| RedScorpi | 05.11.2010 16:59 |
also ich habe das mal gemacht und hoffe das es richtig ist:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4052
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
04.11.2010 18:51:47
mbam-log-2010-11-04 (18-51-47).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 125765
Laufzeit: 5 Minute(n), 21 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden) und das:OTL Logfile: Code:
OTL logfile created on: 04.11.2010 19:20:06 - Run 2
OTL by OldTimer - Version 3.2.17.2 Folder = D:\Users\Public\Desktop\MFtools
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive D: | 69,25 Gb Total Space | 14,88 Gb Free Space | 21,48% Space Free | Partition Type: NTFS
Drive E: | 69,25 Gb Total Space | 16,58 Gb Free Space | 23,94% Space Free | Partition Type: NTFS
Drive S: | 1397,26 Gb Total Space | 358,66 Gb Free Space | 25,67% Space Free | Partition Type: NTFS
Computer Name: REDSCORPIONS-PC | User Name: RedScorpions | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010.11.04 18:24:58 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Users\Public\Desktop\MFtools\OTL.exe
PRC - [2010.10.29 10:51:03 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Programme\2. Software\Mozilla\firefox.exe
PRC - [2010.09.15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010.06.26 01:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- S:\Installierte Programme\Software\set points\SetPointP\SetPoint.exe
PRC - [2010.06.22 20:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- D:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
PRC - [2010.03.30 10:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010.03.28 22:37:35 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- D:\Program Files\DNA\btdna.exe
PRC - [2010.03.25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2010.01.03 19:28:18 | 000,118,784 | ---- | M] () -- S:\Installierte Programme\Software\cool temp\CPUCooL\CooLSRV.exe
PRC - [2009.12.19 23:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) -- S:\Installierte Programme\XAMP\xampp\apache\bin\httpd.exe
PRC - [2009.11.12 13:48:56 | 000,071,096 | ---- | M] () -- D:\Programme\2. Software\CDBurnerXP\NMSAccessU.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe
PRC - [2009.10.16 22:59:34 | 000,822,088 | ---- | M] (TuneUp Software) -- D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009.10.16 22:56:44 | 001,010,504 | ---- | M] (TuneUp Software) -- D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009.07.22 16:54:14 | 000,081,920 | ---- | M] (Firebird Project) -- D:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2009.07.22 16:53:44 | 002,736,128 | ---- | M] (Firebird Project) -- D:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe
PRC - [2009.05.06 18:53:50 | 001,220,608 | ---- | M] (MAGIX AG) -- D:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2008.11.18 13:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- D:\Program Files\Creative\Shared Files\CTAudSvc.exe
========== Modules (SafeList) ==========
MOD - [2010.11.04 18:24:58 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Users\Public\Desktop\MFtools\OTL.exe
MOD - [2010.05.05 07:46:55 | 000,363,520 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\StructuredQuery.dll
MOD - [2010.01.26 19:37:08 | 000,097,280 | ---- | M] (Microsoft Corporation) -- D:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll
MOD - [2009.07.14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\rsaenh.dll
MOD - [2009.07.14 02:16:19 | 000,237,568 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WMASF.DLL
MOD - [2009.07.14 02:16:19 | 000,156,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\winsta.dll
MOD - [2009.07.14 02:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\wkscli.dll
MOD - [2009.07.14 02:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecs.dll
MOD - [2009.07.14 02:16:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\thumbcache.dll
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\srvcli.dll
MOD - [2009.07.14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\slc.dll
MOD - [2009.07.14 02:16:13 | 000,643,072 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\SearchFolder.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\samcli.dll
MOD - [2009.07.14 02:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\RpcRtRemote.dll
MOD - [2009.07.14 02:16:12 | 002,504,192 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WMVCORE.DLL
MOD - [2009.07.14 02:16:12 | 000,547,328 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\PortableDeviceApi.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:16:11 | 000,069,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ntlanman.dll
MOD - [2009.07.14 02:16:03 | 001,661,440 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\networkexplorer.dll
MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\netutils.dll
MOD - [2009.07.14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mssprxy.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\IconCodecService.dll
MOD - [2009.07.14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\EhStorShell.dll
MOD - [2009.07.14 02:15:14 | 000,128,512 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\EhStorAPI.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 02:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\drprov.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:08 | 000,077,824 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\davclnt.dll
MOD - [2009.07.14 02:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\davhlpr.dll
MOD - [2009.07.14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\cryptsp.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\cscapi.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 02:14:52 | 000,309,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\actxprxy.dll
MOD - [2009.07.14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- D:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009.07.14 02:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- D:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
MOD - [2009.06.10 22:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- D:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
MOD - [2009.03.06 04:33:26 | 000,961,888 | ---- | M] (Microsoft Corporation) -- D:\Programme\2. Software\Office\Office12\GrooveUtil.dll
MOD - [2009.02.12 15:19:38 | 000,178,040 | ---- | M] (Microsoft Corporation) -- D:\Programme\2. Software\Office\Office12\GrooveSystemServices.dll
MOD - [2009.02.12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) -- D:\Programme\2. Software\Office\Office12\GrooveShellExtensions.dll
MOD - [2008.10.25 11:44:34 | 000,022,872 | ---- | M] (Microsoft Corporation) -- D:\Programme\2. Software\Office\Office12\GrooveNew.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.08.13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.05.06 10:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- D:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ)
SRV - [2010.03.30 10:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.03.25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.03.25 00:32:36 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.02 15:26:49 | 000,326,792 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.01.25 19:00:01 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.01.24 15:15:51 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- D:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010.01.04 23:41:00 | 003,670,928 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- D:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010.01.03 19:28:18 | 000,118,784 | ---- | M] () [Auto | Running] -- S:\Installierte Programme\Software\cool temp\CPUCooL\CooLSRV.exe -- (CPUCooLServer)
SRV - [2009.12.19 23:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) [Auto | Running] -- S:\Installierte Programme\XAMP\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2009.11.12 13:48:56 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Programme\2. Software\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2009.10.16 22:56:44 | 001,010,504 | ---- | M] (TuneUp Software) [Auto | Running] -- D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.10.16 22:51:40 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- D:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.07.22 16:54:14 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- D:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2009.07.22 16:53:44 | 002,736,128 | ---- | M] (Firebird Project) [On_Demand | Running] -- D:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- D:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009.07.14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- D:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-Installer (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- D:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009.05.06 18:53:50 | 001,220,608 | ---- | M] (MAGIX AG) [Unknown | Running] -- D:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008.11.18 13:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- D:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008.10.25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programme\2. Software\Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- D:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- S:\Filme + Serien + Spiele + DL\Downloads\cabal_bot_&_rider_v1.04\cabal_bot_v1.04\NtProcDrv.sys -- (NTProcDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Users\REDSCO~1\AppData\Local\Temp\jnv4_mib.sys -- (jnv4_mib)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Users\REDSCO~1\AppData\Local\Temp\FMG70E0.tmp -- (GarenaPEngine)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Users\REDSCO~1\AppData\Local\Temp\17728890.03- -- (ByakkoDriver)
DRV - [2010.08.12 22:48:59 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.08.12 22:48:58 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.07.13 18:11:00 | 000,007,040 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- D:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - [2010.04.03 21:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.03.25 20:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- D:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.03.18 10:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010.03.18 10:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010.02.22 17:23:16 | 003,022,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.01.24 15:40:54 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- D:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.01.03 19:28:18 | 000,012,800 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\ntiopnp.sys -- (ntiopnp)
DRV - [2010.01.03 19:28:18 | 000,011,392 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\ntiomin.sys -- (ntiomin)
DRV - [2009.12.19 17:11:38 | 000,249,888 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.11.12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- D:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.10.14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.09.23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.08.03 11:10:24 | 001,148,416 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- D:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- D:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC-Seriellschnittstellentreiber (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- D:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) Brother MFC-nur-Fax-Modem (USB)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) Brother MFC-WDM-Treiber (USB,seriell)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) Brother WDM-Treiber (seriell)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:02:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2008.09.04 11:23:57 | 000,099,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- D:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2008.07.21 13:11:58 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- D:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2006.12.28 06:50:26 | 000,016,000 | ---- | M] (Sonix Technology Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\9kdUSBXP.sys -- (SNL320XP)
DRV - [2005.12.12 20:12:01 | 000,049,664 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- D:\Windows\System32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2005.11.03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- D:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.08.10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- D:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - D:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 26 2F DB 40 E7 C9 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - D:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.2.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: D:\Programme\2. Software\Mozilla\components [2010.10.29 10:51:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: D:\Programme\2. Software\Mozilla\plugins [2010.10.29 10:51:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: D:\Programme\2. Software\Thunderbird\components [2010.10.28 22:00:49 | 000,000,000 | ---D | M]
[2010.01.24 17:32:50 | 000,000,000 | ---D | M] -- D:\Users\RedScorpions\AppData\Roaming\Mozilla\Extensions
[2010.01.24 17:32:50 | 000,000,000 | ---D | M] (No name found) -- D:\Users\RedScorpions\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.11.04 17:31:13 | 000,000,000 | ---D | M] -- D:\Users\RedScorpions\AppData\Roaming\Mozilla\Firefox\Profiles\rkmx0r9y.default\extensions
[2010.08.19 16:24:10 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- D:\Users\RedScorpions\AppData\Roaming\Mozilla\Firefox\Profiles\rkmx0r9y.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.07 14:06:56 | 000,000,000 | ---D | M] (No name found) -- D:\Users\RedScorpions\AppData\Roaming\Mozilla\Firefox\Profiles\rkmx0r9y.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.11.01 23:49:06 | 000,000,000 | ---D | M] (No name found) -- D:\Users\RedScorpions\AppData\Roaming\Mozilla\Firefox\Profiles\rkmx0r9y.default\extensions\{cc409fe8-42b4-405b-a9fa-02dfcffbedde}
[2010.11.03 17:00:31 | 000,000,000 | ---D | M] (Adblock Plus) -- D:\Users\RedScorpions\AppData\Roaming\Mozilla\Firefox\Profiles\rkmx0r9y.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.04.10 15:11:27 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\RedScorpions\AppData\Roaming\Mozilla\Firefox\Profiles\rkmx0r9y.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.10.29 18:55:06 | 000,000,000 | ---D | M] -- D:\Users\RedScorpions\AppData\Roaming\Mozilla\Firefox\Profiles\rkmx0r9y.default\extensions\engine@conduit.com
O1 HOSTS File: ([2010.01.24 16:50:55 | 000,000,857 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\2. Software\Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - D:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Programme\2. Software\Free Download Manager\iefdm2.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - D:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - D:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] D:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [EvtMgr6] S:\Installierte Programme\Software\set points\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [MSSE] D:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [P17RunE] D:\Windows\System32\P17RunE.dll (Creative Technology Ltd.)
O4 - HKCU..\Run: [BitTorrent DNA] D:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] D:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Alles mit FDM herunterladen - D:\Programme\2. Software\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - D:\Programme\2. Software\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - D:\Programme\2. Software\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - D:\Users\RedScorpions\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\RedScorpions\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Programme\2. Software\Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Videos mit FDM herunterladen - D:\Programme\2. Software\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme\2. Software\Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme\2. Software\Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programme\2. Software\Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.230 80.69.100.174
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programme\2. Software\Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~2\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~2\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programme\2. Software\Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - D:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - D:\Windows\System32\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{63245a34-9996-11df-bf2b-00e04d9d5090}\Shell - "" = AutoRun
O33 - MountPoints2\{63245a34-9996-11df-bf2b-00e04d9d5090}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O33 - MountPoints2\{7638e4f3-2f5a-11df-b9ed-00e04d9d5090}\Shell - "" = AutoRun
O33 - MountPoints2\{7638e4f3-2f5a-11df-b9ed-00e04d9d5090}\Shell\AutoRun\command - "" = L:\EasySuite.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.11.04 18:26:22 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\AppData\Roaming\Malwarebytes
[2010.11.04 18:26:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.04 18:26:01 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys
[2010.11.04 18:26:01 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes
[2010.11.04 18:24:33 | 000,000,000 | ---D | C] -- D:\Users\Public\Desktop\MFtools
[2010.11.03 16:42:52 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\Desktop\Referat
[2010.11.02 16:58:14 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\AppData\Roaming\Weaverslave
[2010.11.01 18:08:37 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\Desktop\Ogame (1)
[2010.10.29 19:21:48 | 000,000,000 | ---D | C] -- D:\ProgramData\Age of Empires 3
[2010.10.29 19:21:10 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Games
[2010.10.28 20:33:53 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\Documents\UseNeXT
[2010.10.28 20:33:52 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\AppData\Roaming\UseNeXT
[2010.10.28 18:22:53 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\AppData\Roaming\DVDVideoSoft
[2010.10.27 21:24:43 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\AppData\Local\The Lord of the Rings Online
[2010.10.27 21:08:03 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\Documents\The Lord of the Rings Online
[2010.10.27 21:05:57 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\AppData\Roaming\Turbine
[2010.10.27 21:05:50 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\AppData\Local\Turbine
[2010.10.27 21:00:04 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\AppData\Local\ApplicationHistory
[2010.10.27 20:58:35 | 000,000,000 | ---D | C] -- D:\Windows\System32\URTTEMP
[2010.10.27 19:01:28 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\AppData\Local\PMB Files
[2010.10.27 19:01:28 | 000,000,000 | ---D | C] -- D:\ProgramData\PMB Files
[2010.10.27 19:01:22 | 000,000,000 | ---D | C] -- D:\Program Files\Pando Networks
[2010.10.20 17:39:08 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\AppData\Local\FalloutNV
[2010.10.16 19:43:01 | 000,000,000 | ---D | C] -- D:\ProgramData\Creative Labs
[2010.10.14 22:50:30 | 000,363,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\StructuredQuery.dll
[2010.10.14 20:36:32 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\AppData\Local\Focus Home Interactive
[2010.10.09 16:31:39 | 000,000,000 | ---D | C] -- D:\Windows\Downloaded Installations
[2010.10.05 20:55:51 | 000,000,000 | ---D | C] -- D:\Users\RedScorpions\Documents\FIFA 11
[2010.04.15 20:04:47 | 083,348,124 | ---- | C] (Bitfield GmbH) -- D:\Users\RedScorpions\AppData\Roaming\file_2.exe
========== Files - Modified Within 30 Days ==========
[2010.11.04 19:06:33 | 000,016,944 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.04 19:06:33 | 000,016,944 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.04 19:05:42 | 000,737,838 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2010.11.04 19:05:42 | 000,685,178 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2010.11.04 19:05:42 | 000,159,608 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2010.11.04 19:05:42 | 000,130,292 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2010.11.04 19:01:23 | 000,065,536 | ---- | M] () -- D:\Windows\System32\Ikeext.etl
[2010.11.04 19:01:09 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2010.11.04 19:00:10 | 000,000,020 | ---- | M] () -- D:\Users\RedScorpions\defogger_reenable
[2010.11.04 18:57:11 | 004,194,304 | -HS- | M] () -- D:\Users\RedScorpions\NTUSER.bak
[2010.11.04 18:24:38 | 000,050,477 | ---- | M] () -- D:\Users\RedScorpions\Desktop\defogger.exe
[2010.11.03 20:23:26 | 000,002,042 | -H-- | M] () -- D:\Users\RedScorpions\Documents\Default.rdp
[2010.11.02 22:46:18 | 000,000,349 | ---- | M] () -- D:\Users\Public\Documents\PCLECHAL.INI
[2010.11.02 16:57:41 | 002,242,024 | ---- | M] () -- D:\Users\RedScorpions\Desktop\wsbeta_3.9.18.exe
[2010.11.01 15:03:44 | 000,003,416 | ---- | M] () -- D:\bootsqm.dat
[2010.10.29 19:21:41 | 000,001,423 | ---- | M] () -- D:\Users\RedScorpions\Desktop\age3y.exe - Verknüpfung.lnk
[2010.10.29 19:17:56 | 000,001,081 | ---- | M] () -- D:\Users\Public\Desktop\Age of Empires III.lnk
[2010.10.28 20:33:45 | 000,000,874 | ---- | M] () -- D:\Users\RedScorpions\Desktop\UseNeXT.lnk
[2010.10.28 18:23:16 | 000,001,225 | ---- | M] () -- D:\Users\RedScorpions\Desktop\DVDVideoSoft Free Studio.lnk
[2010.10.27 22:52:00 | 000,001,529 | ---- | M] () -- D:\Users\RedScorpions\Desktop\Der Herr der Ringe Online - Beta.lnk
[2010.10.27 21:48:38 | 000,001,794 | ---- | M] () -- D:\Users\RedScorpions\Desktop\TurbineLauncher.exe - Verknüpfung.lnk
[2010.10.27 21:00:04 | 000,000,100 | ---- | M] () -- D:\Users\RedScorpions\AppData\Local\fusioncache.dat
[2010.10.24 13:46:23 | 000,001,187 | ---- | M] () -- D:\Users\Public\Desktop\Fallout New Vegas.lnk
[2010.10.19 21:51:33 | 000,222,080 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\MpSigStub.exe
[2010.10.16 19:10:53 | 000,001,175 | ---- | M] () -- D:\Users\RedScorpions\Desktop\Landwirtschafts Simulator 2011 .lnk
[2010.10.14 20:37:43 | 000,001,164 | ---- | M] () -- D:\Users\Public\Desktop\Cities XL 2011.lnk
[2010.10.14 18:54:04 | 000,001,045 | ---- | M] () -- D:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.10.14 16:28:35 | 000,021,840 | ---- | M] () -- D:\Windows\System32\SIntfNT.dll
[2010.10.14 16:28:35 | 000,017,212 | ---- | M] () -- D:\Windows\System32\SIntf32.dll
[2010.10.14 16:28:35 | 000,012,067 | ---- | M] () -- D:\Windows\System32\SIntf16.dll
[2010.10.14 12:39:38 | 000,000,886 | ---- | M] () -- D:\Users\RedScorpions\Desktop\EVEREST Ultimate Edition.lnk
[2010.10.12 19:54:20 | 000,016,400 | ---- | M] (Logitech, Inc.) -- D:\Windows\System32\drivers\LNonPnP.sys
[2010.10.09 21:51:57 | 000,001,907 | ---- | M] () -- D:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.10.07 18:21:50 | 004,157,568 | ---- | M] () -- D:\Users\RedScorpions\Desktop\Nur die bessten sterben Jung Hardstyle Mix.mp3
========== Files Created - No Company Name ==========
[2010.11.04 18:59:57 | 000,000,020 | ---- | C] () -- D:\Users\RedScorpions\defogger_reenable
[2010.11.04 18:56:50 | 000,000,000 | -HS- | C] () -- D:\Users\RedScorpions\NTUSER.tmp.LOG2
[2010.11.04 18:56:50 | 000,000,000 | -HS- | C] () -- D:\Users\RedScorpions\NTUSER.tmp.LOG1
[2010.11.04 18:24:38 | 000,050,477 | ---- | C] () -- D:\Users\RedScorpions\Desktop\defogger.exe
[2010.11.03 19:11:46 | 000,065,536 | ---- | C] () -- D:\Windows\System32\Ikeext.etl
[2010.11.02 16:57:34 | 002,242,024 | ---- | C] () -- D:\Users\RedScorpions\Desktop\wsbeta_3.9.18.exe
[2010.11.01 15:03:44 | 000,003,416 | ---- | C] () -- D:\bootsqm.dat
[2010.10.29 19:21:41 | 000,001,423 | ---- | C] () -- D:\Users\RedScorpions\Desktop\age3y.exe - Verknüpfung.lnk
[2010.10.29 19:17:56 | 000,001,081 | ---- | C] () -- D:\Users\Public\Desktop\Age of Empires III.lnk
[2010.10.28 20:33:45 | 000,000,874 | ---- | C] () -- D:\Users\RedScorpions\Desktop\UseNeXT.lnk
[2010.10.27 22:52:00 | 000,001,529 | ---- | C] () -- D:\Users\RedScorpions\Desktop\Der Herr der Ringe Online - Beta.lnk
[2010.10.27 21:48:38 | 000,001,794 | ---- | C] () -- D:\Users\RedScorpions\Desktop\TurbineLauncher.exe - Verknüpfung.lnk
[2010.10.27 21:00:04 | 000,000,100 | ---- | C] () -- D:\Users\RedScorpions\AppData\Local\fusioncache.dat
[2010.10.24 13:46:23 | 000,001,187 | ---- | C] () -- D:\Users\Public\Desktop\Fallout New Vegas.lnk
[2010.10.16 19:10:53 | 000,001,175 | ---- | C] () -- D:\Users\RedScorpions\Desktop\Landwirtschafts Simulator 2011 .lnk
[2010.10.14 20:37:43 | 000,001,164 | ---- | C] () -- D:\Users\Public\Desktop\Cities XL 2011.lnk
[2010.10.14 18:54:04 | 000,001,045 | ---- | C] () -- D:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.10.14 12:39:38 | 000,000,886 | ---- | C] () -- D:\Users\RedScorpions\Desktop\EVEREST Ultimate Edition.lnk
[2010.10.09 21:51:57 | 000,001,907 | ---- | C] () -- D:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.10.07 18:21:50 | 004,157,568 | ---- | C] () -- D:\Users\RedScorpions\Desktop\Nur die bessten sterben Jung Hardstyle Mix.mp3
[2010.09.12 20:48:41 | 000,034,308 | ---- | C] () -- D:\Windows\System32\BASSMOD.dll
[2010.08.22 15:38:15 | 000,000,034 | ---- | C] () -- D:\Users\RedScorpions\AppData\Roaming\locale.ini
[2010.08.12 22:48:59 | 000,281,760 | ---- | C] () -- D:\Windows\System32\drivers\atksgt.sys
[2010.08.12 22:48:58 | 000,025,888 | ---- | C] () -- D:\Windows\System32\drivers\lirsgt.sys
[2010.07.16 17:01:03 | 000,000,240 | ---- | C] () -- D:\Windows\RomeTW.ini
[2010.06.09 16:31:29 | 000,197,120 | ---- | C] () -- D:\Windows\patchw32.dll
[2010.05.01 12:09:45 | 000,000,000 | ---- | C] () -- D:\Users\RedScorpions\AppData\Roaming\chrtmp
[2010.05.01 12:09:34 | 003,144,915 | ---- | C] () -- D:\Users\RedScorpions\AppData\Roaming\Serials World.exe
[2010.04.28 20:03:15 | 000,007,605 | ---- | C] () -- D:\Users\RedScorpions\AppData\Local\Resmon.ResmonCfg
[2010.04.14 19:46:36 | 000,043,520 | ---- | C] () -- D:\Windows\System32\CmdLineExt03.dll
[2010.04.12 16:08:59 | 000,144,144 | ---- | C] () -- D:\Windows\System32\MASE32.DLL
[2010.04.12 16:08:59 | 000,063,248 | ---- | C] () -- D:\Windows\System32\MASD32.DLL
[2010.04.12 16:08:58 | 000,201,488 | ---- | C] () -- D:\Windows\System32\MACD32.DLL
[2010.04.12 16:08:58 | 000,141,584 | ---- | C] () -- D:\Windows\System32\MAMC32.DLL
[2010.04.12 16:08:58 | 000,033,040 | ---- | C] () -- D:\Windows\System32\MA32.DLL
[2010.04.10 15:05:51 | 000,022,328 | ---- | C] () -- D:\Users\RedScorpions\AppData\Roaming\PnkBstrK.sys
[2010.03.13 18:04:10 | 000,080,416 | ---- | C] () -- D:\Windows\System32\RtNicProp32.dll
[2010.03.11 00:10:40 | 000,001,024 | ---- | C] () -- D:\Windows\ppengine.ini
[2010.02.20 17:29:33 | 000,021,840 | ---- | C] () -- D:\Windows\System32\SIntfNT.dll
[2010.02.20 17:29:33 | 000,017,212 | ---- | C] () -- D:\Windows\System32\SIntf32.dll
[2010.02.20 17:29:33 | 000,012,067 | ---- | C] () -- D:\Windows\System32\SIntf16.dll
[2010.02.20 17:26:42 | 000,000,276 | ---- | C] () -- D:\Windows\SIERRA.INI
[2010.02.04 18:24:42 | 000,006,144 | ---- | C] () -- D:\Users\RedScorpions\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.02 22:33:25 | 000,120,200 | ---- | C] () -- D:\Windows\System32\DLLDEV32i.dll
[2010.01.30 19:36:48 | 000,022,328 | ---- | C] () -- D:\Windows\System32\drivers\PnkBstrK.sys
[2010.01.24 18:26:28 | 000,000,990 | -HS- | C] () -- D:\Users\RedScorpions\AppData\Roaming\systemfl.$dk
[2010.01.24 16:54:34 | 000,000,040 | -HS- | C] () -- D:\ProgramData\.zreglib
[2010.01.24 15:37:03 | 000,007,168 | ---- | C] () -- D:\Windows\System32\drivers\StarOpen.sys
[2010.01.24 14:37:29 | 000,148,480 | ---- | C] () -- D:\Windows\System32\APOMngr.DLL
[2010.01.24 14:37:29 | 000,073,728 | ---- | C] () -- D:\Windows\System32\CmdRtr.DLL
[2010.01.03 19:28:18 | 000,012,800 | ---- | C] () -- D:\Windows\System32\drivers\ntiopnp.sys
[2010.01.03 19:28:18 | 000,011,392 | ---- | C] () -- D:\Windows\System32\drivers\ntiomin.sys
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll
[2009.04.21 03:04:26 | 000,003,930 | ---- | C] () -- D:\Windows\System32\ludap17.ini
[2008.11.13 06:07:24 | 000,002,177 | ---- | C] () -- D:\Windows\P17EP.ini
[2007.09.06 01:01:22 | 000,012,288 | ---- | C] () -- D:\Windows\System32\DivXWMPExtType.dll
[2007.08.23 17:55:34 | 003,596,288 | ---- | C] () -- D:\Windows\System32\qt-dx331.dll
[2005.03.08 06:17:00 | 000,000,054 | ---- | C] () -- D:\Windows\System32\ctzapxx.ini
[1997.06.14 09:56:08 | 000,056,832 | ---- | C] () -- D:\Windows\System32\iyvu9_32.dll
========== Files - Unicode (All) ==========
[2010.08.06 23:38:31 | 000,000,000 | ---D | M](D:\Users\RedScorpions\Documents\?? ???) -- D:\Users\RedScorpions\Documents\넥슨 플러그
[2010.08.06 23:38:31 | 000,000,000 | ---D | C](D:\Users\RedScorpions\Documents\?? ???) -- D:\Users\RedScorpions\Documents\넥슨 플러그
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> D:\Windows:F6A7A7674D027C2B
< End of report >
--- --- --- UND NUN DIES:
netsvcs
msconfig
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs UND NUN DIES:
GMER Logfile: Code:
GMER 1.0.15.15507 - hxxp://www.gmer.net
Rootkit scan 2010-11-04 19:17:05
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 WDC_WD740GD-00FLA0 21.08U21
Running: gmer.exe; Driver: D:\Users\REDSCO~1\AppData\Local\Temp\ffkyrpob.sys
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 8344B599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 8346FF52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
init D:\Windows\System32\drivers\FNETURPX.SYS entry point in "init" section [0x90452380]
.text D:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0xA042E300, 0x3B6D8, 0xE8000020]
.text D:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0xA0471300, 0x1BEE, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text D:\Programme\2. Software\Mozilla\firefox.exe[5680] ntdll.dll!LdrLoadDll 7702F625 5 Bytes JMP 00ED13F0 D:\Programme\2. Software\Mozilla\firefox.exe (Firefox/Mozilla Corporation)
---- Devices - GMER 1.0.15 ----
Device \Driver\ACPI_HAL \Device\00000055 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
---- Threads - GMER 1.0.15 ----
Thread System [4:2812] A056FF2E
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 D:\Programme\2. Software\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x40 0x25 0xC9 0x18 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x30 0xE3 0xBB 0xA3 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xF9 0x56 0x31 0x58 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xAB 0x8A 0xCC 0xFA ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x8E 0x6E 0xB8 0x95 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 D:\Programme\2. Software\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD4 0x94 0xF6 0xF5 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x30 0xE3 0xBB 0xA3 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5F 0x7B 0xA5 0x76 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x54 0xE8 0x43 0x55 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0xAC 0x86 0xED 0xF6 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 D:\Programme\2. Software\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD4 0x94 0xF6 0xF5 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x30 0xE3 0xBB 0xA3 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5F 0x7B 0xA5 0x76 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x54 0xE8 0x43 0x55 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0xAC 0x86 0xED 0xF6 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@S:\Installierte Programme\Software\pinnacle studio 14 hd\Content\MotionTitles\-Looks\Standard\01 \x2013 Soft Shadow Looks.ixLook 1
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ D:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ D:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ D:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ D:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ D:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ D:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ D:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x31 0x77 0xE1 0xBA ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ D:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0xAA 0x52 0xC6 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ D:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ D:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ D:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ D:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...
---- EOF - GMER 1.0.15 ----
--- --- --- und das:OTL Logfile: Code:
OTL Extras logfile created on: 04.11.2010 18:53:44 - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = D:\Users\Public\Desktop\MFtools
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive D: | 69,25 Gb Total Space | 14,98 Gb Free Space | 21,63% Space Free | Partition Type: NTFS
Drive E: | 69,25 Gb Total Space | 16,58 Gb Free Space | 23,94% Space Free | Partition Type: NTFS
Drive S: | 1397,26 Gb Total Space | 358,66 Gb Free Space | 25,67% Space Free | Partition Type: NTFS
Computer Name: REDSCORPIONS-PC | User Name: RedScorpions | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\2. Software\Mozilla\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Programme\2. Software\Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme\2. Software\Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\2. Software\VLC Media Player\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\207B4~1.SOF\Office\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\2. Software\VLC Media Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [RapidShareManagerMail] -- D:\Program Files\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- D:\Program Files\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{021CB753-D388-4C3B-8E40-554E226F54F2}" = Shadow Ops Red Mercury
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{09F4655B-C804-4AD0-B7DF-078E338F8F85}" = League of Legends
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F01BC13-7B82-4143-88AB-AA62CE6EF431}_is1" = RF-United 1.0
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{13C1E98C-4434-4026-AADB-4A8A348B9402}" = ANNO 1404 Venedig Entwickler-Tools
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A4E47DC-6701-4A85-AA16-C1F99A44598C}" = SpellForce 2 - Shadow Wars
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2E1A71D5-7897-4F3F-B0E3-B412C86A646D}" = Need for Speed™ ProStreet
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D7BC89C-347E-4570-B308-87BC9BA7FD8D}_is1" = Fort Zombie
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{433B5FA7-7355-4BB9-A55A-9E76C725DB51}" = CABAL Online
"{454070F6-2CAF-49DE-84E7-07DC177789FB}" = GPCabal LW
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6592FDEC-2C1A-413A-9985-25FEC2F0848D}" = Star Wars Empire at War Forces of Corruption
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528D}" = Command & Conquer Die ersten 10 Jahre
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6CBE3180-6BA3-4593-91A1-ED3221348E40}" = USB Missile Launcher
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Treiber
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{797D1DB3-BA0F-4A2D-9F99-5D2C09D0A7FE}" = Car Tycoon
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C7AC2D4-1077-45C8-826A-16445B5E0DB7}" = Pinnacle DistanTV Server
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack
"{874C584E-B2B1-435A-A907-315183B1F867}" = Uplink
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AAFBDB00-2B9E-49AF-9C29-2FB7290DC8C4}" = Autobahn
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch
"{AEBBFC67-7A03-4DF3-9E71-BA5C9EB4FBEF}" = MobileMe Control Panel
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF37F9DE-0726-439E-BC10-43D9195394D0}" = Firebird SQL Server - MAGIX Edition
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE8F2625-8404-43AD-9D1E-969C0CA08431}" = Serials World 3.2.9.039
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{E26DEDC7-1A99-4F8C-9615-6DB112E6495B}_is1" = Texas Hold'em Poker 3D - Deluxe Edition 1.0
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5C372A1-40F3-49DA-A049-F75CDE9177DC}" = Pinnacle Studio Ultimate Collection Plugins
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online: Die Belagerung des Düsterwalds v03.0
"68a8eb3f-bd2e-4535-a290-d89cf3453924_is1" = Der Herr der Ringe Online v03.02.03.8014
"AC2-FileShredder" = AC2-FileShredder 1.1
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_26b63376f4efc354dae41af6b5e3343" = Adobe Premiere Pro CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Alcatraz/DE-German_is1" = Alcatraz
"AnyDVD" = AnyDVD
"ASIO4ALL" = ASIO4ALL
"AudioCS" = Creative Audio-Systemsteuerung
"CABAL Online (Europe)_is1" = CABAL Online
"CABAL Online_is1" = CABAL Online
"CCleaner" = CCleaner (remove only)
"Cities XL 2011" = Cities XL 2011
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Combat Arms EU" = Combat Arms EU
"CPUCooL" = CPUCooL (remove only)
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Eigenschaften von Creative Sound Blaster
"DeutschlandSpieltTOP100Pack" = DeutschlandSpieltTOP100Pack
"DFÜ-Speed" = DFÜ-Speed
"DriftCity_EU" = Drift City
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EA Download Manager" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.00
"Fallout New Vegas_is1" = Fallout New Vegas
"FarmingSimulator2009GoldDE_is1" = Landwirtschafts-Simulator 2009 Gold
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"FBDBServer_2_1_is1" = Firebird 2.1.3.18185 (Win32)
"FileZilla Client" = FileZilla Client 3.3.0.1
"FL Studio 9" = FL Studio 9
"Free Download Manager_is1" = Free Download Manager 3.0
"Free Studio_is1" = Free Studio version 4.9.13
"Free YouTube Download_is1" = Free YouTube Download 2.10
"Garena" = Garena
"Hardcore" = Hardcore
"HLSW_is1" = HLSW v1.3.3.7b
"Icy Tower v1.4_is1" = Icy Tower v1.4
"IL Download Manager" = IL Download Manager
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"JDownloader" = JDownloader
"Knoll Light Factory EZ Studio" = Knoll Light Factory EZ Studio
"League of Legends_is1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"MAGIX Music Maker 16 Premium Download-Version D" = MAGIX Music Maker 16 Premium Download-Version
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX Speed burnR D" = MAGIX Speed burnR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6)
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PcCloneEX" = PcCloneEX
"PoiZone" = PoiZone
"PunkBusterSvc" = PunkBuster Services
"RapidShare Manager" = RapidShare Manager
"Red Giant ToonIt Studio" = Red Giant ToonIt Studio
"SAM3" = SAM Broadcaster (remove only)
"Sawer" = Sawer
"Shutdown4U" = Shutdown4U
"Software Informer_is1" = Software Informer 1.0 BETA
"SP6" = Logitech SetPoint 6.15
"Steam App 17510" = Age of Chivalry
"Steam App 211" = Source SDK
"Steam App 215" = Source SDK Base
"Steam App 33310" = R.U.S.E. Beta
"Steam App 630" = Alien Swarm
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeraCopy_is1" = TeraCopy 2.12
"Toxic Biohazard" = Toxic Biohazard
"Trapcode 3DStroke Studio" = Trapcode 3DStroke Studio
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio" = Trapcode Shine Studio
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"UseNeXT_is1" = UseNeXT
"UT2004" = Unreal Tournament 2004
"Video Converter 3" = Video Converter 3
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 1.0.3
"Warcraft III" = Warcraft III
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"FolderLock6" = Folder Lock
"GameRanger" = GameRanger
"NCsoft-AionEU" = Aion
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
--- --- ---
und das:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:59 on 04/11/2010 (RedScorpions)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=- |
