| damianek2 | 02.03.2013 12:27 |
Danke erstmal für die Antwort.
Habe die Logs von ADW leider nicht mehr :/
hier sind die von OTL:
OTL Logfile: Code:
OTL logfile created on: 02.03.2013 12:03:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Damian\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 39,53% Memory free
6,20 Gb Paging File | 3,31 Gb Available in Paging File | 53,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 585,42 Gb Total Space | 285,31 Gb Free Space | 48,74% Space Free | Partition Type: NTFS
Computer Name: DAMIAN-PC | User Name: Damian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Damian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\LOLReplay\LOLRecorder.exe (LOL Replay)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG)
PRC - C:\Program Files\Common Files\WireHelpSvc.exe ()
PRC - C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe ()
PRC - C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.126\deploy\LoLLauncher.exe ()
PRC - C:\Program Files\Kaspersky Security Suite CBE 12\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.247\deploy\LolClient.exe (Adobe Systems Inc.)
PRC - C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()
PRC - C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe ()
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe (ROCCAT GmbH)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe (Hewlett-Packard Co.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software)
========== Modules (No Company Name) ==========
MOD - C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.247\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\2cbdbc8bb7fcf0d7eb7a8d616e141d79\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4d2c890606d2a3a43a90684115bfccfc\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\668c039655437b25586280e1fbff8ef0\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a8080296b18898342ce986091c08b0a4\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9126f2ff9fd9c05900f67e963ccc27ef\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll ()
MOD - C:\Program Files\LOLReplay\Air.dll ()
MOD - C:\Program Files\LOLReplay\LOLUtils.dll ()
MOD - C:\Program Files\LOLReplay\Launcher.dll ()
MOD - C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe ()
MOD - C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.126\deploy\LoLLauncher.exe ()
MOD - C:\Program Files\Kaspersky Security Suite CBE 12\qtgui4.dll ()
MOD - C:\Program Files\Kaspersky Security Suite CBE 12\qtscript4.dll ()
MOD - C:\Program Files\Kaspersky Security Suite CBE 12\qtsql4.dll ()
MOD - C:\Program Files\Kaspersky Security Suite CBE 12\qtcore4.dll ()
MOD - C:\Program Files\Kaspersky Security Suite CBE 12\qtnetwork4.dll ()
MOD - C:\Program Files\Kaspersky Security Suite CBE 12\qtdeclarative4.dll ()
MOD - C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()
MOD - C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll ()
MOD - C:\Program Files\Kaspersky Security Suite CBE 12\imageformats\qgif4.dll ()
MOD - C:\Program Files\ROCCAT\Kone[+] Mouse\hiddriver.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\System32\CmdLineExt03.dll ()
MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files\RocketDock\RocketDock.exe ()
MOD - C:\Program Files\RocketDock\RocketDock.dll ()
========== Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Ad-Aware Service) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TeamViewer8) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SBAMSvc) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe (McAfee, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (CodeMeter.exe) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG)
SRV - (WireHelpSvc) -- C:\Program Files\Common Files\WireHelpSvc.exe ()
SRV - (AVP) -- C:\Program Files\Kaspersky Security Suite CBE 12\avp.exe (Kaspersky Lab ZAO)
SRV - (WSWNA3100) -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe ()
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (uCamMonitor) -- C:\Program Files\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (RalinkRegistryWriter) -- C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe (Ralink Technology, Corp.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software)
========== Driver Services (SafeList) ==========
DRV - (XDva392) -- C:\Windows\system32\XDva392.sys File not found
DRV - (XDva391) -- C:\Windows\system32\XDva391.sys File not found
DRV - (XDva390) -- C:\Windows\system32\XDva390.sys File not found
DRV - (XDva389) -- C:\Windows\system32\XDva389.sys File not found
DRV - (XDva388) -- C:\Windows\system32\XDva388.sys File not found
DRV - (XDva387) -- C:\Windows\system32\XDva387.sys File not found
DRV - (XDva386) -- C:\Windows\system32\XDva386.sys File not found
DRV - (XDva385) -- C:\Windows\system32\XDva385.sys File not found
DRV - (XDva384) -- C:\Windows\system32\XDva384.sys File not found
DRV - (XDva383) -- C:\Windows\system32\XDva383.sys File not found
DRV - (XDva382) -- C:\Windows\system32\XDva382.sys File not found
DRV - (XDva380) -- C:\Windows\system32\XDva380.sys File not found
DRV - (XDva379) -- C:\Windows\system32\XDva379.sys File not found
DRV - (XDva377) -- C:\Windows\system32\XDva377.sys File not found
DRV - (XDva375) -- C:\Windows\system32\XDva375.sys File not found
DRV - (XDva374) -- C:\Windows\system32\XDva374.sys File not found
DRV - (XDva372) -- C:\Windows\system32\XDva372.sys File not found
DRV - (XDva370) -- C:\Windows\system32\XDva370.sys File not found
DRV - (XDva368) -- C:\Windows\system32\XDva368.sys File not found
DRV - (XDva367) -- C:\Windows\system32\XDva367.sys File not found
DRV - (XDva366) -- C:\Windows\system32\XDva366.sys File not found
DRV - (XDva362) -- C:\Windows\system32\XDva362.sys File not found
DRV - (XDva361) -- C:\Windows\system32\XDva361.sys File not found
DRV - (XDva359) -- C:\Windows\system32\XDva359.sys File not found
DRV - (XDva358) -- C:\Windows\system32\XDva358.sys File not found
DRV - (XDva352) -- C:\Windows\system32\XDva352.sys File not found
DRV - (XDva349) -- C:\Windows\system32\XDva349.sys File not found
DRV - (XDva348) -- C:\Windows\system32\XDva348.sys File not found
DRV - (XDva347) -- C:\Windows\system32\XDva347.sys File not found
DRV - (XDva346) -- C:\Windows\system32\XDva346.sys File not found
DRV - (XDva345) -- C:\Windows\system32\XDva345.sys File not found
DRV - (XDva344) -- C:\Windows\system32\XDva344.sys File not found
DRV - (XDva343) -- C:\Windows\system32\XDva343.sys File not found
DRV - (XDva342) -- C:\Windows\system32\XDva342.sys File not found
DRV - (XDva341) -- C:\Windows\system32\XDva341.sys File not found
DRV - (XDva337) -- C:\Windows\system32\XDva337.sys File not found
DRV - (XDva336) -- C:\Windows\system32\XDva336.sys File not found
DRV - (XDva332) -- C:\Windows\system32\XDva332.sys File not found
DRV - (XDva327) -- C:\Windows\system32\XDva327.sys File not found
DRV - (XDva326) -- C:\Windows\system32\XDva326.sys File not found
DRV - (XDva323) -- C:\Windows\system32\XDva323.sys File not found
DRV - (XDva321) -- C:\Windows\system32\XDva321.sys File not found
DRV - (XDva317) -- C:\Windows\system32\XDva317.sys File not found
DRV - (WinRing0_1_2_0) -- C:\Program Files\IObit\Game Booster\Driver\WinRing0.sys File not found
DRV - (VMnetAdapter) -- system32\DRIVERS\vmnetadapter.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (EagleXNt) -- C:\Windows\system32\drivers\EagleXNt.sys File not found
DRV - (EagleNT) -- C:\Windows\system32\drivers\EagleNT.sys File not found
DRV - (a1xe76jm) -- File not found
DRV - (gfibto) -- C:\Windows\System32\drivers\gfibto.sys (GFI Software)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ESLWireAC) -- C:\Windows\System32\drivers\ESLWireACD.sys (<Turtle Entertainment>)
DRV - (XDva394) -- C:\Windows\System32\XDva394.sys (www.wiselogic.co.kr)
DRV - (BCMH43XX) -- C:\Windows\System32\drivers\bcmwlhigh6.sys (Broadcom Corporation)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (ESLvnic1) -- C:\Windows\System32\drivers\ESLvnic.sys (Turtle Entertainment GmbH)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (RMCAST) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (NxpCap) -- C:\Windows\System32\drivers\NxpCap.sys (NXP Semiconductors Germany GmbH)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (s125mgmt) -- C:\Windows\System32\drivers\s125mgmt.sys (MCCI Corporation)
DRV - (s125obex) -- C:\Windows\System32\drivers\s125obex.sys (MCCI Corporation)
DRV - (s125mdm) -- C:\Windows\System32\drivers\s125mdm.sys (MCCI Corporation)
DRV - (s125mdfl) -- C:\Windows\System32\drivers\s125mdfl.sys (MCCI Corporation)
DRV - (s125bus) -- C:\Windows\System32\drivers\s125bus.sys (MCCI Corporation)
DRV - (SCMNdisP) -- C:\Windows\System32\drivers\SCMNdisP.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=810D53980F5EC87860D93951310F2C52
IE - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found
IE - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=DCF3DF&PC=DCF3&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\..\SearchScopes\{518C86D9-76A4-4D53-BD21-95FDE366776B}: "URL" = hxxp://search.softonic.com/INF1205T01/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=613
IE - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com;www.plimus.com;regnow.com;www.regnow.com;*.local;<local>
IE - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 202.158.222.248:8080
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "SecureSearch"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: %7B87934c42-161d-45bc-8cef-ef18abe2a30c%7D:2.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.02.20 16:43:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Security Suite CBE 12\FFExt\virtualKeyboard@kaspersky.ru [2013.01.22 14:50:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Security Suite CBE 12\FFExt\linkfilter@kaspersky.ru [2013.01.22 14:50:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Security Suite CBE 12\FFExt\KavAntiBanner@Kaspersky.ru [2013.01.22 14:50:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.01 21:28:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.27 14:13:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.02.20 16:43:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA}: C:\Users\Damian\AppData\Roaming\5008 [2010.11.12 15:55:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.01 21:28:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.27 14:13:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter
[2011.10.07 12:26:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Damian\AppData\Roaming\mozilla\Extensions
[2011.01.15 14:04:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Damian\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2013.03.01 21:27:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Damian\AppData\Roaming\mozilla\Firefox\Profiles\rk6fqmmz.default\extensions
[2013.03.01 21:27:39 | 000,000,000 | ---D | M] (Ad-Aware Security Add-on) -- C:\Users\Damian\AppData\Roaming\mozilla\Firefox\Profiles\rk6fqmmz.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2013.03.01 21:27:55 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\Damian\AppData\Roaming\mozilla\Firefox\Profiles\rk6fqmmz.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012.10.24 16:51:04 | 000,005,368 | ---- | M] () (No name found) -- C:\Users\Damian\AppData\Roaming\mozilla\firefox\profiles\rk6fqmmz.default\extensions\50881052ef247@50881052ef27f.com.xpi
[2013.02.14 20:24:32 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Damian\AppData\Roaming\mozilla\firefox\profiles\rk6fqmmz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.27 14:13:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.02.27 14:13:07 | 000,000,000 | ---D | M] (Seekapp) -- C:\Program Files\Mozilla Firefox\extensions\{4548ECB8-DA60-439A-A00D-5C893F8E1F9A}
[2013.02.27 14:13:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.02.27 14:13:06 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
[2013.02.27 14:13:07 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
[2013.02.27 14:13:20 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 08:29:51 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.12.08 22:21:24 | 000,002,224 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\webblog.xml
[2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Search the web (Softonic) (Enabled)
CHR - default_search_provider: search_url = hxxp://search.softonic.com/INF1205T01/tb_v1?q={searchTerms}&SearchSource=49&cc=
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=810D53980F5EC87860D93951310F2C52
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Users\Damian\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.486_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.486_0\
CHR - Extension: Skype Click to Call = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
O1 HOSTS File: ([2010.05.13 16:53:40 | 000,001,204 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: ::1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Security Suite CBE 12\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Webblog) - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files\wbtooltb\wbtoolDx.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Security Suite CBE 12\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {ee1babcf-cbe2-4c07-8e18-dfe6fc08c30a} - No CLSID value found.
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Damian\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (no name) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Webblog) - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files\wbtooltb\wbtoolDx.dll ()
O3 - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Security Suite CBE 12\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [RoccatKone+] C:\Program Files\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchProtection] C:\ProgramData\Search Protection\_run.bat File not found
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2951023159-836439813-1825762036-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2951023159-836439813-1825762036-1001..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NHL® 09 Registration.lnk = File not found
O4 - Startup: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: svhost = C:\Windows\sys32\svhost.exe
O7 - HKU\S-1-5-21-2951023159-836439813-1825762036-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: svhost = C:\Windows\sys32\svhost.exe
O8 - Extra context menu item: Free YouTube Download - C:\Users\Damian\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Damian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files\Kaspersky Security Suite CBE 12\ie_banner_deny.htm ()
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Security Suite CBE 12\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Security Suite CBE 12\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab (o2c Player (ELECO Software GmbH))
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{490F112D-237A-4E5F-A1E1-864FEC0A7C89}: DhcpNameServer = 192.168.15.155 192.168.5.57 192.168.5.56
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0E2A8B7-AB09-460F-BB7B-3B42ED478633}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C80DF0EC-2433-4C91-BB09-5D25CEEDF50D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (BdInstHk.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - No CLSID value found.
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - No CLSID value found.
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - No CLSID value found.
O24 - Desktop WallPaper: C:\Users\Damian\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Damian\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.12.17 17:09:47 | 000,000,036 | ---- | M] () - C:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{a38de6cf-16ec-11de-9588-0023541dc279}\Shell - "" = AutoRun
O33 - MountPoints2\{a38de6cf-16ec-11de-9588-0023541dc279}\Shell\AutoRun\command - "" = I:\SETUP.EXE
O33 - MountPoints2\{abe1ca0d-25db-11de-b580-0023541dc279}\Shell - "" = AutoRun
O33 - MountPoints2\{abe1ca0d-25db-11de-b580-0023541dc279}\Shell\AutoRun\command - "" = I:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.02 12:01:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Damian\Desktop\OTL.exe
[2013.03.01 21:29:51 | 000,000,000 | ---D | C] -- C:\Users\Damian\AppData\Roaming\LavasoftStatistics
[2013.03.01 21:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013.03.01 21:29:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2013.03.01 21:29:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013.03.01 21:29:22 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2013.03.01 21:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013.03.01 21:28:05 | 000,000,000 | ---D | C] -- C:\Users\Damian\AppData\Local\adawarebp
[2013.03.01 21:28:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2013.03.01 21:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2013.03.01 21:25:42 | 000,044,424 | ---- | C] (GFI Software) -- C:\Windows\System32\sbbd.exe
[2013.03.01 21:25:42 | 000,013,560 | ---- | C] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013.03.01 21:25:41 | 000,000,000 | ---D | C] -- C:\Users\Damian\AppData\Roaming\Ad-Aware Antivirus
[2013.02.27 14:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.02.14 09:36:36 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.02.14 09:36:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.02.14 09:36:34 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.02.14 09:36:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.02.14 09:36:34 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.02.14 09:36:33 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.02.14 09:36:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.02.14 09:36:32 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.02.13 20:25:19 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.02.13 20:25:18 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013.02.13 20:25:15 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.02.13 20:25:15 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Damian\AppData\Roaming\*.tmp files -> C:\Users\Damian\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.03.02 12:01:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Damian\Desktop\OTL.exe
[2013.03.02 11:56:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.02 11:19:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.02 10:48:08 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.02 10:48:08 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.02 08:48:19 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.02 08:48:15 | 000,000,000 | -H-- | M] () -- C:\ProgramData\cm-lock
[2013.03.02 08:48:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.02 08:48:05 | 3219,668,992 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.01 21:50:03 | 000,001,697 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013.03.01 21:43:56 | 000,594,019 | ---- | M] () -- C:\Users\Damian\Desktop\adwcleaner.exe
[2013.03.01 21:25:42 | 000,044,424 | ---- | M] (GFI Software) -- C:\Windows\System32\sbbd.exe
[2013.03.01 21:25:42 | 000,013,560 | ---- | M] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013.02.27 19:03:04 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.27 19:03:04 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.17 14:08:29 | 000,002,339 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.02.14 10:14:33 | 004,310,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.14 09:33:32 | 000,704,266 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.14 09:33:32 | 000,651,468 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.14 09:33:32 | 000,156,866 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.14 09:33:32 | 000,129,032 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.02 10:35:58 | 000,001,356 | ---- | M] () -- C:\Users\Damian\AppData\Local\d3d9caps.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Damian\AppData\Roaming\*.tmp files -> C:\Users\Damian\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.03.02 08:48:15 | 000,000,000 | -H-- | C] () -- C:\ProgramData\cm-lock
[2013.03.01 21:43:50 | 000,594,019 | ---- | C] () -- C:\Users\Damian\Desktop\adwcleaner.exe
[2013.03.01 21:29:27 | 000,001,697 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013.01.22 14:18:40 | 000,017,408 | ---- | C] () -- C:\Users\Damian\AppData\Local\WebpageIcons.db
[2013.01.22 14:15:57 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2013.01.22 14:15:57 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2013.01.13 16:57:10 | 000,017,946 | ---- | C] () -- C:\Users\Damian\.recently-used.xbel
[2012.10.27 15:54:53 | 000,000,280 | ---- | C] () -- C:\Windows\game.ini
[2012.09.28 21:08:37 | 000,121,035 | ---- | C] () -- C:\Users\Damian\133058_3293830565121_1987589343_o.jpg
[2012.09.28 21:08:35 | 000,124,299 | ---- | C] () -- C:\Users\Damian\417407_3118449380701_327535709_n.jpg
[2012.09.16 11:09:34 | 000,015,312 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2012.03.03 20:23:19 | 000,265,120 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2012.02.29 21:58:53 | 000,001,962 | ---- | C] () -- C:\Users\Damian\.armitage.prop
[2012.02.25 10:09:21 | 000,035,874 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012.02.03 10:29:56 | 000,042,392 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011.11.13 00:21:09 | 000,000,046 | ---- | C] () -- C:\Windows\System32\DonationCoder_desktopcoral_InstallInfo.dat
[2011.09.21 19:00:53 | 000,000,276 | ---- | C] () -- C:\Users\Damian\SciTE.session
[2011.09.21 13:39:36 | 000,055,727 | ---- | C] () -- C:\Users\Damian\P210911_07.05.JPG
[2011.09.21 10:57:31 | 000,000,000 | ---- | C] () -- C:\Users\Damian\AppData\Local\{4DEF4E95-EB59-4FB0-B52C-7FD58C732AA2}
[2011.09.08 22:19:39 | 000,000,132 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.09.04 21:34:06 | 000,001,456 | ---- | C] () -- C:\Users\Damian\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.08.29 12:15:44 | 000,000,132 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011.08.23 10:00:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.08.23 09:58:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.07.06 18:43:25 | 008,995,244 | ---- | C] () -- C:\Users\Damian\ts3_recording_11_07_06_19_43_22.wav
[2011.03.11 12:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2011.02.10 15:00:22 | 000,001,024 | ---- | C] () -- C:\Users\Damian\.rnd
[2010.12.12 21:06:37 | 000,002,801 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\ac.exe.config
[2010.12.12 21:06:36 | 000,509,952 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\ac.exe
[2010.12.04 17:43:58 | 000,000,023 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\urhtps.dat
[2009.12.12 15:45:13 | 000,000,046 | ---- | C] () -- C:\Users\Damian\AppData\Local\DonationCoder_desktopcoral_InstallInfo.dat
[2009.11.27 19:30:13 | 000,138,056 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\PnkBstrK.sys
[2009.09.07 12:14:57 | 000,001,356 | ---- | C] () -- C:\Users\Damian\AppData\Local\d3d9caps.dat
[2009.09.07 12:07:08 | 000,001,100 | ---- | C] () -- C:\Users\Damian\AppData\Local\d3d8caps.dat
[2009.07.11 12:46:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.02.23 15:56:32 | 000,060,416 | ---- | C] () -- C:\Users\Damian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Files - Unicode (All) ==========
[2012.12.21 12:08:28 | 000,000,000 | ---D | M](C:\Users\Damian\Desktop\Jojo?) -- C:\Users\Damian\Desktop\Jojo♥
[2012.01.07 21:16:39 | 000,000,000 | ---D | C](C:\Users\Damian\Desktop\Jojo?) -- C:\Users\Damian\Desktop\Jojo♥
========== Alternate Data Streams ==========
@Alternate Data Stream - 500 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:E8BE05FA
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:DBC416F8
< End of report >
--- --- ---
Extras: OTL Logfile: Code:
OTL Extras logfile created on: 02.03.2013 12:03:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Damian\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 39,53% Memory free
6,20 Gb Paging File | 3,31 Gb Available in Paging File | 53,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 585,42 Gb Total Space | 285,31 Gb Free Space | 48,74% Space Free | Partition Type: NTFS
Computer Name: DAMIAN-PC | User Name: Damian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2951023159-836439813-1825762036-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CCF9907-FEC5-4A42-846D-356AC51DD147}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{138CBCD1-4EB9-4455-B392-5CAFC7A79A42}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1ED8401D-C707-4D3B-871B-EC03D7714EDB}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{22E54F7B-EC76-44F6-B981-5FF78851E71E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{272BB308-8136-4ACE-A25D-505C1736DAFF}" = rport=138 | protocol=17 | dir=out | app=system |
"{303BFC98-4B6E-4E7F-9EC8-18B6733318BA}" = lport=137 | protocol=17 | dir=in | app=system |
"{3472435E-862A-4AD5-9817-C7E76C79327C}" = rport=139 | protocol=6 | dir=out | app=system |
"{41EC8C7C-4EB6-4A36-BC3E-2AB7C49D6504}" = lport=139 | protocol=6 | dir=in | app=system |
"{4539180C-8565-4728-B0B3-79E8865345C4}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{45D9225D-0869-4E61-A5AD-480FB8EBAD5D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{46D1A2A9-1B6C-4ACE-A2E5-30713297EF82}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{519048E3-E92D-4FE8-8E77-BC867E520AC7}" = lport=445 | protocol=6 | dir=in | app=system |
"{8B8E264C-1371-4259-B806-28E1FD29DE53}" = rport=2869 | protocol=6 | dir=out | app=system |
"{94A43EDE-265A-4CB3-B209-450A15461F62}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{9EC9ED5A-AD8C-4B96-B2C3-B9B89DCEEBEC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AF146322-4DE8-4397-927D-1D765C14E1F2}" = lport=138 | protocol=17 | dir=in | app=system |
"{F3445899-E499-4E81-A533-5ECA71D71A97}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3870119-316B-48F4-97EB-0E9BDF22AB6E}" = rport=445 | protocol=6 | dir=out | app=system |
"{F3F9661D-35C8-4114-86A3-50D8D2034CA6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F67FE29D-C69D-4970-ACD7-274894835283}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FDE941C5-E23B-4E13-AE04-883A00B2D551}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06EB203A-DB21-49C8-A957-F9B55EEF9B88}" = protocol=17 | dir=in | app=c:\program files\permissionresearch\prmrsr.exe |
"{0ABDEDA1-86D5-41D4-A3C7-D30AAF210D17}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{0CE85B40-803B-4934-8904-1AA3B46888BF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0D5FC0F8-3A73-4925-9AED-E65A2A4323E4}" = protocol=6 | dir=in | app=c:\windows\temp\~os2981.tmp\rlvknlg.exe |
"{1250E799-EB3B-4EE2-B0F4-DCFCE51003C2}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{1D3BA31F-8233-446D-A58B-B203121538FF}" = protocol=6 | dir=in | app=c:\program files\adawaretb\dtuser.exe |
"{1E1DBBE3-865F-4785-ACB3-7B1DE0317036}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{1FC3D23F-4461-4B09-8EE5-1B057603BB71}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2276202A-641E-40CA-97C8-A668AF79E3CE}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\damianek234\counter-strike source\hl2.exe |
"{25D975CA-CC61-428D-ACBC-404F144C4D35}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2C0AE7EE-C528-4E85-BE1A-25D00C0FAD34}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2ED1A031-545F-4E84-8404-C5FD7D8649FD}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{33B7B956-0B56-4018-B4A4-D4EE7EF0A9EF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{346933F8-DAA3-4EC4-BF7B-E9E52E24223E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{34BAEEFF-BAEF-4F24-932E-619D1AD808A2}" = protocol=17 | dir=in | app=c:\program files\adawaretb\dtuser.exe |
"{3572D8E5-D27E-458F-B448-3D9AA0957185}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{3C8FC101-34E9-4D77-95E4-C39A95C0B661}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{439B7406-2F1B-4F1E-99E5-29FB953CFF3C}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{50E31ECE-E3B3-49E4-BC42-82BFCA1E12C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5123184C-5E94-40CA-B110-3B8A14370755}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{58721EDE-D230-4E44-90B8-4ED4AB1E882B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{5901EE1E-1509-4B36-B581-CEDFC2734830}" = protocol=17 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{5B0B1D09-F9E7-4FA1-92FB-CDF202F81714}" = protocol=6 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{5B58E92C-2C85-4F27-8EA0-7F9BA1C92EFE}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5C804171-760E-4C20-8917-1248640488C5}" = dir=in | app=c:\program files\eslwire\wire.exe |
"{5D4F3D60-E971-41B3-BD6E-C70FBF13DBB6}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{5D74DBC3-1366-4D8E-AA60-F841D49FFD41}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{5D987A25-53E4-4FAE-B4C1-AEB369F5AF85}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{615251BD-685D-4A6F-B1E5-695EC667EBD0}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{664568FC-AC50-432B-BD40-6FFA0E723C67}" = protocol=17 | dir=in | app=c:\program files\efusion\blackshot\system\blackshot.exe |
"{66EF07A6-FEC9-4AF1-9EF0-B83FCA3CD451}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{66FE9070-56F7-4B41-82E4-9BA2AF08143D}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{6821B753-4FBD-4196-8009-CDEB4F1C6408}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{6A3245AC-3E1B-4592-B4C1-725A4194E063}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{6DCE9BD0-E24B-494A-B98D-9C9A022ACCF1}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{6E9A6B0B-908C-4294-8710-0F46E2F8DB26}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\damianek234\counter-strike source\hl2.exe |
"{6EA60D32-5624-4B0A-A2EF-957681C8D201}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{72B217E3-AF9E-4455-BCAA-FA76FA0BE045}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{72CBFDEC-18DD-4074-AC0E-30BEDE84CF9C}" = protocol=6 | dir=in | app=d:\alicesetup.exe |
"{770A3444-05FB-447F-82E5-BB516EF76F29}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{7868DDE4-DF99-4424-8A56-CC1B85BA40A9}" = protocol=17 | dir=in | app=d:\alicesetup.exe |
"{7A087441-1D28-45EE-B24C-A5FB45DCDA95}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{7AB62B27-43DE-45A6-B36D-39026C3B1DE7}" = protocol=6 | dir=in | app=c:\program files\permissionresearch\prmrsr.exe |
"{7C950C30-598A-43C7-8263-6718B1028682}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{7F23DA94-0CBF-4BE3-85C7-1925E7F36945}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{800FA9D2-AB18-442C-9841-AB37C6AB40E1}" = protocol=17 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{80AC8F46-0A44-49DD-800E-2C5C90211F15}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{82341081-A685-400D-9541-9351A976FEF6}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{83137053-A028-4A7E-AC80-AB3333871D04}" = protocol=17 | dir=in | app=c:\program files\cyanide\gamecenter\gamecenter.exe |
"{862A776C-6A0F-48C8-B23B-D8783CD89BEA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{87301038-14AF-43E5-94E7-416F1933C256}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\damianek234\dedicated server\hlds.exe |
"{8C5C3F1B-8F4F-485A-8619-D1E2C523FFFD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{8EE856EC-AE3B-450F-B8D3-7458EDA18ED0}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{91A86960-89A1-4FAA-995A-5C69B5DE4AD9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{91EA6212-8393-42F6-B2F6-19852AD0DE48}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{9424D06A-85A4-4A63-B558-D75679193615}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{98E9AF0C-E4CB-439A-BA86-46F58EB08E07}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{98F05BDD-7A0C-4BC2-8888-2D4B562FF322}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{9C67D54E-3C76-4F14-80F7-6DE8BF295E8A}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{9FF151B2-853A-47A8-A74A-4F58318BC898}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{A652862C-1C9A-4C79-99DB-26A7CD044E12}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{AEADB9C1-FF67-452F-B208-89412915FFFF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\damianek234\counter-strike source\hl2.exe |
"{B06F5C6B-E7C0-4D01-9CF4-1ADCDC14835F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{B19786B6-9602-4188-86AD-8C6438329243}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\damianek234\counter-strike source\hl2.exe |
"{B3909AA6-8C7D-4EE0-8122-D24E333DBA29}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{B76027BA-7124-4C47-AA4D-30F1989C2D52}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{B78B2F85-8DB1-41E2-8053-FE2E201A693E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B841E1DD-962C-42FF-B727-CDD2B5055E5D}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{B9BB7D5E-786E-40B0-9173-F18DA27A5429}" = protocol=6 | dir=in | app=c:\program files\cyanide\gamecenter\gamecenter.exe |
"{BCCED6BB-BB54-4071-8FF3-7E7C15D6FF55}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{BDABEFCB-3F39-4797-8CDD-16EEC5F4D8D6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{C069E783-C0DB-4CFB-93D8-3B123D2E1C44}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{C5825AFA-47A9-4DD6-ADD5-DB32DDAE5E41}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{D0C68C6E-B655-49EF-928A-703BDCB98B5A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\damianek234\dedicated server\hlds.exe |
"{D6D43AB8-493F-48A6-84FD-0C3BAF6BA2E5}" = dir=out | app=c:\program files\eslwire\wire.exe |
"{D7DC0DDF-7C51-4052-9BD1-28E770BAC3EC}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{D7DC50CC-290C-436F-A868-A92FF3BB2E17}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{D8219BAF-A5FC-4312-9312-55B1B89CF0B2}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D840EAA0-F3A3-482E-B3FC-A0010FB612E6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D97B7EE9-5E2A-4136-879A-99A8DFFD7BA5}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{DB121D23-C770-4A9D-998C-C9A0352F90CD}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{DE1585AC-1AC4-4B3C-82B6-D92D4C9C64A5}" = protocol=6 | dir=in | app=c:\windows\temp\~os5541.tmp\rlvknlg.exe |
"{DEF91572-18C0-4E2D-851F-ABDF6A326CC0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{E17D6971-E5B0-4267-A0B9-8A64425C3265}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{E1C3305F-6837-414A-B647-D27FF2F792E9}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{E282BFFA-2A35-4198-B742-94DB64D745B1}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E5EC2D2B-5FB9-44CF-AD7C-9D0DE2BE9FC6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\damianek234\counter-strike\hl.exe |
"{E8A1EA8B-3AC6-4614-A117-1AD2F0C0C675}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{EA919BDD-69C6-4EED-A221-81FC574AC22D}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{EA91F53D-A2CB-4E05-8CEA-1FEE12C6AF5A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\damianek234\counter-strike\hl.exe |
"{EB12D342-1A6B-49A8-A48D-D2CEC5A30302}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{EBA4ED06-D931-4EB9-8825-86D5BC4CBB13}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{EF5AD638-82B1-4753-8E5C-92DF11D5A9EB}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{F2B424F0-1512-4082-B53A-F20DF239847E}" = protocol=6 | dir=in | app=c:\program files\efusion\blackshot\system\blackshot.exe |
"{F2ED5393-D814-4563-8EF3-C749AA545C3D}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{F336FBE1-62C5-4472-B031-6B5450B6689B}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{F4B1F7A7-3A38-4BFE-8B91-7CA3360353F1}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{F8C00690-2296-4890-B5A5-92E14C78FB85}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FE34297B-9739-437E-AFC8-D4CE782FC2D0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{FEB22745-971F-4CC7-9B21-83C7DC57B9B0}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{FF7DB99C-A218-4866-90DB-D9FE36F811B1}" = protocol=6 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"TCP Query User{0A1760FA-E720-4D51-9A5E-C60A2EA12398}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{0D24D74A-0D2C-4945-A905-CEB112C39463}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"TCP Query User{0FB129E5-ED23-47BA-83D7-439EB6B65DBF}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{1A7F1D4E-F374-44E6-B0F8-FC32ECBAF3D3}C:\program files\relevantknowledge\rlvknlg.exe" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"TCP Query User{1CE1CF85-4A02-481B-A979-D8FB856BEF6E}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{29B941E4-A9CB-4DB7-AEF2-402A38E1E5AC}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{2FEC1FC8-CE26-408C-AAC2-2DA84263526B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{369EAB71-89DF-46BB-AAD2-826C6CD95ACB}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{395FF961-4F38-4AEB-8C87-5C4189715506}C:\program files\valve\hlds.exe" = protocol=6 | dir=in | app=c:\program files\valve\hlds.exe |
"TCP Query User{441085A5-4C84-40C6-9B26-0A1765868DDA}C:\users\damian\appdata\local\temp\rarsfx0\hl.exe" = protocol=6 | dir=in | app=c:\users\damian\appdata\local\temp\rarsfx0\hl.exe |
"TCP Query User{48D5A98C-0FA6-45B3-ACC2-4679405889E4}C:\program files\ws_ftp\ws_ftp95.exe" = protocol=6 | dir=in | app=c:\program files\ws_ftp\ws_ftp95.exe |
"TCP Query User{57A835E5-9F74-4BDF-8375-ECA3D88848EB}C:\program files\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\fifa 12\game\fifa.exe |
"TCP Query User{5A0963EA-495C-4AFE-AC62-26F5CA0FB316}C:\program files\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files\diablo iii\diablo iii.exe |
"TCP Query User{6CD22A9A-02FE-40AA-A957-D5DBB0C80413}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{7246DF15-B59F-4713-9D0F-AB08E420A82B}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{7DF27538-23EC-4058-9049-639DA9BF9AC6}C:\programdata\battle.net\agent\agent.1363\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"TCP Query User{8C8AC57B-6C43-4F97-B620-E50252672F2D}C:\program files\valve\hltv.exe" = protocol=6 | dir=in | app=c:\program files\valve\hltv.exe |
"TCP Query User{92C317E9-8F18-4CB0-A277-7DA139CE8336}C:\users\damian\desktop\blubvolley_1.0m\blubvolley\blubvolley.exe" = protocol=6 | dir=in | app=c:\users\damian\desktop\blubvolley_1.0m\blubvolley\blubvolley.exe |
"TCP Query User{9617B51E-C330-4A21-AD8F-759608A1112C}C:\users\damian\temp\teamviewer\version5\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\damian\temp\teamviewer\version5\teamviewer.exe |
"TCP Query User{9933DA57-A801-49C0-87B1-08641F4841B7}C:\program files\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe |
"TCP Query User{A6156E63-6B0C-4890-8045-1FA3FC5DA6A9}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{AA169D4B-9ECB-4CA9-A386-9F0D76A3FF7A}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{B0A1B18B-62D8-4486-A827-294994F45C3C}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{D216A983-C836-4D22-B20F-5248693C7E70}C:\program files\migajek software\hateml\dbglistener\dbglistener.exe" = protocol=6 | dir=in | app=c:\program files\migajek software\hateml\dbglistener\dbglistener.exe |
"TCP Query User{D2E6615D-DB4A-4EE6-9E6B-D9F946EC8186}C:\program files\ea games\need for speed undercover\nfs.exe" = protocol=6 | dir=in | app=c:\program files\ea games\need for speed undercover\nfs.exe |
"TCP Query User{D598041D-2186-41A9-B439-C70EE7675CDA}C:\program files\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files\lolreplay\lolreplay.exe |
"TCP Query User{DB5B796B-948E-47BA-90A3-7D8BC077EBA5}C:\program files\gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu\gg.exe |
"TCP Query User{DD1EBA7B-FC4E-4E4B-86EC-868BC7332E76}C:\program files\steam\steamapps\damianek234\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\damianek234\counter-strike\hl.exe |
"TCP Query User{EB477248-4B53-4C5B-B55F-7DA79E0CD3DB}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{EDB731D3-4C85-4065-B4AC-ADCD0A1512CB}C:\program files\awesom-o\awesom-o.exe" = protocol=6 | dir=in | app=c:\program files\awesom-o\awesom-o.exe |
"TCP Query User{F06C076C-E02D-411C-BD2E-A7B08D1264F5}C:\program files\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe |
"TCP Query User{F1315742-5E66-416F-A0D3-649DEED8B383}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{F7FA94B3-9609-4C78-ABDD-EA765874C9B9}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{0626AD8C-FC02-49B8-8EA8-6489492F0D5A}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{083CF147-426C-4F8C-985D-FD5CD359934E}C:\program files\gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu\gg.exe |
"UDP Query User{0F0DE07E-F6A6-4136-9B7C-6360A397664F}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{10427456-D68E-49E2-B70F-0DF291C63AA0}C:\program files\relevantknowledge\rlvknlg.exe" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"UDP Query User{1448B2B5-5725-4E8E-864F-57385FB8F797}C:\users\damian\desktop\blubvolley_1.0m\blubvolley\blubvolley.exe" = protocol=17 | dir=in | app=c:\users\damian\desktop\blubvolley_1.0m\blubvolley\blubvolley.exe |
"UDP Query User{24C0181D-55A9-4A6D-A98A-52D697D09FCC}C:\program files\valve\hltv.exe" = protocol=17 | dir=in | app=c:\program files\valve\hltv.exe |
"UDP Query User{26663AED-6695-4B40-B750-CBFF47081077}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{27AE9963-EDD8-491B-8B8A-EE40151B69B0}C:\users\damian\temp\teamviewer\version5\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\damian\temp\teamviewer\version5\teamviewer.exe |
"UDP Query User{3FCA761B-5C4F-42C0-823F-89230CBD1F2A}C:\program files\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files\diablo iii\diablo iii.exe |
"UDP Query User{3FE27050-DF68-46A0-A625-5F0BB7974D5A}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{41ED8595-B4C4-4ADC-8712-DB50EDFB8564}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{47DB58F9-7D6B-4F08-80A2-F51FECA38033}C:\program files\steam\steamapps\damianek234\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\damianek234\counter-strike\hl.exe |
"UDP Query User{5566B428-51CD-44A8-B626-B6B055D5093A}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{5616BE65-D528-4B33-B19D-E2F15FF93475}C:\program files\ws_ftp\ws_ftp95.exe" = protocol=17 | dir=in | app=c:\program files\ws_ftp\ws_ftp95.exe |
"UDP Query User{5ACF07A5-CFA1-4D08-9B3C-BC4F2B5253C6}C:\programdata\battle.net\agent\agent.1363\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"UDP Query User{5F206A89-A1A0-4653-B095-C1C595832A24}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{664D9232-B5DD-4FFA-AB43-490A95CD8C90}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"UDP Query User{6DFCC898-E256-4D86-90AF-059229153CDD}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{7C6D98A4-B08B-4E89-ABD7-D20DCDFC4A9D}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{87A6FD4B-AD3A-4E7E-A213-CC201DC41989}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{89D0D399-04CD-47AA-9D9D-ECA2101FE2AE}C:\program files\migajek software\hateml\dbglistener\dbglistener.exe" = protocol=17 | dir=in | app=c:\program files\migajek software\hateml\dbglistener\dbglistener.exe |
"UDP Query User{8BAEBE1E-74BF-4DC9-BA57-3E6CEE9CC525}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{A03598C8-CC50-4D1C-8C13-72239ED6928B}C:\program files\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files\lolreplay\lolreplay.exe |
"UDP Query User{A5841B39-6B1E-4FFE-8C5B-3F295C20633E}C:\program files\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe |
"UDP Query User{B02E2177-6C8A-455F-8720-9F7526BD58EC}C:\program files\valve\hlds.exe" = protocol=17 | dir=in | app=c:\program files\valve\hlds.exe |
"UDP Query User{BB364C03-1306-4FD5-85D6-6814A8F29AC1}C:\program files\ea games\need for speed undercover\nfs.exe" = protocol=17 | dir=in | app=c:\program files\ea games\need for speed undercover\nfs.exe |
"UDP Query User{D009CEEE-9991-4820-A155-E8D43BC91E75}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{DC1E7770-7B28-4A9A-8990-0868CA93181D}C:\program files\awesom-o\awesom-o.exe" = protocol=17 | dir=in | app=c:\program files\awesom-o\awesom-o.exe |
"UDP Query User{DD955C69-0859-4CB7-B4E5-D1E8D56FA3BE}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{E6B46798-ACF8-4ED8-AF68-30633375611E}C:\users\damian\appdata\local\temp\rarsfx0\hl.exe" = protocol=17 | dir=in | app=c:\users\damian\appdata\local\temp\rarsfx0\hl.exe |
"UDP Query User{E79AF39A-371E-408E-9779-A3FAA8BA26E1}C:\program files\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\fifa 12\game\fifa.exe |
"UDP Query User{E8633F0F-77A5-4281-8485-A588638C2321}C:\program files\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe |
"UDP Query User{F3F4E990-9753-4412-BF02-3CA9FF9403A1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{080FE95E-5A89-4A54-BAAA-D769971B7C2D}" = Corel Home Office
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}" = Shutdown Timer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0FB0C4D9-73BB-4D1A-8483-5D0BD53FACC0}" = Ad-Aware Antivirus
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{2F083216-8203-4E94-8C7C-EDF1C91D037D}" = RealWorld Cursor Editor
"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0170070}" = Java SE Development Kit 7 Update 7
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{394C4F1B-8C88-404C-B644-58203570EEDB}" = MainConcept MPEG2 Software Encoder
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Security Suite CBE 12
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AEFE4FD-8EF1-4D61-B3CF-52016EAE6692}" = Hama Webcam Suite
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5DF7AA5E-A1CB-11E0-A7D6-0013D3D69929}" = MSVCRT Redists
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6059C682-4C5F-4106-8487-943E98225D3B}" = LG MC USB Modem driver
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1" = Java-Editor 11.18, 2012.09.27
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{744D08ED-C523-40AD-886A-0CAD5B770924}" = Crossfire Keyboard Layout by -Sp0ng3B0b- v2
"{770103E9-E1C3-48C9-812B-2982C7070575}_is1" = Pazera Free MOV to AVI Converter 1.4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{79872596-B887-E700-8D56-CADBC78BA5DE}" = Adobe Download Assistant
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7EC19307-7C22-47A8-922B-3FA965291260}" = OpenOffice.org 3.0
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.5.0
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 Test
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D5B8F9D-00F6-4F71-87E0-C43C043A018E}" = Logitech Motion Detector Gadget
"{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99BEB67F-B288-44F5-8B2A-23F5A52FA1AE}_is1" = Universal AntiCheat 3 v1.043
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A15DD4E6-0E5F-4EE9-A26E-4A0234CF6038}" = MAGIX Speed burnR (MSI)
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AC83BC6F-56B3-4C76-9024-A4178DCCAB55}" = MAGIX Video deluxe 17 Plus Download-Version
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B226B255-6C43-462D-B41F-12CDD5E1C4CD}" = MAGIX Screenshare
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{C2425F91-1F7B-4037-9A05-9F290184798D}" = NETGEAR WNA3100 wireless USB 2.0 adapter
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"adawaretb" = Ad-Aware Security Add-on
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"C2F5DF4DBA55AD4D004E4EDA0406903C1643F8E0" = Windows-Treiberpaket - PEGATRON GROUP (NxpCap) MEDIA (09/22/2008 1.0.5.25)
"CCleaner" = CCleaner
"CD Art Display_is1" = CD Art Display 3.0.1504 Beta
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Cross Fire_is1" = Cross Fire En
"Crossfire Europe" = Crossfire Europe
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"Easy GIF Animator_is1" = Easy GIF Animator 5.4
"Easy Graphic Converter 1.2_is1" = Easy Graphic Converter 1.2
"ESL Wire_is1" = ESL Wire 1.13
"FIFA 12 (c) EA_is1" = FIFA 12 (c) EA version 1
"FL Studio 10" = FL Studio 10
"Fraps" = Fraps (remove only)
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Free YouTube Download_is1" = Free YouTube Download version 3.1.30.627
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.25.627
"GameCenter_is1" = GameCenter 1.3.0.6
"GIF Animator" = Microsoft GIF Animator
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Icy Tower v1.5_is1" = Icy Tower v1.5
"Immersive Explorer" = Immersive Explorer 0.3
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Security Suite CBE 12
"LOLReplay" = LOLReplay
"MAGIX_MSI_Videodeluxe17_plus" = MAGIX Video deluxe 17 Plus Download-Version
"McAfee Security Scan" = McAfee Security Scan Plus
"MediaPortal" = MediaPortal
"Metasploit 4.2.0" = Metasploit
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU
"Mozilla Firefox 19.0 (x86 de)" = Mozilla Firefox 19.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Need for Speed Underground 2" = Need for Speed Underground 2
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"NSIS" = Nullsoft Install System
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PandoraRecovery" = PandoraRecovery (Remove Only)
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"PhotoScape" = PhotoScape
"PokerTH 0.8.3" = PokerTH
"Postal 2_is1" = Portal 2
"Rainmeter" = Rainmeter (remove only)
"Recover My Files_is1" = Recover My Files
"Recuva" = Recuva
"RocketDock_is1" = RocketDock 1.3.5
"Shockwave" = Shockwave
"Shop for HP Supplies" = Shop for HP Supplies
"Smart Data Recovery_is1" = Smart Data Recovery v4.4
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 3.27
"ST6UNST #2" = HLTooLz
"Steam App 10" = Counter-Strike
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 5" = Dedicated Server
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"TeamViewer 8" = TeamViewer 8
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Valve Hammer Editor" = Valve Hammer Editor
"Veetle TV" = Veetle TV 0.9.18
"ViGlance" = ViGlance
"VLC media player" = VLC media player 1.1.10
"WavePad" = WavePad Audiobearbeitungs-Software
"wbtooltb" = Webblog
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = Archiwizator WinRAR
"Worms Reloaded_is1" = Worms Reloaded
"Xfire" = Xfire (remove only)
"YTdetect" = Yahoo! Detect
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2951023159-836439813-1825762036-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"c8fbc20a88cf5892" = WindowsApplication1
"e3b16aab256db613" = Scrim Spot Anti-Cheat
"Headshot Player" = Headshot Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 01.03.2013 16:54:04 | Computer Name = Damian-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 01.03.2013 16:54:04 | Computer Name = Damian-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 01.03.2013 16:54:04 | Computer Name = Damian-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 01.03.2013 16:54:04 | Computer Name = Damian-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 01.03.2013 16:54:04 | Computer Name = Damian-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 01.03.2013 16:54:04 | Computer Name = Damian-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 01.03.2013 16:54:04 | Computer Name = Damian-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 01.03.2013 16:54:04 | Computer Name = Damian-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 01.03.2013 16:54:04 | Computer Name = Damian-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 02.03.2013 03:49:36 | Computer Name = Damian-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 24.04.2009 02:00:44 | Computer Name = Damian-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (2848.1129)
Error - 26.04.2009 13:04:18 | Computer Name = Damian-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (3288.1128)
Error - 26.04.2009 13:04:18 | Computer Name = Damian-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (3288.1129)
Error - 28.04.2009 03:08:45 | Computer Name = Damian-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (3552.1128)
Error - 28.04.2009 03:08:45 | Computer Name = Damian-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (3552.1129)
Error - 29.04.2009 15:05:02 | Computer Name = Damian-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (1608.1128)
Error - 29.04.2009 15:05:02 | Computer Name = Damian-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (1608.1129)
Error - 01.05.2009 04:02:49 | Computer Name = Damian-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (1584.1128)
Error - 01.05.2009 04:02:49 | Computer Name = Damian-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (1584.1129)
Error - 02.05.2009 05:18:04 | Computer Name = Damian-PC | Source = MCUpdate | ID = 0
Description = Directory konnte nicht abgerufen werden (Fehler: Die Verbindung mit
dem Remoteserver kann nicht hergestellt werden.) (4820.1114)
[ System Events ]
Error - 01.03.2013 16:52:05 | Computer Name = Damian-PC | Source = DCOM | ID = 10005
Description =
Error - 01.03.2013 16:52:06 | Computer Name = Damian-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 01.03.2013 16:52:59 | Computer Name = Damian-PC | Source = Service Control Manager | ID = 7038
Description =
Error - 01.03.2013 16:52:59 | Computer Name = Damian-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.03.2013 03:49:37 | Computer Name = Damian-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.03.2013 03:50:54 | Computer Name = Damian-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 02.03.2013 03:51:24 | Computer Name = Damian-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 02.03.2013 03:51:24 | Computer Name = Damian-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.03.2013 03:51:55 | Computer Name = Damian-PC | Source = Service Control Manager | ID = 7038
Description =
Error - 02.03.2013 03:51:55 | Computer Name = Damian-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
--- --- ---
Das |
Malwarebytes Anti-Malware 
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
aswMBR.exe und speichere die Datei auf deinem Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
