EB}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{41BE080D-3DEC-47A5-A02E-D7234146E81C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{41C34602-77C3-4212-92A4-B69A06878C00}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\brink\brink.exe |
"{47368DEB-1510-46FD-844F-39997436ACB9}" = protocol=17 | dir=in | app=c:\users\brauny\appdata\local\apps\2.0\80lerqlb.kjd\84gr8pma.82k\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\curseclient.exe |
"{4A056B99-743C-41D5-BAD7-87D021589EAA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\satansdevil\day of defeat\hl.exe |
"{4BBFE427-47A9-4D09-990D-B001E7D18092}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\brink\brink.exe |
"{5004F8CE-BED5-49C1-8004-E3C465844EA4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{51C18387-EB3A-4153-B05E-967F73CF2001}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{55F2FA6C-8AA6-4932-AF5F-1960FE11E823}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\satansdevil\counter-strike source\hl2.exe |
"{56524F62-71E4-4A07-9300-4462F6AADD1F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\thief deadly shadows\system\runme.exe |
"{5694E48C-7B01-4B94-A829-43C07ADFB5C3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\beat hazard\runme.exe |
"{58126E82-E310-4FEB-A73E-4238E1425A5B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\satansdevil\counter-strike\hl.exe |
"{5AEC1CAA-43A6-4E9D-B109-0BD8F7D290A0}" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe |
"{5CD1D829-6EAF-4199-9BA7-021A6B1136B6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6162708A-7529-4808-810B-E8E826CB84C9}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{618F12FC-5449-49A1-9A55-2CA14596A784}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse_unrestricted.exe |
"{661A7E2C-1EA3-4671-947B-B9756E339BBB}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\rome total war gold\rometw-bi.exe |
"{686CF94A-8772-4A57-9FE4-2B759C9772C0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{69C9ACC3-F194-4ABB-AACE-E512EE145739}" = dir=in | app=c:\users\brauny\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{6E64DF60-CA9C-436E-9443-261AB330BC89}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{6FAE92E7-1CA3-493B-888C-282613A03D28}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{756A728D-8AC2-43FB-BA6B-F0B3F1D624BE}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{7AF76BF2-94D0-41A5-BB66-437F013527AD}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{7D369B4C-3E4D-466E-9C1D-137C800C35A6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\magicka\magicka.exe |
"{8398E7A1-218D-488D-8A28-91D29432C178}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{8AE858F1-B94F-4EA7-BC7E-3DEA69DCA16B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\eve online\eve.exe |
"{8F379C79-FC0E-4229-BCE3-19F9C2F74AD1}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{91BF1E12-182C-4C66-AE9C-1AA97D82CBFF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\torchlight\torched\editor.exe |
"{947CA89B-E540-4D00-8639-F738F9FA190E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\satansdevil\counter-strike\hl.exe |
"{9835718E-DCE7-4624-9145-BF828F78A0EC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\titan quest immortal throne\tqit.exe |
"{99B9CBBA-83A3-4B83-97BF-9645DD422AD0}" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe |
"{9BDCF30D-83C5-43E4-BD26-A7932F453517}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\company of heroes\reliccoh.exe |
"{9D596013-D408-443E-9E01-7FEF7FE4DA93}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{9E6A43A2-258F-475C-8D72-7994F0086B1F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{9EEA42D1-6E62-4CDA-84C7-4A73DEC1FAD9}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{A6CD92C2-864A-4B31-9C1E-38B09CFC645E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\beat hazard\beathazard.exe |
"{A74EC1B9-FFF2-473D-8EA9-6161DC9E14CF}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{A8BF9D1F-2684-484B-9B27-5CBACD0DE2BA}" = protocol=17 | dir=in | app=c:\program files\realtek\wireless lan utility\rtwlan.exe |
"{B5D9236E-2760-472C-BA78-4D5FBA49363C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\titan quest immortal throne\help.htm |
"{B6444058-1B23-4542-A595-F8D537663000}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\titan quest\titan quest.exe |
"{B76CF4DD-7A19-4DF6-BDF6-8C78ED52A229}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\beat hazard\beathazard.exe |
"{B80B9451-E3FE-4ADB-BD8F-B555F4F52B7B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\torchlight\torchlight.exe |
"{B858E59F-EF4A-4194-81DD-490FA1A9B38B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{BABF4190-1763-46BD-ACE4-07C554CF167E}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BFB8FD64-464F-4F9F-B65A-B7303318F759}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BFEC4CD4-DAEE-43F5-9F94-1BA98266DD90}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\company of heroes\reliccoh.exe |
"{C1D33381-48D6-4C12-BA09-8AF0FCF00F11}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C1EC3AB7-448E-4879-B39C-6F3433BF5921}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{C35F8604-03EF-47BD-86A5-6263F1198D90}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\beat hazard\runme.exe |
"{C5157302-F710-4BEF-9264-34866B5E3420}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\satansdevil\garrysmod\hl2.exe |
"{C6B603CA-CC8D-4874-A87A-AD0750E0C7DC}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{C745D6A5-4897-414A-9D50-2E414917BEC3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{CB9E3741-61B0-4357-9044-A1C6678643FA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\eve online\eve.exe |
"{D24CACA1-00E3-44EC-8337-F100205D8580}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\rome total war gold\rometw.exe |
"{D39E7013-4037-4A37-93D8-7EB8AEA502A9}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{D6F3B25A-48AF-4B54-8298-0F219EEBA230}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\titan quest\help.htm |
"{D6FA2052-1C03-430F-B480-FAD1D43679EE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\titan quest immortal throne\tqit.exe |
"{D7BD6B0F-09C9-4B9B-A8BE-2E3E65E5E42F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\medieval ii total war\launcher.exe |
"{D947B9CD-64B3-49F1-B8F6-856F03571427}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{D962C855-3B7C-4ECE-B95F-A55CE8C2F17A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{DC8C88FE-9079-48FA-91C4-0FFB40EF4D2E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\satansdevil\garrysmod\hl2.exe |
"{E08FF2B0-9362-44C5-8801-1E7F8D1C95E1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{E1750BD1-76F8-4747-9862-7339C5218F5F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E7880A3D-7FB5-44A9-931E-53E86218B5C3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\thief deadly shadows\system\runme.exe |
"{ECB0EC8A-43D3-4253-92C5-668758B42DB1}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{EDA72334-42B8-4A59-B242-4221BA0DDF63}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\titan quest\help.htm |
"{EF6E22D2-FD51-4444-9033-392C61A5D968}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\medieval ii total war\launcher.exe |
"{F51AC396-43F0-4AD2-9473-E09DF1EF5A7D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\satansdevil\half-life\hl.exe |
"{F88493D9-06BF-4397-BD5C-01BBF350AB45}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{FBCC273D-2065-4565-A3BC-F3070F93D42F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\rome total war gold\rometw-bi.exe |
"{FC5C89A8-F11D-4065-8929-6B476AFB87AD}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"TCP Query User{18161B6E-3A24-4788-A734-DDDF3176EEDB}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe |
"TCP Query User{1AA006B2-7C2E-4538-9820-7E7339B223AC}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"TCP Query User{29DC6428-F9E8-48EB-AC2E-FA2CD320BC96}C:\program files\rockstar games\grand theft auto san andreas\gta_sa.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto san andreas\gta_sa.exe |
"TCP Query User{2A6B2C5B-FD65-4226-9257-D59C9D6774FA}C:\program files\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{3320CF4B-D497-4D22-96B3-7A9D98D663CB}C:\program files\steam\steamapps\satansdevil\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\satansdevil\counter-strike source\hl2.exe |
"TCP Query User{4041C401-0293-473C-B3A9-C9DA2ECBFA0E}C:\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{4D74BEC7-F801-44BE-96E0-B7C1A594CAC8}C:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"TCP Query User{53EC5168-3A52-485B-8394-9F33707BACB5}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{5BB1FF50-3017-4F80-9D24-63011675B8E3}C:\program files\starcraft ii\versions\base19132\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base19132\sc2.exe |
"TCP Query User{679977E4-2AC4-45B9-9107-0469FA80C005}C:\program files\steam\steamapps\common\eve online\bin\exefile.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\eve online\bin\exefile.exe |
"TCP Query User{6E5653EA-BE1A-4C73-9357-12029F3A6872}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{76189F7E-E5E3-41D1-AF3E-8969B64F9BE0}C:\program files\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\terraria\terrariaserver.exe |
"TCP Query User{805172D9-39EE-44FC-94E4-67EECE1ECB0E}C:\program files\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"TCP Query User{8591BE5E-75DC-4C94-A6C2-9585BE91EE5A}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{864D5279-5505-4BFF-896B-C8B102A65962}C:\program files\steam\steamapps\satansdevil\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\satansdevil\team fortress 2\hl2.exe |
"TCP Query User{94138270-23AC-4E8D-B24F-DB1C0312234B}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"TCP Query User{9D8EC4D2-365C-437D-89AB-7300719FF640}C:\program files\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"TCP Query User{9ED396AC-A787-4ECA-8088-4B71568915B6}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{A57C949C-AE29-4EC3-8881-51BC66265D0A}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{B329068B-B902-4294-A97F-3F20F2B78BCC}C:\program files\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{B432A3AF-6378-42D7-8364-BB2B1B706B71}C:\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\starcraft ii\starcraft ii.exe |
"TCP Query User{B5A42999-5743-4AE8-85BF-00669EC5B67E}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{B671B057-E7C7-4EF4-ACC8-79BF372DB8B5}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{BCFFFD6F-09B8-46C1-9964-33635F9CB544}C:\users\brauny\desktop\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\brauny\desktop\eclipse\eclipse.exe |
"TCP Query User{D218DCD3-8247-478F-A1CA-A4ABD9A68584}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{DE70397A-8854-4AC0-A621-8019B3B7E8AA}C:\program files\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{E85C4A32-E2D2-4A85-BDDC-FFA43B1374EE}C:\users\brauny\appdata\local\temp\rarsfx0\bin\itunnel.exe" = protocol=6 | dir=in | app=c:\users\brauny\appdata\local\temp\rarsfx0\bin\itunnel.exe |
"TCP Query User{F776D3CE-1F4C-4F4E-ACC3-8A8356B67E89}C:\program files\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"TCP Query User{FEB675A6-74A6-44C2-8718-5E0F4B850A18}C:\users\brauny\desktop\ct\ct.exe" = protocol=6 | dir=in | app=c:\users\brauny\desktop\ct\ct.exe |
"UDP Query User{024D4F33-77DE-4BF7-B3B8-EAB2AADCB811}C:\program files\rockstar games\grand theft auto san andreas\gta_sa.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto san andreas\gta_sa.exe |
"UDP Query User{05513F99-A24B-4C36-88B8-AF4E8802715B}C:\program files\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"UDP Query User{08571A0E-C037-4CA0-AB0C-CAE13CE896A0}C:\program files\starcraft ii\versions\base19132\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base19132\sc2.exe |
"UDP Query User{13894C47-AA77-496E-BC11-733DA26429C7}C:\program files\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{18AC984A-8463-4891-8E49-D248177FB87C}C:\users\brauny\desktop\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\brauny\desktop\eclipse\eclipse.exe |
"UDP Query User{1BEDDE14-ABFF-4E1A-8D26-E0F8E9B6235E}C:\program files\steam\steamapps\satansdevil\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\satansdevil\counter-strike source\hl2.exe |
"UDP Query User{26DE328B-8607-4C10-8A9D-E9094A0DD6AB}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{2DDF1E6B-6F0F-4B0E-A2C9-86D606E244EB}C:\program files\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\terraria\terrariaserver.exe |
"UDP Query User{366D9428-16C9-4825-8B09-B80A6916F13D}C:\program files\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{41A90D3D-2D2B-4D17-BFAD-CED92466644E}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{551B0A2D-429A-4E44-BA16-C6ECE2BF0A09}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{5DEF2138-3AB0-466B-9F37-B95B0EA611F4}C:\program files\steam\steamapps\common\eve online\bin\exefile.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\eve online\bin\exefile.exe |
"UDP Query User{5EF5E195-F5D1-47FA-9D00-3711D7858E0B}C:\program files\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{5FDA2E70-AD7F-42F2-8D09-0038BBE1CE0B}C:\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\starcraft ii\starcraft ii.exe |
"UDP Query User{67720259-EFE8-42EA-BCA6-216065E635A2}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"UDP Query User{6A091C08-047F-46E9-80BB-C7000A8C3CD9}C:\program files\steam\steamapps\satansdevil\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\satansdevil\team fortress 2\hl2.exe |
"UDP Query User{70FBC301-2486-4F03-9CE1-FD136EF0A293}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe |
"UDP Query User{738B0A2E-2D5B-4D34-96CB-85C7B7E4FDBB}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{8FD9C430-F963-4D0F-8722-7CBDE77693F2}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{B0E45CD1-FCA9-42C3-91C1-913E3760E0D2}C:\program files\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"UDP Query User{BC68634A-505C-40EF-B240-F928523FE5F1}C:\users\brauny\appdata\local\temp\rarsfx0\bin\itunnel.exe" = protocol=17 | dir=in | app=c:\users\brauny\appdata\local\temp\rarsfx0\bin\itunnel.exe |
"UDP Query User{BE5E341A-5D2A-493D-8C41-C2EC498E4271}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{C6822CF8-3CC4-4F86-BE83-B2CCD09E7706}C:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"UDP Query User{D546277D-1655-4119-A7AC-FB747000D680}C:\users\brauny\desktop\ct\ct.exe" = protocol=17 | dir=in | app=c:\users\brauny\desktop\ct\ct.exe |
"UDP Query User{F1B126F9-6CFF-49F0-8B0A-1535551C6B6F}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{F1C454DA-6F4F-4A4C-9D2F-5A0C74FCF3A7}C:\program files\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"UDP Query User{F91FE453-6819-455D-9AB7-39294B54BE4B}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{FBCE94F7-CA80-4F0C-9A08-8A60A3025400}C:\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{FD820BEB-0DC1-4C9C-B438-515D4C44CAC7}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{1446A30C-6DAF-461E-96B1-31C554870082}_is1" = Tag - IGF Professional 2008
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2222706F-666A-4037-7777-202328764D10}" = JavaFX 2.0.2 SDK
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{28142407-ACAD-4ECD-A6B6-9FA8471F6062}" = Scarface: The World is Yours
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{32A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java(TM) SE Development Kit 7 Update 2
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{355BB049-8C99-4FBF-A220-89ABC9EFF501}" = Mobile Master
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EE9A620-46A0-4BCF-82AC-950D2BBED982}" = Belkin N Wireless USB Adapter Setup
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{52A4E146-A102-4ED0-970F-6B1715EB3C86}" = Quake Live Mozilla Plugin
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV
"{552442BD-8398-46F0-ACF1-02F8E1843458}" = G Data TotalProtection 2012
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{b2042d5e-986d-44ec-aee3-afe4108ccc93}" = Python 3.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4750ECE-3B5F-462F-8950-614D1E0B2204}" = Facebook Video Calling 1.1.0.13
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D179B513-AD43-4013-AC50-C16107A0A02D}" = LogMeIn Hamachi
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1" = FireJump 1.0
"{EAE8F6AB-68E8-4AA9-9518-F677090690B2}" = TubeBox!
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"1489-3350-5074-6281" = JDownloader 0.9
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AutoItv3" = AutoIt v3.3.6.1
"Bus-Simulator 2009_is1" = Bus-Simulator 2009
"Company of Heroes" = Company of Heroes
"Conquest of Paradise Client" = Conquest of Paradise Client
"DAEMON Tools Lite" = DAEMON Tools Lite
"DesktopIconAmazon" = Desktop Icon für Amazon
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"EVEMon" = EVEMon
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FEXtraderPro" = FEXtrader Pro
"Guild Wars" = GUILD WARS
"HyperCam 3" = HyperCam 3
"InstallShield_{28142407-ACAD-4ECD-A6B6-9FA8471F6062}" = Scarface: The World is Yours
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mobile Master" = Mobile Master 7.9.8
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"MTA:SA 1.1" = MTA:SA v1.1.1
"MTA:SA 1.2" = MTA:SA v1.2.0-full-03585-0-000
"MySSID_is1" = Vtune 7.11
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"StarCraft II" = StarCraft II
"Steam App 105600" = Terraria
"Steam App 12210" = Grand Theft Auto IV
"Steam App 1250" = Killing Floor
"Steam App 20540" = Company of Heroes: Tales of Valor
"Steam App 22350" = Brink
"Steam App 22380" = Fallout: New Vegas
"Steam App 41000" = Serious Sam HD: The First Encounter
"Steam App 41010" = Serious Sam HD: The Second Encounter
"Steam App 42910" = Magicka
"Steam App 49600" = Beat Hazard
"Steam App 570" = Dota 2
"Steam App 65800" = Dungeon Defenders
"Steam App 6980" = Thief: Deadly Shadows
"Steam App 8500" = EVE Online: Incarna
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 6" = TeamViewer 6
"uTorrent" = µTorrent
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"winscp3_is1" = WinSCP 4.3.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich.
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22.02.2012 11:16:02 | Computer Name = Hackz | Source = Google Update | ID = 20
Description =
Error - 22.02.2012 12:04:16 | Computer Name = Hackz | Source = WinMgmt | ID = 10
Description =
Error - 22.02.2012 12:07:01 | Computer Name = Hackz | Source = Perflib | ID = 1008
Description =
Error - 22.02.2012 12:07:01 | Computer Name = Hackz | Source = Perflib | ID = 1010
Description =
Error - 22.02.2012 12:07:03 | Computer Name = Hackz | Source = Perflib | ID = 1008
Description =
Error - 22.02.2012 12:07:03 | Computer Name = Hackz | Source = Perflib | ID = 1008
Description =
Error - 22.02.2012 12:07:04 | Computer Name = Hackz | Source = Perflib | ID = 1008
Description =
Error - 22.02.2012 12:07:04 | Computer Name = Hackz | Source = Perflib | ID = 1008
Description =
Error - 22.02.2012 12:07:05 | Computer Name = Hackz | Source = Perflib | ID = 1008
Description =
Error - 22.02.2012 13:18:38 | Computer Name = Hackz | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 06.06.2011 07:20:11 | Computer Name = Hackz | Source = Service Control Manager | ID = 7022
Description =
Error - 06.06.2011 09:43:15 | Computer Name = Hackz | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 06.06.2011 um 15:41:12 unerwartet heruntergefahren.
Error - 08.06.2011 10:05:04 | Computer Name = Hackz | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 08.06.2011 um 16:03:12 unerwartet heruntergefahren.
Error - 11.06.2011 04:04:24 | Computer Name = Hackz | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 11.06.2011 um 09:55:34 unerwartet heruntergefahren.
Error - 15.06.2011 10:08:33 | Computer Name = Hackz | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 15.06.2011 um 16:05:39 unerwartet heruntergefahren.
< End of report >
Code:
OTL logfile created on: 22.02.2012 20:49:36 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Brauny\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 55,76% Memory free
6,69 Gb Paging File | 4,87 Gb Available in Paging File | 72,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 581,17 Gb Total Space | 209,45 Gb Free Space | 36,04% Space Free | Partition Type: NTFS
Drive D: | 14,99 Gb Total Space | 2,79 Gb Free Space | 18,64% Space Free | Partition Type: FAT32
Computer Name: HACKZ | User Name: Brauny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Brauny\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Windows\KbdLockService.exe (G DATA Software Sp. z o.o.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\Brauny\AppData\Local\Apps\2.0\80LERQLB.KJD\84GR8PMA.82K\curs..tion_eee711038731a406_0004.0000_2ad57791d5c42008\CurseClient.exe (Curse)
PRC - C:\Programme\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Programme\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Programme\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Programme\G Data\TotalProtection\AVK\AVKWCtl.exe (G Data Software AG)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Mobile Master\MMAgent.exe (Jumping Bytes)
PRC - C:\Programme\Mobile Master\MMScan.exe (Jumping Bytes)
PRC - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\G Data\TotalProtection\GUI\GDSC.exe (G Data Software AG)
PRC - C:\Programme\G Data\TotalProtection\TSNxG\TSNxGService.exe (G Data Software)
PRC - C:\Programme\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Programme\G Data\TotalProtection\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Programme\G Data\TotalProtection\Firewall\GDFwSvc.exe (G Data Software AG)
PRC - C:\Programme\Steam\Steam.exe (Valve Corporation)
PRC - C:\Programme\G Data\TotalProtection\AVK\AVK.exe (G Data Software AG)
PRC - C:\Programme\Vtune\TBPANEL.exe ()
PRC - C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\e87794355a40edbcc63e4e9ac4d0dd80\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6310a2050033b0b567428ca55bda4a1b\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a4b9d424cd4509b6b76fba81f347f561\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\696e2d9a6491947cd89ead8cc4cc658a\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\effa6ad5369cea835146937a5635275b\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\2ddd7acbd58ff39deff6c5cd732e1474\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\2598077ccea480c6120d3a1ad4455be0\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5c3bfd69e0c268baff0d169e11a6a784\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\96b4cdba0397f94416df0fa211f73441\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65450889f3742aada2a6c0cf8e6173e3\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\137696d0416b65dbc1561152971488b4\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\bc01d91f95947c7f25f3ae4e16db2cb5\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d48e106e015d0f8cb2d5295015cee508\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\56df3488472318c59d0a08ed10a065d3\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3951e0a359c004cd6ba268ff78ac62aa\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1e258a951222c818540b33880ca45f2e\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll ()
MOD - C:\Programme\Steam\bin\libcef.dll ()
MOD - C:\Programme\Steam\bin\avcodec-52.dll ()
MOD - C:\Programme\Steam\bin\chromehtml.dll ()
MOD - C:\Programme\Steam\bin\avformat-52.dll ()
MOD - C:\Programme\Steam\bin\avutil-50.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()
MOD - C:\Programme\Vtune\TBPANEL.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_de_b77a5c561934e089\System.Runtime.Serialization.resources.dll ()
MOD - C:\Programme\Vtune\TBMANAGE.DLL ()
========== Win32 Services (SafeList) ==========
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (KbdLockService) -- C:\Windows\KbdLockService.exe (G DATA Software Sp. z o.o.)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (GDBackupSvc) -- C:\Program Files\G Data\TotalProtection\AVKBackup\AVKBackupService.exe (G Data Software AG)
SRV - (AVKProxy) -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKWCtl) -- C:\Program Files\G Data\TotalProtection\AVK\AVKWCtl.exe (G Data Software AG)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (TSNxGService) -- C:\Program Files\G Data\TotalProtection\TSNxG\TSNxGService.exe (G Data Software)
SRV - (AVKService) -- C:\Program Files\G Data\TotalProtection\AVK\AVKService.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files\G Data\TotalProtection\Firewall\GDFwSvc.exe (G Data Software AG)
SRV - (GDTunerSvc) -- C:\Program Files\G Data\TotalProtection\AVKTuner\AVKTunerService.exe (G Data Software AG)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (GRD) -- C:\Windows\System32\drivers\GRD.sys (G Data Software)
DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G Data Software AG)
DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G Data Software AG)
DRV - (GDBehave) -- C:\Windows\system32\drivers\GDBehave.sys (G Data Software AG)
DRV - (gdwfpcd) -- C:\Windows\System32\drivers\gdwfpcd32.sys (G Data Software AG)
DRV - (GDPkIcpt) -- C:\Windows\System32\drivers\PktIcpt.sys (G Data Software AG)
DRV - (TS4NT) -- C:\Windows\System32\Drivers\TS4nt.sys (G Data Software)
DRV - (AlfaFF) -- C:\Windows\System32\Drivers\AlfaFF.sys (Alfa Corporation)
DRV - (GLogin) -- C:\Windows\System32\Drivers\GLogin.sys (G Data Software)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation )
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (camdrv41) -- C:\Windows\System32\drivers\camdrv41.sys ()
DRV - (TBPanel) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (Cardex) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 73 14 B5 E4 F2 A9 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "eBay"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.747
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Brauny\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brauny\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brauny\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Brauny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.17 23:21:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.24 12:51:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}: C:\Program Files\Mobile Master\ext\1\ [2011.09.04 14:00:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: C:\Users\Brauny\AppData\Roaming\Mozilla\Firefox\Profiles\ejtql9s3.default\extensions\firejump@firejump.net
[2011.03.22 14:37:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brauny\AppData\Roaming\mozilla\Extensions
[2012.02.13 19:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brauny\AppData\Roaming\mozilla\Firefox\Profiles\ejtql9s3.default\extensions
[2011.03.24 17:53:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Brauny\AppData\Roaming\mozilla\Firefox\Profiles\ejtql9s3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.02.19 17:10:03 | 000,001,018 | ---- | M] () -- C:\Users\Brauny\AppData\Roaming\Mozilla\Firefox\Profiles\ejtql9s3.default\searchplugins\facebook.xml
[2012.01.24 00:32:51 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.01.24 01:11:35 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Programme\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2012.01.24 01:11:35 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Programme\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2010.10.08 20:47:04 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
() (No name found) -- C:\USERS\BRAUNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EJTQL9S3.DEFAULT\EXTENSIONS\EXTENSION@4CHAN.ORG.XPI
() (No name found) -- C:\USERS\BRAUNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EJTQL9S3.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
[2012.02.17 23:21:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.28 00:01:22 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012.02.04 19:15:41 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.04.21 14:00:00 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.02.04 19:15:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.04 19:15:41 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.04 19:15:41 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.04 19:15:41 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.04 19:15:41 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Brauny\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Brauny\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Brauny\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Brauny\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java(TM) Platform SE 7 U3 (Enabled) = C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.30.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Brauny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Brauny\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Brauny\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Disabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Brauny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google-Suche = C:\Users\Brauny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Google Mail = C:\Users\Brauny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\TotalProtection\WebFilter\AvkWebIE.dll (G Data Software AG)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\TotalProtection\WebFilter\AvkWebIE.dll (G Data Software AG)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Programme\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [TSNxG4Tray] "C:\Program Files\G Data\TotalProtection\TSNxG\TSNxGTray.exe" /system File not found
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Brauny\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [High Definition Audio Component] "C:\Users\Brauny\AppData\Roaming\WinXo2.exe" File not found
O4 - HKCU..\Run: [MMAgent] C:\Programme\Mobile Master\MMAgent.exe (Jumping Bytes)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O4 - Startup: C:\Users\Brauny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.1)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E667D33-2F84-46BD-8C69-1D6A5630001C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F53A239D-485B-4C52-8567-FA95DCFCCBA2}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Brauny\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Brauny\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.02.22 20:57:39 | 000,607,260 | ---- | C] (Swearware) -- C:\Users\Brauny\Desktop\dds.com
[2012.02.22 20:48:56 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Brauny\Desktop\OTL(1).exe
[2012.02.22 20:48:30 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Brauny\Desktop\OTL.exe
[2012.02.20 17:10:31 | 000,000,000 | ---D | C] -- C:\Users\Brauny\Desktop\sptr
[2012.02.17 15:44:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.02.17 15:41:51 | 000,224,136 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.02.17 15:41:51 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.02.17 15:41:51 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.02.16 16:16:12 | 000,030,416 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys
[2012.02.16 16:15:44 | 000,000,000 | ---D | C] -- C:\Users\Brauny\AppData\Local\G DATA
[2012.02.16 03:07:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.16 03:07:13 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.16 03:07:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.16 03:07:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.16 03:07:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.16 03:07:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.15 15:09:15 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.02.09 22:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.02.09 22:21:03 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2012.02.08 19:44:52 | 000,000,000 | ---D | C] -- C:\Users\Brauny\Desktop\4chan
[2012.02.01 23:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2012.01.31 19:12:51 | 000,000,000 | ---D | C] -- C:\Program Files\Fly for Paradise
[2012.01.29 19:59:13 | 000,000,000 | ---D | C] -- C:\Users\Brauny\AppData\Roaming\TeamViewer
[2012.01.27 14:23:44 | 000,000,000 | ---D | C] -- C:\Users\Brauny\AppData\Local\Fallout3
[2012.01.27 14:15:14 | 000,000,000 | ---D | C] -- C:\Program Files\Bethesda Softworks
[2012.01.25 20:13:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Access
[2012.01.25 20:13:31 | 000,368,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbar332.dll
[2012.01.24 00:35:55 | 000,049,016 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys
[2012.01.24 00:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection 2012
[2012.01.24 00:33:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\BioAPIFFDB
[2012.01.24 00:33:41 | 000,103,928 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\TS4nt.sys
[2012.01.24 00:33:34 | 000,331,776 | ---- | C] (Alfa Corporation) -- C:\Windows\System32\DrvCrypt.dll
[2012.01.24 00:33:34 | 000,050,320 | ---- | C] (Alfa Corporation) -- C:\Windows\System32\drivers\AlfaFF.sys
[2012.01.24 00:33:34 | 000,024,208 | ---- | C] (Alfa Corporation) -- C:\Windows\System32\AlfaFF.dll
[2012.01.24 00:33:00 | 000,176,128 | ---- | C] (G DATA Software Sp. z o.o.) -- C:\Windows\KbdLockService.exe
[2012.01.24 00:33:00 | 000,034,816 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\GLogin.sys
[2012.01.24 00:32:22 | 000,079,992 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2012.01.24 00:32:22 | 000,041,336 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys
[2012.01.24 00:32:21 | 000,040,440 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2012.01.24 00:32:15 | 000,054,648 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2012.01.24 00:30:07 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA Software
[2012.01.24 00:30:00 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2012.01.24 00:30:00 | 000,000,000 | ---D | C] -- C:\Program Files\G Data
[2012.01.24 00:30:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.02.22 21:02:38 | 000,003,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.22 21:02:38 | 000,003,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.22 20:57:51 | 000,302,592 | ---- | M] () -- C:\Users\Brauny\Desktop\ebxmnq5v.exe
[2012.02.22 20:57:43 | 000,607,260 | ---- | M] (Swearware) -- C:\Users\Brauny\Desktop\dds.com
[2012.02.22 20:57:24 | 000,050,477 | ---- | M] () -- C:\Users\Brauny\Desktop\Defogger.exe
[2012.02.22 20:55:04 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-415370385-3153832315-414712936-1000UA.job
[2012.02.22 20:48:58 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Brauny\Desktop\OTL(1).exe
[2012.02.22 20:48:40 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Brauny\Desktop\OTL.exe
[2012.02.22 18:30:06 | 011,540,768 | ---- | M] () -- C:\Users\Brauny\Desktop\evepremiumpatch341054-342397_m.exe
[2012.02.22 18:18:39 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-415370385-3153832315-414712936-1000UA.job
[2012.02.22 17:10:44 | 000,557,058 | ---- | M] () -- C:\Windows\System32\sig.bin
[2012.02.22 17:10:44 | 000,037,115 | ---- | M] () -- C:\Windows\System32\nmp.map
[2012.02.22 17:02:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.22 17:02:32 | 3487,883,264 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.21 23:17:32 | 000,356,037 | ---- | M] () -- C:\Users\Brauny\Desktop\Geld-verdienen-Guide.rar
[2012.02.21 21:18:02 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-415370385-3153832315-414712936-1000Core.job
[2012.02.21 17:18:12 | 000,055,057 | ---- | M] () -- C:\Users\Brauny\Desktop\366v62.jpg
[2012.02.21 17:18:12 | 000,001,505 | ---- | M] () -- C:\Users\Brauny\.recently-used.xbel
[2012.02.21 13:55:07 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-415370385-3153832315-414712936-1000Core.job
[2012.02.20 17:09:53 | 000,242,536 | ---- | M] () -- C:\Users\Brauny\Desktop\sptr_all1114.zip
[2012.02.19 00:07:30 | 000,012,488 | ---- | M] () -- C:\Users\Brauny\Desktop\1329600741696.jpg
[2012.02.17 23:24:37 | 000,084,089 | ---- | M] () -- C:\Users\Brauny\Desktop\acYARR_RLY.gif
[2012.02.17 15:41:32 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.02.17 15:41:32 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.02.16 16:16:12 | 000,030,416 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys
[2012.02.16 12:58:41 | 000,002,051 | ---- | M] () -- C:\Users\Brauny\Desktop\Google Chrome.lnk
[2012.02.16 03:32:47 | 000,247,704 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.16 03:03:46 | 000,631,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.16 03:03:46 | 000,118,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.16 03:03:45 | 000,671,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.16 03:03:45 | 000,144,334 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.14 22:08:32 | 009,315,920 | ---- | M] () -- C:\Users\Brauny\lutscher.wav
[2012.02.08 20:47:31 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.02.06 19:21:00 | 000,409,763 | ---- | M] () -- C:\Users\Brauny\Desktop\Geld verdienen Guide.pdf
[2012.02.01 21:08:44 | 007,760,720 | ---- | M] () -- C:\Users\Brauny\ts3_recording_12_02_01_21_7_59.wav
[2012.01.29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012.01.27 14:44:12 | 000,001,012 | ---- | M] () -- C:\Users\Brauny\Desktop\Fallout3 - Verknüpfung.lnk
[2012.01.24 01:11:40 | 000,041,336 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys
[2012.01.24 01:11:36 | 000,079,992 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2012.01.24 01:11:36 | 000,040,440 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2012.01.24 01:11:35 | 000,054,648 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2012.01.24 00:35:55 | 000,049,016 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys
[2012.01.24 00:33:41 | 000,103,928 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\TS4nt.sys
[2012.01.24 00:33:34 | 000,331,776 | ---- | M] (Alfa Corporation) -- C:\Windows\System32\DrvCrypt.dll
[2012.01.24 00:33:34 | 000,050,320 | ---- | M] (Alfa Corporation) -- C:\Windows\System32\drivers\AlfaFF.sys
[2012.01.24 00:33:34 | 000,024,208 | ---- | M] (Alfa Corporation) -- C:\Windows\System32\AlfaFF.dll
[2012.01.24 00:33:00 | 000,176,128 | ---- | M] (G DATA Software Sp. z o.o.) -- C:\Windows\KbdLockService.exe
[2012.01.24 00:33:00 | 000,034,816 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GLogin.sys
[2012.01.24 00:25:57 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.02.22 20:57:46 | 000,302,592 | ---- | C] () -- C:\Users\Brauny\Desktop\ebxmnq5v.exe
[2012.02.22 20:57:23 | 000,050,477 | ---- | C] () -- C:\Users\Brauny\Desktop\Defogger.exe
[2012.02.22 18:29:18 | 011,540,768 | ---- | C] () -- C:\Users\Brauny\Desktop\evepremiumpatch341054-342397_m.exe
[2012.02.21 23:17:43 | 000,409,763 | ---- | C] () -- C:\Users\Brauny\Desktop\Geld verdienen Guide.pdf
[2012.02.21 23:17:30 | 000,356,037 | ---- | C] () -- C:\Users\Brauny\Desktop\Geld-verdienen-Guide.rar
[2012.02.21 17:18:12 | 000,001,505 | ---- | C] () -- C:\Users\Brauny\.recently-used.xbel
[2012.02.21 17:17:27 | 000,055,057 | ---- | C] () -- C:\Users\Brauny\Desktop\366v62.jpg
[2012.02.20 17:09:49 | 000,242,536 | ---- | C] () -- C:\Users\Brauny\Desktop\sptr_all1114.zip
[2012.02.19 00:07:24 | 000,012,488 | ---- | C] () -- C:\Users\Brauny\Desktop\1329600741696.jpg
[2012.02.17 23:24:32 | 000,084,089 | ---- | C] () -- C:\Users\Brauny\Desktop\acYARR_RLY.gif
[2012.02.14 22:07:42 | 009,315,920 | ---- | C] () -- C:\Users\Brauny\lutscher.wav
[2012.02.02 13:28:57 | 000,557,058 | ---- | C] () -- C:\Windows\System32\sig.bin
[2012.02.02 13:28:57 | 000,037,115 | ---- | C] () -- C:\Windows\System32\nmp.map
[2012.02.01 21:08:02 | 007,760,720 | ---- | C] () -- C:\Users\Brauny\ts3_recording_12_02_01_21_7_59.wav
[2012.01.27 14:44:12 | 000,001,012 | ---- | C] () -- C:\Users\Brauny\Desktop\Fallout3 - Verknüpfung.lnk
[2012.01.25 20:13:34 | 000,036,864 | ---- | C] () -- C:\Windows\System32\LckFldService.exe
[2011.12.18 13:05:18 | 000,000,600 | ---- | C] () -- C:\Users\Brauny\AppData\Roaming\winscp.rnd
[2011.10.21 18:44:59 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.10.14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.10.14 15:40:29 | 000,146,252 | ---- | C] () -- C:\Users\Brauny\AppData\Roaming\Key
[2011.10.14 15:39:59 | 000,004,096 | ---- | C] () -- C:\Users\Brauny\AppData\Roaming\svchost.exe
[2011.10.14 15:39:59 | 000,004,096 | ---- | C] () -- C:\Users\Brauny\AppData\Roaming\dllhost.exe
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.09.04 13:42:05 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2011.07.19 16:11:10 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011.07.19 16:11:10 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011.07.19 16:10:34 | 000,002,528 | ---- | C] () -- C:\Users\Brauny\AppData\Roaming\$_hpcst$.hpc
[2011.06.09 20:07:42 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.05.25 19:10:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.03.25 14:58:28 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.03.25 14:58:27 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.03.25 14:57:51 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.03.22 14:36:37 | 000,011,264 | ---- | C] () -- C:\Users\Brauny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.21 22:36:54 | 000,000,680 | ---- | C] () -- C:\Users\Brauny\AppData\Local\d3d9caps.dat
< End of report >
|
