| ServerCrash | 02.08.2012 00:06 |
ok es gibt doch beides sorry^^
OTL.txt:OTL Logfile: Code:
OTL logfile created on: 02.08.2012 00:55:20 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = D:\Users\Momo\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,12 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 48,72% Memory free
6,24 Gb Paging File | 4,47 Gb Available in Paging File | 71,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 195,31 Gb Total Space | 14,19 Gb Free Space | 7,27% Space Free | Partition Type: NTFS
Drive D: | 78,13 Gb Total Space | 16,48 Gb Free Space | 21,10% Space Free | Partition Type: NTFS
Drive E: | 436,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PX1-L | User Name: Momo | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - D:\Users\Momo\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Users\Momo\AppData\Roaming\Microsoft\Windows\Drivers\Drivers.exe (Microsoft Corp.)
PRC - D:\Users\Momo\AppData\Roaming\Microsoft\Windows\Java\Runtime.exe (Microsoft Corp.)
PRC - D:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe (Adobe Systems, Inc.)
PRC - D:\Users\Momo\AppData\Local\wscntfy.exe (Test3)
PRC - D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - D:\Users\Leonhard\Downloads\uTorrent.exe (BitTorrent, Inc.)
PRC - D:\Windows\System32\hale.exe ()
PRC - D:\Programme\PowerISO\PWRISOVM.EXE (Power Software Ltd)
PRC - D:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - D:\Windows\explorer.exe (Microsoft Corporation)
PRC - D:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - D:\Windows\System32\cmd.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - D:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
MOD - D:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - D:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - D:\Windows\System32\hale.exe ()
MOD - D:\Programme\WinRAR\RarExt.dll ()
MOD - D:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - D:\Windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Drawing.resources.dll ()
MOD - D:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
========== Win32 Services (SafeList) ==========
SRV - (ACDaemon) -- D:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- D:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- D:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Akamai) -- d:\program files\common files\akamai/netsession_win_4f7fccd.dll ()
SRV - (SkypeUpdate) -- D:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Steam Client Service) -- D:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (FLEXnet Licensing Service) -- D:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (WatAdminSvc) -- D:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (TunngleService) -- D:\Programme\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (AMD External Events Utility) -- D:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AMD FUEL Service) -- D:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (HauppaugeTVServer) -- D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
SRV - (WMPNetworkSvc) -- D:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WSWNDA3100) -- D:\Programme\NETGEAR\WNDA3100v2\WifiSvc.exe ()
SRV - (McComponentHostService) -- D:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (StorSvc) -- D:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- D:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- D:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- D:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (XDva397) -- D:\Windows\system32\XDva397.sys File not found
DRV - (XDva393) -- D:\Windows\system32\XDva393.sys File not found
DRV - (PsSdk41) -- D:\Windows\System32\drivers\pssdk41.sys (microOLAP Technologies LTD)
DRV - (dtsoftbus01) -- D:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (SCDEmu) -- D:\Windows\System32\drivers\scdemu.sys (Power Software Ltd)
DRV - (amdkmdag) -- D:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- D:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AODDriver4.01) -- D:\Programme\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys (Advanced Micro Devices)
DRV - (AtiHDAudioService) -- D:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (BCMH43XX) -- D:\Windows\System32\drivers\bcmwlhigh6.sys (Broadcom Corporation)
DRV - (hcwD1encoder) -- D:\Windows\System32\drivers\hcwD1xcd.sys (ViXS Systems Inc.)
DRV - (hcwD1capture) -- D:\Windows\System32\drivers\hcwD1cap.sys (Hauppauge Computer Works, Inc.)
DRV - (TsUsbFlt) -- D:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (vmbus) -- D:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (dmvsc) -- D:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
DRV - (storflt) -- D:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (WinUsb) -- D:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (storvsc) -- D:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- D:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (VMBusHID) -- D:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- D:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (amdiox86) -- D:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)
DRV - (RTL8187B) -- D:\Windows\System32\drivers\wg111v3.sys (NETGEAR Inc. )
DRV - (tap0901t) -- D:\Windows\System32\drivers\tap0901t.sys (Tunngle.net)
DRV - (msloop) -- D:\Windows\System32\drivers\loop.sys (Microsoft Corporation)
DRV - (MRV6X32P) -- D:\Windows\System32\drivers\MRVW13B.sys (Marvell Semiconductor, Inc)
DRV - (SCMNdisP) -- D:\Windows\System32\drivers\SCMNdisP.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (Afc) -- D:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (MTsensor) -- D:\Windows\System32\drivers\ASACPI.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Österreich: Hotmail, Messenger, Skype download, Unterhaltung, Nachrichten, Sport, Lifestyle und mehr bei MSN AT
IE - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 BA 73 A0 1E 70 CD 01 [binary data]
IE - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.10 16:56:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012.07.18 20:50:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2012.03.19 00:51:01 | 000,000,000 | ---D | M]
[2012.03.14 20:32:52 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Momo\AppData\Roaming\mozilla\Extensions
[2012.05.04 19:00:21 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Momo\AppData\Roaming\mozilla\Firefox\Profiles\k47lth6o.default\extensions
[2012.04.27 19:10:11 | 000,000,000 | ---D | M] (No name found) -- D:\Programme\Mozilla Firefox\extensions
[2012.07.18 20:50:55 | 000,136,672 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.19 00:50:44 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.21 23:16:12 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.02 21:37:07 | 000,002,356 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.06.21 23:16:12 | 000,002,252 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.21 23:16:12 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.21 23:16:12 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.21 23:16:12 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.21 23:16:12 | 000,001,105 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - D:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Codecv Class) - {38081DC2-75B3-44E8-869C-2717E0B55605} - D:\ProgramData\Codecv\bhoclass.dll ()
O2 - BHO: (Bcool Class) - {607E944A-37F4-423B-ADBD-06359F098D07} - D:\ProgramData\Bcool\bhoclass.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - D:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Chew7Hale] D:\Windows\System32\hale.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [Windows Audio Device Graph Isolation] D:\Users\Leonhard\AppData\Roaming\Microsoft\Windows\Templates\audiodh.exe (Microsoft® Windows® Operating System)
O4 - HKLM..\Run: [Windows-Audio Driver] D:\ProgramData\wscntfy.exe (Test3)
O4 - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002..\Run: [Adobe(R) Updater] D:\Users\Momo\AppData\Roaming\Microsoft\Windows\Drivers\Drivers.exe (Microsoft Corp.)
O4 - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002..\Run: [Cracked Steam Service] "d:\program files\cracked steam\Cracked Steam.exe" /SERVICE File not found
O4 - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002..\Run: [Java(TM)Runtime] D:\Users\Momo\AppData\Roaming\Microsoft\Windows\Java\Runtime.exe (Microsoft Corp.)
O4 - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002..\Run: [Windows Audio Device Graph Isolation] D:\Users\Momo\AppData\Roaming\Microsoft\Windows\Templates\audiodh.exe (Microsoft® Windows® Operating System)
O4 - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002..\Run: [Windows-Audio Driver] D:\Users\Momo\AppData\Local\wscntfy.exe (Test3)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Windows-Network Component = D:\Program Files\Common Files\lsmass.exe (Test3)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1111964327-4217363313-2070244455-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Search the Web - D:\Programme\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A016F82-84A6-409D-82A5-49CD13CEDB81}: DhcpNameServer = 192.168.1.1 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0BD1E37-1F45-4982-B1A4-B8E88E4F6E9B}: DhcpNameServer = 192.168.1.1 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4952521-63A7-4963-97D8-CB2FB691DF9E}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0274181-1838-41BC-8877-25FF2B6B6FA0}: DhcpNameServer = 192.168.1.1 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EAFDF52A-E125-40F2-AFD1-7E20728F9F14}: DhcpNameServer = 192.168.1.1 195.34.133.21 212.186.211.21
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) - D:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\Users\Leonhard\AppData\Roaming\Microsoft\Windows\Drivers\Drivers.exe) - D:\Users\Leonhard\AppData\Roaming\Microsoft\Windows\Drivers\Drivers.exe (Microsoft Corp.)
O20 - HKLM Winlogon: UserInit - (D:\Users\Leonhard\AppData\Roaming\Microsoft\Windows\Java\Runtime.exe) - D:\Users\Leonhard\AppData\Roaming\Microsoft\Windows\Java\Runtime.exe (Microsoft Corp.)
O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.25 22:04:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006.03.24 13:06:41 | 000,000,053 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{1dfddf10-6a31-11e1-8cbd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1dfddf10-6a31-11e1-8cbd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\reatogoMenu.exe -- [2005.07.16 23:36:50 | 000,240,128 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1dfddf0d-6a31-11e1-8cbd-806e6f6e6963} - D:\ProgramData\wscntfy.exe -r
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - D:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - D:\Windows\system32\Rundll32.exe D:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9E090F62-4FE1-F6FB-971E-AC3ABBCEFA15} - D:\ProgramData\wscntfy.exe -r
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - D:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "D:\Windows\System32\rundll32.exe" "D:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - D:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoStart IR.lnk - D:\Programme\WinTV\Ir.exe - (Hauppauge Computer Works)
MsConfig - StartUpFolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - D:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe - (McAfee, Inc.)
MsConfig - StartUpFolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG111v3 Smart Wizard.lnk - D:\Programme\NETGEAR\WG111v3\WG111v3.exe - ()
MsConfig - StartUpFolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG311v3 Smart Wizard.lnk - D:\Programme\NETGEAR\WG311v3\WG311v3.exe - ()
MsConfig - StartUpFolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNDA3100v2 Setup-Assistent.lnk - D:\Programme\NETGEAR\WNDA3100v2\WNDA3100v2.exe - ()
MsConfig - StartUpFolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinTV Recording Status..lnk - D:\Programme\WinTV\WinTV7\WinTVTray.exe - (Hauppauge Computer Works, Inc.)
MsConfig - StartUpReg: Akamai NetSession Interface - hkey= - key= - D:\Users\Leonhard\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: ArcSoft Connection Service - hkey= - key= - File not found
MsConfig - StartUpReg: Chew7Hale - hkey= - key= - File not found
MsConfig - StartUpReg: Cracked Steam Service - hkey= - key= - File not found
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - D:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - D:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: PWRISOVM.EXE - hkey= - key= - D:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - D:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: StartCCC - hkey= - key= - D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig - StartUpReg: SweetIM - hkey= - key= - D:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
MsConfig - StartUpReg: Sweetpacks Communicator - hkey= - key= - D:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
MsConfig - StartUpReg: Windows Audio Device Graph Isolation - hkey= - key= - D:\Users\Leonhard\AppData\Roaming\Microsoft\Windows\Templates\audiodh.exe (Microsoft® Windows® Operating System)
MsConfig - StartUpReg: Windows-Audio Driver - hkey= - key= - D:\ProgramData\wscntfy.exe (Test3)
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
System Restore Service not available.
========== Files/Folders - Created Within 30 Days ==========
[2012.08.02 00:51:32 | 000,597,504 | ---- | C] (OldTimer Tools) -- D:\Users\Momo\Desktop\OTL.exe
[2012.08.01 23:21:22 | 000,000,000 | ---D | C] -- D:\Users\Momo\AppData\Roaming\uTorrent
[2012.08.01 22:07:17 | 000,000,000 | ---D | C] -- D:\OTLPE
[2012.08.01 21:49:36 | 000,000,000 | ---D | C] -- D:\_OTL
[2012.08.01 21:27:32 | 127,231,689 | ---- | C] (Igor Pavlov) -- D:\Users\Momo\Desktop\OTLPENet - Kopie.exe
[2012.08.01 20:36:32 | 127,231,689 | ---- | C] (Igor Pavlov) -- D:\Users\Momo\Desktop\OTLPENet.exe
[2012.08.01 20:31:59 | 000,000,000 | ---D | C] -- D:\Users\Momo\AppData\Roaming\Runscanner.net
[2012.08.01 18:15:31 | 000,000,000 | ---D | C] -- D:\Users\Momo\AppData\Roaming\LSoft Technologies
[2012.08.01 18:15:31 | 000,000,000 | ---D | C] -- D:\Users\Momo\AppData\Roaming\InstallShield Installation Information
[2012.08.01 18:15:31 | 000,000,000 | ---D | C] -- D:\Users\Momo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2012.08.01 18:01:25 | 000,000,000 | ---D | C] -- D:\Users\Momo\AppData\Roaming\dclogs
[2012.07.27 21:49:00 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\VoipBuster
[2012.07.27 21:48:59 | 000,000,000 | ---D | C] -- D:\Program Files\VoipBuster.com
[2012.07.22 21:28:33 | 000,000,000 | ---D | C] -- D:\Program Files\LOLReplay
[2012.07.18 23:50:35 | 000,036,928 | ---- | C] (microOLAP Technologies LTD) -- D:\Windows\System32\drivers\pssdk41.sys
[2012.07.18 23:49:40 | 000,000,000 | ---D | C] -- D:\Program Files\XLink Kai
[2012.07.18 23:48:19 | 000,096,784 | ---- | C] (CACE Technologies, Inc.) -- D:\Windows\System32\_packet.dlluninstall
[2012.05.28 14:12:17 | 000,069,632 | -H-- | C] (Test3) -- D:\Users\Momo\AppData\Local\wscntfy.exe
[2012.05.28 14:12:17 | 000,069,632 | -H-- | C] (Test3) -- D:\Users\Momo\AppData\Roaming\lsmass.exe
[2012.05.28 14:12:08 | 054,697,478 | ---- | C] (minecraftinstall.net ) -- D:\Users\Momo\AppData\Roaming\Minecraft_Cracked_v1.2.5.exe
[2012.05.26 15:04:01 | 000,069,632 | -H-- | C] (Test3) -- D:\ProgramData\wscntfy.exe
[2012.05.26 15:04:01 | 000,069,632 | -H-- | C] (Test3) -- D:\Program Files\Common Files\lsmass.exe
[2 D:\Windows\System32\*.tmp files -> D:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.08.02 00:57:58 | 414,292,812 | ---- | M] () -- D:\Windows\System32\cwlog.dtl
[2012.08.02 00:56:22 | 004,503,728 | ---- | M] () -- D:\ProgramData\ras_0oed.pad
[2012.08.02 00:51:35 | 000,597,504 | ---- | M] (OldTimer Tools) -- D:\Users\Momo\Desktop\OTL.exe
[2012.08.02 00:17:00 | 000,001,102 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.02 00:12:31 | 000,020,864 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.02 00:12:31 | 000,020,864 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.02 00:12:02 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.01 23:18:09 | 000,001,098 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.01 22:10:25 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2012.08.01 22:10:20 | 2515,148,800 | -HS- | M] () -- D:\hiberfil.sys
[2012.08.01 20:12:49 | 127,231,689 | ---- | M] (Igor Pavlov) -- D:\Users\Momo\Desktop\OTLPENet.exe
[2012.08.01 20:12:49 | 127,231,689 | ---- | M] (Igor Pavlov) -- D:\Users\Momo\Desktop\OTLPENet - Kopie.exe
[2012.07.22 21:28:33 | 000,001,851 | ---- | M] () -- D:\Users\Public\Desktop\LOL Recorder.lnk
[2012.07.22 21:11:34 | 000,069,632 | -H-- | M] (Test3) -- D:\Users\Momo\AppData\Local\wscntfy.exe
[2012.07.22 21:11:34 | 000,069,632 | -H-- | M] (Test3) -- D:\ProgramData\wscntfy.exe
[2012.07.22 21:11:34 | 000,069,632 | -H-- | M] (Test3) -- D:\Users\Momo\AppData\Roaming\lsmass.exe
[2012.07.22 21:11:34 | 000,069,632 | -H-- | M] (Test3) -- D:\Program Files\Common Files\lsmass.exe
[2012.07.18 23:50:35 | 000,036,928 | ---- | M] (microOLAP Technologies LTD) -- D:\Windows\System32\drivers\pssdk41.sys
[2012.07.18 23:17:11 | 000,696,620 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2012.07.18 23:17:11 | 000,651,938 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2012.07.18 23:17:11 | 000,147,916 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2012.07.18 23:17:11 | 000,120,870 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2012.07.14 22:33:39 | 002,195,552 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2012.07.14 01:14:49 | 000,002,290 | ---- | M] () -- D:\Users\Public\Desktop\Google Chrome.lnk
[2 D:\Windows\System32\*.tmp files -> D:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.01 17:38:33 | 004,503,728 | ---- | C] () -- D:\ProgramData\ras_0oed.pad
[2012.07.22 21:28:33 | 000,001,863 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
[2012.07.22 21:28:33 | 000,001,851 | ---- | C] () -- D:\Users\Public\Desktop\LOL Recorder.lnk
[2012.06.19 18:30:31 | 000,000,193 | ---- | C] () -- D:\Windows\WORDPAD.INI
[2012.04.26 14:24:58 | 000,001,326 | RHS- | C] () -- D:\Users\Momo\ntuser.pol
[2012.03.21 23:28:33 | 001,590,912 | ---- | C] () -- D:\Windows\DarkSteam Uninstaller.exe
[2012.03.11 01:34:29 | 002,169,856 | -HS- | C] () -- D:\Windows\System32\hale.exe
[2012.03.10 00:24:14 | 000,000,000 | ---- | C] () -- D:\Windows\ativpsrm.bin
[2012.03.10 00:20:56 | 000,003,929 | ---- | C] () -- D:\Windows\System32\atipblag.dat
[2012.03.10 00:14:07 | 000,000,209 | ---- | C] () -- D:\Windows\ODBCINST.INI
[2012.03.10 00:14:07 | 000,000,135 | ---- | C] () -- D:\Windows\ODBC.INI
[2012.03.10 00:13:23 | 000,000,265 | ---- | C] () -- D:\Windows\HCWBlast.ini
[2012.03.10 00:12:53 | 000,037,639 | ---- | C] () -- D:\Windows\Irremote.ini
[2012.03.10 00:12:45 | 000,142,337 | ---- | C] () -- D:\Windows\System32\Wait.exe
[2012.03.10 00:11:41 | 000,002,378 | ---- | C] () -- D:\Windows\HCWPNP.INI
[2012.01.23 16:43:06 | 004,130,816 | ---- | C] () -- D:\Windows\System32\LS3Renderer.dll
[2011.07.28 18:49:12 | 000,053,760 | ---- | C] () -- D:\Windows\System32\OVDecode.dll
[2011.06.27 20:53:02 | 000,234,855 | ---- | C] () -- D:\Windows\System32\atiicdxx.dat
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- D:\Windows\System32\RtNicProp32.dll
[2010.11.21 02:46:14 | 000,696,620 | ---- | C] () -- D:\Windows\System32\perfh007.dat
[2010.11.21 02:46:14 | 000,295,922 | ---- | C] () -- D:\Windows\System32\perfi007.dat
[2010.11.21 02:46:14 | 000,147,916 | ---- | C] () -- D:\Windows\System32\perfc007.dat
[2010.11.21 02:46:14 | 000,038,104 | ---- | C] () -- D:\Windows\System32\perfd007.dat
[2010.11.20 23:29:26 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe
========== LOP Check ==========
[2012.07.01 18:19:16 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\.minecraft
[2012.03.16 17:52:25 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\Babylon
[2012.06.02 21:37:14 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\BabylonToolbar
[2012.03.10 17:46:38 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.03.17 00:12:45 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\DAEMON Tools Lite
[2012.08.01 00:00:37 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\dclogs
[2012.03.15 19:22:55 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\LolClient
[2012.05.24 19:30:00 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\LolClient2
[2012.03.11 12:19:53 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\MAXON
[2012.03.20 21:51:05 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\OpenCandy
[2012.03.11 00:45:54 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\Publish Providers
[2012.03.10 16:27:14 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\Red Giant Link
[2012.07.30 19:54:53 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\Secure-Soft Stealer
[2012.03.11 00:46:42 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\Sony
[2012.05.21 21:29:31 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\SYSTEMAX Software Development
[2012.05.01 15:18:28 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\TuneUpMedia
[2012.03.17 22:04:42 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\Tunngle
[2012.05.23 19:48:24 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\uTorrent
[2012.07.27 21:53:48 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\VoipBuster
[2012.07.18 23:59:45 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\XLink Kai
[2012.06.02 21:36:58 | 000,000,000 | ---D | M] -- D:\Users\Leonhard\AppData\Roaming\YourFileDownloader
[2012.03.22 12:37:34 | 000,000,000 | ---D | M] -- D:\Users\Momo\AppData\Roaming\DAEMON Tools Lite
[2012.08.02 00:11:49 | 000,000,000 | ---D | M] -- D:\Users\Momo\AppData\Roaming\dclogs
[2012.03.17 20:01:33 | 000,000,000 | ---D | M] -- D:\Users\Momo\AppData\Roaming\LolClient
[2012.08.01 18:15:31 | 000,000,000 | ---D | M] -- D:\Users\Momo\AppData\Roaming\LSoft Technologies
[2012.08.01 20:31:59 | 000,000,000 | ---D | M] -- D:\Users\Momo\AppData\Roaming\Runscanner.net
[2012.08.02 00:56:30 | 000,000,000 | ---D | M] -- D:\Users\Momo\AppData\Roaming\uTorrent
[2012.06.25 21:50:12 | 000,032,640 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.03.14 20:30:52 | 000,000,000 | -HSD | M] -- D:\$Recycle.Bin
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- D:\Documents and Settings
[2012.03.09 23:55:45 | 000,000,000 | -HSD | M] -- D:\Dokumente und Einstellungen
[2012.03.10 23:56:54 | 000,000,000 | ---D | M] -- D:\Fraps
[2012.08.01 22:07:17 | 000,000,000 | ---D | M] -- D:\OTLPE
[2012.08.01 17:54:59 | 000,000,000 | R--D | M] -- D:\Program Files
[2012.08.01 17:38:33 | 000,000,000 | -H-D | M] -- D:\ProgramData
[2012.03.09 23:55:45 | 000,000,000 | -HSD | M] -- D:\Programme
[2012.03.09 23:55:45 | 000,000,000 | -HSD | M] -- D:\Recovery
[2012.02.29 19:43:44 | 000,000,000 | -HSD | M] -- D:\RECYCLER
[2012.04.26 14:45:01 | 000,000,000 | ---D | M] -- D:\Riot Games
[2012.05.27 10:52:49 | 000,000,000 | -HSD | M] -- D:\System Volume Information
[2012.03.14 20:30:47 | 000,000,000 | R--D | M] -- D:\Users
[2012.07.04 20:57:58 | 000,000,000 | ---D | M] -- D:\Windows
[2012.08.01 21:49:36 | 000,000,000 | ---D | M] -- D:\_OTL
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
[2012.07.22 21:11:34 | 000,069,632 | -H-- | M] (Test3) -- D:\Users\Momo\AppData\Local\wscntfy.exe
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- D:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- D:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- D:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- D:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- D:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- D:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- D:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- D:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- D:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
< MD5 for: IASTORV.SYS >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- D:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- D:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- D:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- D:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- D:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- D:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 23:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- D:\Windows\System32\netlogon.dll
[2010.11.20 23:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- D:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- D:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- D:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- D:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- D:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- D:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- D:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- D:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- D:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.20 23:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=BE8C64439F1E2AF088063218C16EB9FE -- D:\Windows\System32\user32.dll
[2010.11.20 23:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- D:\ProgramData\Microsoft\Windows\SXS\32\user32.dll
[2010.11.20 23:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- D:\Users\All Users\Microsoft\Windows\SXS\32\user32.dll
[2010.11.20 23:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- D:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- D:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- D:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 23:29:06 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=1562571D6B1541098E677C3BB78709A0 -- D:\Windows\System32\winlogon.exe
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- D:\ProgramData\Microsoft\Windows\SXS\32\winlogon.exe
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- D:\Users\All Users\Microsoft\Windows\SXS\32\winlogon.exe
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- D:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- D:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2010.11.20 23:29:24 | 000,193,536 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\Windows\system32\sppcomapi.dll
[2 D:\Windows\system32\*.tmp files -> D:\Windows\system32\*.tmp -> ]
< %USERPROFILE%\*.* >
[2012.08.02 01:03:56 | 001,048,576 | -HS- | M] () -- D:\Users\Momo\ntuser.dat
[2012.08.02 01:03:56 | 000,262,144 | -HS- | M] () -- D:\Users\Momo\ntuser.dat.LOG1
[2012.03.14 20:30:47 | 000,000,000 | -HS- | M] () -- D:\Users\Momo\ntuser.dat.LOG2
[2012.03.14 21:52:45 | 000,065,536 | -HS- | M] () -- D:\Users\Momo\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012.03.14 21:52:45 | 000,524,288 | -HS- | M] () -- D:\Users\Momo\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012.03.14 21:52:45 | 000,524,288 | -HS- | M] () -- D:\Users\Momo\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012.03.14 20:30:47 | 000,000,020 | -HS- | M] () -- D:\Users\Momo\ntuser.ini
[2012.04.26 14:24:58 | 000,001,326 | RHS- | M] () -- D:\Users\Momo\ntuser.pol
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< End of report >
--- --- ---
Extras.txtOTL Logfile: Code:
OTL Extras logfile created on: 02.08.2012 00:55:20 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = D:\Users\Momo\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,12 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 48,72% Memory free
6,24 Gb Paging File | 4,47 Gb Available in Paging File | 71,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 195,31 Gb Total Space | 14,19 Gb Free Space | 7,27% Space Free | Partition Type: NTFS
Drive D: | 78,13 Gb Total Space | 16,48 Gb Free Space | 21,10% Space Free | Partition Type: NTFS
Drive E: | 436,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PX1-L | User Name: Momo | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- D:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1111964327-4217363313-2070244455-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "D:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "D:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{23CA88A9-5272-498F-8CC5-96DD1490EC1B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2A4B04A3-AEC8-4BDD-A89C-2B01D9003AB4}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2C618816-AFDB-4A4F-81F8-65D361C93916}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2E69ED20-04D5-44E3-A1E3-232739E93A88}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{58ECA4AA-A785-4A89-8B11-CA0522436331}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{87812800-F570-4FC7-BC89-C581D2CA61BC}" = lport=4000 | protocol=6 | dir=out | app=d:\program files\dll-files.com fixer\dllfixer.exe |
"{8A2E4398-84BE-4FCE-B620-805FB95231FF}" = rport=2869 | protocol=6 | dir=out | app=system |
"{A5C2F6CB-EFA0-4AA6-90B3-77BD0106D7D4}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{ACCB03CB-0FCF-441B-9920-23BD835601C2}" = lport=4000 | protocol=6 | dir=out | app=d:\program files\dll-files.com fixer\dllfixer.exe |
"{C6D7BC42-8600-40DD-AD01-23B563D4C6E3}" = lport=4000 | protocol=6 | dir=out | app=d:\program files\dll-files.com fixer\dllfixer.exe |
"{E7E475A7-6559-4B6C-87EF-03C73D54FCEB}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F32C794-039F-436C-8EEC-A8DD7D90D3AD}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{1386E2AF-8881-4689-8091-EB7392479AF6}" = protocol=6 | dir=in | app=d:\program files\utorrent\utorrent.exe |
"{17A3C477-C782-4BFA-A794-0D7CD9CF675A}" = protocol=6 | dir=in | app=d:\program files\lolreplay\lolreplay.exe |
"{1899B552-EDFA-4A33-B678-8481D6B5B442}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{2AFD8B7E-35D3-4E33-B87D-88BEC5686448}" = protocol=17 | dir=in | app=d:\program files\common files\lsmass.exe |
"{3082FDB8-4569-4EC4-B14C-2F8728AFAD53}" = protocol=17 | dir=in | app=d:\program files\voipbuster.com\voipbuster\voipbuster.exe |
"{34463476-CCF6-4DD0-A8E2-A7ED0F2548FC}" = protocol=17 | dir=in | app=d:\programdata\wscntfy.exe |
"{39D3892B-E891-40D9-9886-DC491662A151}" = protocol=17 | dir=in | app=d:\program files\cracked steam\steam.exe |
"{3D07AE4A-C456-474D-BCD2-0B5D52B48206}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{46736385-BB7E-42F8-B240-BDDB6CC9585F}" = protocol=6 | dir=in | app=d:\program files\cracked steam\steam.exe |
"{4C247219-F7C3-4D06-B7A5-CFEA23C91B41}" = protocol=6 | dir=in | app=d:\program files\common files\lsmass.exe |
"{51F7E755-C15C-4445-ACFF-E9EFAB28C97E}" = protocol=6 | dir=in | app=d:\program files\common files\lsmass.exe |
"{54D141AA-49DB-41F8-81CB-F53F2C3D0314}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{60EC62D7-3EDC-4625-AA42-8F16CA3C58EE}" = protocol=6 | dir=in | app=d:\programdata\wscntfy.exe |
"{63DB39BE-1FCD-4BD1-85E0-A0C2EE75C56D}" = protocol=17 | dir=in | app=d:\program files\yourfiledownloader\downloader.exe |
"{710D35FD-BCDB-46C7-91EB-AA8C0C49893D}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{739E8F61-BE7A-414A-9A34-13C17B70B128}" = dir=in | app=d:\program files\itunes\itunes.exe |
"{79D22AF5-8AAF-4557-9742-C75DE84787FF}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{7ED18740-E055-415C-A209-A33FD72A533B}" = protocol=17 | dir=in | app=d:\windows\system32\msiexec.exe |
"{7FA74563-733F-44A7-AB65-F6E52A10A25A}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{897C1A1E-73D9-4533-9B61-5ACE812075F6}" = protocol=6 | dir=in | app=d:\program files\yourfiledownloader\downloader.exe |
"{8A7B85DF-BBBF-41B0-8827-A95C711DECBE}" = protocol=6 | dir=in | app=d:\program files\yourfiledownloader\yourfile.exe |
"{8CE188A6-5492-4E69-9EBD-9EAA2ACEACD8}" = protocol=6 | dir=in | app=d:\programdata\wscntfy.exe |
"{96B197B4-205A-4F32-B226-BA652C639CBA}" = protocol=17 | dir=in | app=d:\program files\utorrent\utorrent.exe |
"{9B0D85E5-900C-49F6-B7BF-1908730AD9A3}" = protocol=17 | dir=in | app=d:\programdata\wscntfy.exe |
"{A6E48ABD-E3FB-4F39-A916-39A0046A0EB0}" = protocol=17 | dir=in | app=d:\program files\common files\lsmass.exe |
"{BB54553B-C28C-4BD8-8860-0D27806C8D09}" = protocol=6 | dir=in | app=d:\program files\voipbuster.com\voipbuster\voipbuster.exe |
"{D21BFE61-7F9A-40C9-8CC1-5915C1291188}" = protocol=6 | dir=in | app=d:\program files\xlink kai\kaiengine.exe |
"{E3EA7223-A866-47C4-AB5D-572E05ED705D}" = protocol=17 | dir=in | app=d:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{E6C2752D-F479-4744-AF6F-2105EE9E4AA5}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{ED7AD0D3-8768-4DE3-8C72-538F0A753CB7}" = protocol=17 | dir=in | app=d:\program files\yourfiledownloader\yourfile.exe |
"{F0B553BA-E80A-47C9-9C2A-6F60DB708943}" = protocol=6 | dir=in | app=d:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{F117C7D6-7BB3-4B21-9F2C-54E0FF5FA53C}" = protocol=17 | dir=in | app=d:\program files\lolreplay\lolreplay.exe |
"{FE71B09F-3FBC-4FFC-82AD-ABDF5290A53D}" = protocol=6 | dir=in | app=d:\windows\system32\msiexec.exe |
"{FF635BCF-5A18-4EB9-B490-1E92FB8AD098}" = protocol=17 | dir=in | app=d:\program files\xlink kai\kaiengine.exe |
"TCP Query User{064EC7F2-2C6B-4DFD-8369-4CC4D596103F}D:\program files\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe" = protocol=6 | dir=in | app=d:\program files\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"TCP Query User{09473858-FA79-4082-A0E8-F2A23132A03F}D:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"TCP Query User{1BF8D319-8070-46C6-8DC5-05FEE2DC6F55}F:\aaaaaaaaaa\activision\call of duty - world at war\codwaw lanfixed.exe" = protocol=6 | dir=in | app=f:\aaaaaaaaaa\activision\call of duty - world at war\codwaw lanfixed.exe |
"TCP Query User{1F96082A-FCE1-47D3-848C-A8E41ACE3376}D:\program files\xlink kai\kaiengine.exe" = protocol=6 | dir=in | app=d:\program files\xlink kai\kaiengine.exe |
"TCP Query User{267A2A38-BE67-4C5D-A0AD-8FBE7D560094}D:\program files\call of duty modern warfare 3\iw5mp_server.exe" = protocol=6 | dir=in | app=d:\program files\call of duty modern warfare 3\iw5mp_server.exe |
"TCP Query User{3303048D-1EA8-426C-B9C0-D31C62F95FAC}D:\users\leonhard\appdata\local\temp\{3559e99b-f04a-bf09-5de2-b868eebacb6d}\codec_enum.exe" = protocol=6 | dir=in | app=d:\users\leonhard\appdata\local\temp\{3559e99b-f04a-bf09-5de2-b868eebacb6d}\codec_enum.exe |
"TCP Query User{39DCAD95-77D1-4F87-8D93-D21CD520A09E}D:\users\leonhard\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=d:\users\leonhard\appdata\local\akamai\netsession_win.exe |
"TCP Query User{3EDDD76A-5B50-4399-86CC-2F7A8B7CF364}D:\program files\sony\vegas pro 11.0\vegas110.exe" = protocol=6 | dir=in | app=d:\program files\sony\vegas pro 11.0\vegas110.exe |
"TCP Query User{3FB78062-57E0-410A-90C8-7209E4AEDF6D}D:\users\momo\appdata\local\wscntfy.exe" = protocol=6 | dir=in | app=d:\users\momo\appdata\local\wscntfy.exe |
"TCP Query User{44668862-8C15-4B5F-9DF6-A3CC8B2D51CC}F:\aaaaaaaaaa\activision\call of duty - world at war\codwawmp.exe" = protocol=6 | dir=in | app=f:\aaaaaaaaaa\activision\call of duty - world at war\codwawmp.exe |
"TCP Query User{4C894443-D162-4F54-9ED8-495935A28E3C}D:\programdata\wscntfy.exe" = protocol=6 | dir=in | app=d:\programdata\wscntfy.exe |
"TCP Query User{5969301E-6DC8-45FA-99B2-994473E5DFBF}D:\users\leonhard\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=d:\users\leonhard\appdata\local\akamai\netsession_win.exe |
"TCP Query User{5B5BADE8-F50E-48AF-84A1-45513D7CD695}I:\aaaaaaaaaa\cod mw3\call of duty modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=i:\aaaaaaaaaa\cod mw3\call of duty modern warfare 3\iw5mp.exe |
"TCP Query User{63FCA205-B647-48C7-960B-2E93373EAA1E}D:\program files\spiele\call of duty modern warfare 3\iw5mp_server.exe" = protocol=6 | dir=in | app=d:\program files\spiele\call of duty modern warfare 3\iw5mp_server.exe |
"TCP Query User{6F97F258-0BB0-482B-A824-DC6B2CB16EC4}D:\program files\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=d:\program files\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"TCP Query User{737CCB5C-7E7C-4F31-9B0A-20D44D465143}D:\program files\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=d:\program files\jdownloader\jre\bin\javaw.exe |
"TCP Query User{8192980C-B562-4740-B9CB-5A0DC9988C35}D:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=d:\program files\skype\phone\skype.exe |
"TCP Query User{89383FEB-EFF6-43FB-A9BD-3F24DBF89DDE}D:\program files\activision\call of duty - world at war\codwaw lanfixed.exe" = protocol=6 | dir=in | app=d:\program files\activision\call of duty - world at war\codwaw lanfixed.exe |
"TCP Query User{950E77CF-DCB7-4CFD-84F4-C8BC88C89CD6}G:\call of duty - black ops\blackopsmp.exe" = protocol=6 | dir=in | app=g:\call of duty - black ops\blackopsmp.exe |
"TCP Query User{A8093F18-6A4F-4719-ACD5-AFD36A5DF7DE}D:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=d:\program files\skype\phone\skype.exe |
"TCP Query User{AEE7BA7E-FE01-4AA5-8629-4D94CDE7A51E}D:\users\leonhard\appdata\local\temp\rar$exa0.811\iw5mp_server.exe" = protocol=6 | dir=in | app=d:\users\leonhard\appdata\local\temp\rar$exa0.811\iw5mp_server.exe |
"TCP Query User{B9F2266C-75E5-4E9E-8925-67441A98AB77}D:\program files\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=d:\program files\lolreplay\lolreplay.exe |
"TCP Query User{C2372C53-384A-4159-92C3-7168A37DA601}D:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=d:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{C52FD7DA-2CE0-4665-8CD1-96FE7FC0CDE6}D:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"TCP Query User{C5EC6D15-183B-4A65-AC9A-9209C9ABE030}D:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=d:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{D056D877-15C2-436C-BD8B-AC37221E6AA0}D:\program files\spiele\call of duty modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=d:\program files\spiele\call of duty modern warfare 3\iw5mp.exe |
"TCP Query User{D659AC1E-E75A-4785-91FB-F1385CFB7B71}D:\program files\common files\lsmass.exe" = protocol=6 | dir=in | app=d:\program files\common files\lsmass.exe |
"TCP Query User{D7769235-84C0-4C40-970F-85CFAE17ACAE}C:\programme\xlink kai\kaiengine.exe" = protocol=6 | dir=in | app=c:\programme\xlink kai\kaiengine.exe |
"TCP Query User{DF3688A4-AF86-4CF9-866F-D3EB56D532CF}D:\program files\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=d:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{E584436F-36AB-4E62-8D74-6BA0219ED722}D:\program files\call of duty modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=d:\program files\call of duty modern warfare 3\iw5mp.exe |
"TCP Query User{ED04B110-595F-4D45-A7F7-EB60CC1ED8C9}F:\call of duty - black ops\blackopsmp.exe" = protocol=6 | dir=in | app=f:\call of duty - black ops\blackopsmp.exe |
"TCP Query User{F031E205-8191-4A38-A2AC-47088C0588FB}D:\program files\steam\steam.exe" = protocol=6 | dir=in | app=d:\program files\steam\steam.exe |
"TCP Query User{F18B493D-D431-4710-B74D-13D230831A38}D:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"TCP Query User{F6A3E1E0-BC19-476F-80AA-F55CCAE5106C}D:\users\leonhard\downloads\utorrent.exe" = protocol=6 | dir=in | app=d:\users\leonhard\downloads\utorrent.exe |
"TCP Query User{F990ACF0-D7E1-4EA5-80E5-D8B4C1A328BE}D:\program files\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=d:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{FD9CD066-4241-4350-BD36-3EB5A95BD52B}F:\aaaaaaaaaa\cod mw3\call of duty modern warfare 3\iw5sp.exe" = protocol=6 | dir=in | app=f:\aaaaaaaaaa\cod mw3\call of duty modern warfare 3\iw5sp.exe |
"UDP Query User{07EBE539-B6BF-4DC8-9EAF-08081343D80B}D:\program files\xlink kai\kaiengine.exe" = protocol=17 | dir=in | app=d:\program files\xlink kai\kaiengine.exe |
"UDP Query User{0A2031FD-D281-4B95-8215-8C6419797AED}D:\program files\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=d:\program files\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"UDP Query User{0B386EBE-D7AD-4030-B098-3C8B482FB28B}D:\program files\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe" = protocol=17 | dir=in | app=d:\program files\cracked steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"UDP Query User{0DADC9E4-CD9B-4287-AA4B-1DAB87CAB5F6}D:\programdata\wscntfy.exe" = protocol=17 | dir=in | app=d:\programdata\wscntfy.exe |
"UDP Query User{0DF75900-7FC4-486D-8E1E-D25E7F40E8B5}D:\program files\call of duty modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=d:\program files\call of duty modern warfare 3\iw5mp.exe |
"UDP Query User{0FF952E9-DA89-4AEC-ABD4-E2C36637CCF0}D:\program files\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=d:\program files\jdownloader\jre\bin\javaw.exe |
"UDP Query User{14038F46-6868-4B32-9F2A-84CEB8B1B72E}D:\users\leonhard\appdata\local\temp\{3559e99b-f04a-bf09-5de2-b868eebacb6d}\codec_enum.exe" = protocol=17 | dir=in | app=d:\users\leonhard\appdata\local\temp\{3559e99b-f04a-bf09-5de2-b868eebacb6d}\codec_enum.exe |
"UDP Query User{1B5DE88B-DB21-4EDB-8270-7BF63453402D}G:\call of duty - black ops\blackopsmp.exe" = protocol=17 | dir=in | app=g:\call of duty - black ops\blackopsmp.exe |
"UDP Query User{22E69DFE-222D-4560-BD4F-5D61460C9CFE}D:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"UDP Query User{284377BB-E3E2-4200-9C4D-FC64365E7F94}D:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=d:\program files\skype\phone\skype.exe |
"UDP Query User{291F6918-1649-4734-B4F3-95C66A5FE19B}C:\programme\xlink kai\kaiengine.exe" = protocol=17 | dir=in | app=c:\programme\xlink kai\kaiengine.exe |
"UDP Query User{2DBF8DF5-DF8B-42D1-9CCA-00219189D126}F:\aaaaaaaaaa\activision\call of duty - world at war\codwawmp.exe" = protocol=17 | dir=in | app=f:\aaaaaaaaaa\activision\call of duty - world at war\codwawmp.exe |
"UDP Query User{323114DE-AEA2-49D9-AFA8-00569928E185}D:\program files\spiele\call of duty modern warfare 3\iw5mp_server.exe" = protocol=17 | dir=in | app=d:\program files\spiele\call of duty modern warfare 3\iw5mp_server.exe |
"UDP Query User{331CA6BE-D227-4E6C-8C6B-AE9AA3D4067E}D:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=d:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{3753E1AB-1771-46F7-95E9-B4462D7570C9}D:\program files\spiele\call of duty modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=d:\program files\spiele\call of duty modern warfare 3\iw5mp.exe |
"UDP Query User{54CE616F-08D0-4A0C-933D-1D513F33C834}D:\program files\call of duty modern warfare 3\iw5mp_server.exe" = protocol=17 | dir=in | app=d:\program files\call of duty modern warfare 3\iw5mp_server.exe |
"UDP Query User{58E9A4B6-D6F7-4970-9393-279C3BB41A02}D:\program files\activision\call of duty - world at war\codwaw lanfixed.exe" = protocol=17 | dir=in | app=d:\program files\activision\call of duty - world at war\codwaw lanfixed.exe |
"UDP Query User{62113AA3-20B7-4FBC-9A78-1AF1A2183F72}D:\users\leonhard\appdata\local\temp\rar$exa0.811\iw5mp_server.exe" = protocol=17 | dir=in | app=d:\users\leonhard\appdata\local\temp\rar$exa0.811\iw5mp_server.exe |
"UDP Query User{709E7A86-4692-4092-8998-2923568AEFBD}D:\users\momo\appdata\local\wscntfy.exe" = protocol=17 | dir=in | app=d:\users\momo\appdata\local\wscntfy.exe |
"UDP Query User{79139600-D783-4BA0-8A24-83AEEDD84986}D:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=d:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{8527A5EE-E021-4C35-8B7D-80CACF93A63C}F:\call of duty - black ops\blackopsmp.exe" = protocol=17 | dir=in | app=f:\call of duty - black ops\blackopsmp.exe |
"UDP Query User{8C316C5A-2BC2-4E22-ADB0-248545BF0FB7}F:\aaaaaaaaaa\cod mw3\call of duty modern warfare 3\iw5sp.exe" = protocol=17 | dir=in | app=f:\aaaaaaaaaa\cod mw3\call of duty modern warfare 3\iw5sp.exe |
"UDP Query User{8F9266AF-F992-4430-9859-A1F54CD300B3}D:\program files\common files\lsmass.exe" = protocol=17 | dir=in | app=d:\program files\common files\lsmass.exe |
"UDP Query User{957A5947-ADDF-4DF9-A2FD-C53FB25A010E}D:\program files\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=d:\program files\pando networks\media booster\pmb.exe |
"UDP Query User{967BB62F-826D-4822-836C-6E92F58FC0BF}D:\program files\steam\steam.exe" = protocol=17 | dir=in | app=d:\program files\steam\steam.exe |
"UDP Query User{A9E2C40B-2ACC-4DD9-83AB-F5D2DE63ADB1}D:\program files\sony\vegas pro 11.0\vegas110.exe" = protocol=17 | dir=in | app=d:\program files\sony\vegas pro 11.0\vegas110.exe |
"UDP Query User{ACD6DB40-A95B-428C-B5FC-BEEE8A4A96B7}D:\users\leonhard\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=d:\users\leonhard\appdata\local\akamai\netsession_win.exe |
"UDP Query User{B594F158-445C-4E76-9C57-526E93D48957}D:\program files\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=d:\program files\pando networks\media booster\pmb.exe |
"UDP Query User{CA06EB6B-7630-45BB-AEA3-DB24F5C98778}D:\users\leonhard\downloads\utorrent.exe" = protocol=17 | dir=in | app=d:\users\leonhard\downloads\utorrent.exe |
"UDP Query User{D0AE43DF-3F4C-47F8-A885-13E70DAE1210}D:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"UDP Query User{D6E6B6FC-3766-4787-A752-9C9F64339D46}D:\users\leonhard\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=d:\users\leonhard\appdata\local\akamai\netsession_win.exe |
"UDP Query User{DBC185DE-C29A-4A41-AF31-932356020E1E}I:\aaaaaaaaaa\cod mw3\call of duty modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=i:\aaaaaaaaaa\cod mw3\call of duty modern warfare 3\iw5mp.exe |
"UDP Query User{DC38BB98-DC16-4587-9C59-85FE344BC50C}F:\aaaaaaaaaa\activision\call of duty - world at war\codwaw lanfixed.exe" = protocol=17 | dir=in | app=f:\aaaaaaaaaa\activision\call of duty - world at war\codwaw lanfixed.exe |
"UDP Query User{E854256A-E104-43C3-BA60-1F22E8DBA3C6}D:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=d:\program files\skype\phone\skype.exe |
"UDP Query User{E9A2269E-EF5F-4F97-AA5A-B7A84283DF21}D:\program files\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=d:\program files\lolreplay\lolreplay.exe |
"UDP Query User{EA82A464-1321-489D-A068-9F874BB1DF77}D:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}" = SweetIM for Messenger 3.6
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0FF3D021-5ED4-11E1-8FD8-F04DA23A5C58}" = Vegas Pro 11.0
"{10F19A25-A5FE-1334-1A48-C37032A08208}" = AMD VISION Engine Control Center
"{147894EE-5ED4-11E1-A8FF-F04DA23A5C58}" = MSVCRT Redists
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18246ED0-1970-9D8C-EB0F-2BF4962327DD}" = CCC Help French
"{189B9ACF-DBA6-4F52-8726-2E11049FB1F7}" = HydraVision
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1B5C78D9-CC19-C054-F6D2-9E0650E969F3}" = AMD AVIVO Codecs
"{1DA27F36-93EB-E82F-2DA3-48F13C0153CD}" = Catalyst Control Center InstallProxy
"{20E7BC40-33F6-4A81-9D52-B58349326206}" = Bcool
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{29D07EFD-7573-9A5F-1A74-4FB4B9184730}" = CCC Help Swedish
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2EF17083-57D4-4D64-AE4F-55F32A2C4571}" = Codecv
"{3626DA21-09B2-C64E-7CC8-674EEFBCDB53}" = CCC Help Norwegian
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}" = NETGEAR WNDA3100v2 wireless USB 2.0 adapter
"{400F6E99-D662-2C80-F973-EFE51F7E8689}" = CCC Help Dutch
"{40579567-65A8-C644-805D-AE6FB1FAADA9}" = AMD Catalyst Install Manager
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4653DA78-3DB2-4F38-A35D-675CA0AF49CA}" = ArcSoft ShowBiz
"{46F2587F-284F-AAD9-160B-C6238143B0B9}" = CCC Help Russian
"{48B36F68-31CB-9B23-355C-A456D2E557E5}" = CCC Help Chinese Traditional
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{57BC1FEB-421D-469C-B07B-C8095596A224}" = XLink Kai
"{5B58EF61-85F2-4977-97A5-84C19F926579}" = SweetPacks Toolbar for Internet Explorer 4.5
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62887984-9C88-85E5-E530-E7763F7B855A}" = CCC Help Turkish
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{694C704F-36C6-579C-5760-4BC5939D5734}" = CCC Help Spanish
"{6A8ABAA6-00B4-FABD-CA82-DEDB3513B927}" = CCC Help Korean
"{6BBA932D-07C3-161B-C862-9568C57DE229}" = CCC Help Thai
"{6C0577F8-1A75-2CE8-C3EA-33076BCEA75E}" = CCC Help Polish
"{70014586-7BBA-4A92-A610-CDC896C48F8F}" = NETGEAR WG311v3 PCI Adapter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1" = Cinema 4D version R12
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84C19F04-6DA8-7E5C-273E-647B49DC2C6C}" = CCC Help Chinese Standard
"{86931FD7-C385-1EA1-628E-4CE1ED572B28}" = CCC Help Italian
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98DEB421-373E-50D1-2497-FF43E8F10C34}" = AMD Drag and Drop Transcoding
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B754908E-3C3A-893A-1C91-03FBA7D9C513}" = CCC Help Finnish
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C2F5DEC2-F0E7-0E88-FCF8-22671AAA26A3}" = Catalyst Control Center Localization All
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C4D6CF2F-4497-07B3-9748-66F5EDB3CAD0}" = CCC Help English
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CABD1746-37AE-BCF8-DC84-4FECAF6D54B7}" = CCC Help Czech
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D33C9F5F-D419-9023-A3D4-37270795321E}" = AMD Fuel
"{D6C67506-3B4E-C2F0-C3E1-3429BD30AB44}" = CCC Help Japanese
"{D886BB13-35A9-4BC8-501F-59E6FDA3D77C}" = CCC Help Portuguese
"{DC99E31C-B2F1-0B4B-5FE3-C3288FE1ED35}" = Catalyst Control Center Graphics Previews Common
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{DE0A5F59-BF33-C7AA-4085-14156F364B09}" = CCC Help Greek
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E09A814D-1713-A0C5-D301-5D92C59942A2}" = CCC Help German
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EE77405A-E228-9170-7C52-ED91905AC876}" = ccc-utility
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F00D2A31-91A7-E202-7D88-18244EB03926}" = CCC Help Danish
"{F1611587-EA33-4B20-BDFD-58EAD0A080BA}" = Magic Bullet Suite 32-bit
"{F19FCD9C-41D7-E1D8-A6BC-323965C89E4F}" = CCC Help Hungarian
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FCED93CA-D124-E9A6-500C-5DBFD284FB67}" = AMD Media Foundation Decoders
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"5513-1208-7298-9440" = JDownloader 0.9
"6F64DF2E-3B8E-41DB-89E4-75BD3F370CDE_is1" = Cracked Steam
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Akamai" = Akamai NetSession Interface Service
"Astroburn Lite" = Astroburn Lite
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BabylonToolbar" = Babylon toolbar on IE
"Call of Duty Modern Warfare 3 (c) Activision_is1" = Call of Duty Modern Warfare 3 (c) Activision version 1
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DAEMON Tools Lite" = DAEMON Tools Lite
"DarkSteam" = DarkSteam
"DivX Setup" = DivX-Setup
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"iLivid" = iLivid
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"InstallShield_{70014586-7BBA-4A92-A610-CDC896C48F8F}" = NETGEAR WG311v3 PCI Adapter
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{F1611587-EA33-4B20-BDFD-58EAD0A080BA}" = Magic Bullet Suite 32-bit
"LOLReplay" = LOLReplay
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NSS" = Norton Security Scan
"PacSteamT" = PacSteamT
"PaintToolSAI" = PaintTool SAI Ver.1
"PowerISO" = PowerISO
"Steam App 23360" = FINAL FANTASY XI
"Steam App 32120" = Chainz 2: Relinked
"Steam App 32440" = Lego Star Wars Saga
"Steam App 32510" = Lego Star Wars 3: The Clone Wars
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 47850" = FIFA Manager 11
"Steam App 91310" = Dead Island
"Steam App 99830" = Crysis 2
"TuneUpMedia" = TuneUp Companion 2.4.2
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.1
"VoipBuster_is1" = VoipBuster
"WinRAR archiver" = WinRAR 4.11 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1111964327-4217363313-2070244455-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
========== Last 10 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
--- --- --- |
