SeppoKing | 28.07.2010 20:58 | so...
Extras.txt Code:
OTL Extras logfile created on: 28.07.2010 21:47:32 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\SeppoKing\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 83,01 Gb Total Space | 31,96 Gb Free Space | 38,50% Space Free | Partition Type: NTFS
Drive D: | 112,30 Gb Total Space | 30,52 Gb Free Space | 27,17% Space Free | Partition Type: NTFS
Drive E: | 92,78 Gb Total Space | 54,53 Gb Free Space | 58,77% Space Free | Partition Type: NTFS
Drive F: | 2,89 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KINGMACHINE
Current User Name: SeppoKing
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2799548120-1605598452-3434428995-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"AntiSpyWareDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"UacDisableNotify" = 1
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2799548120-1605598452-3434428995-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\PPStream\PPStream.exe" = C:\PPStream\PPStream.exe:*:Enabled:PPStream -- (PPStream.com)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C73591E-7BC7-499D-A108-B8EBD2BC8259}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{12DC4AB1-B64A-4DA2-AB91-D263788EE88F}" = lport=138 | protocol=17 | dir=in | app=system |
"{1EE87294-383A-4346-AA68-81AC613C34B7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2838CE27-8612-4064-A801-C342C95F2FEF}" = lport=139 | protocol=6 | dir=in | app=system |
"{4204BC38-0E8D-4174-9974-B89C00C4CB35}" = lport=137 | protocol=17 | dir=in | app=system |
"{59606811-AD14-4EB9-8A6D-A50D73288EE5}" = lport=6004 | protocol=17 | dir=in | app=c:\microsoft office\office12\outlook.exe |
"{5EDAFFA9-9D42-4E31-A9D5-E98B8F97AB26}" = rport=137 | protocol=17 | dir=out | app=system |
"{66D3039B-B3A1-4FE4-A46B-2C0359893D01}" = rport=445 | protocol=6 | dir=out | app=system |
"{72D25413-E329-4B52-8B10-C3103437F2E3}" = lport=445 | protocol=6 | dir=in | app=system |
"{D11EC418-DC45-43F5-AFDE-9D0EC12561AA}" = rport=139 | protocol=6 | dir=out | app=system |
"{E0547140-6C0D-47AC-B27B-E8AD1B9D3FDF}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E6EEA77-5AEA-4924-8D2C-F315140B5A7B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\alien swarm\swarm.exe |
"{15772CE8-5A5C-4B36-940E-B12A6EE1BD4C}" = protocol=6 | dir=in | app=d:\steam\steamapps\seppsch\counter-strike source\hl2.exe |
"{205CA625-2ABB-4F99-98D4-B9F763CA702B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{303254C6-2774-44E1-AEFD-24283C9966B0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{322FFE86-D867-427C-B5FC-31CDB1160B23}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\alien swarm\swarm.exe |
"{3E289A30-72A9-433C-A1B5-EC517FFA23BF}" = protocol=6 | dir=in | app=c:\utorrent\utorrent.exe |
"{438139A9-51FE-4D74-9762-1556A8742B29}" = protocol=17 | dir=in | app=d:\steam\steamapps\seppsch\counter-strike source\hl2.exe |
"{4B0DFB8B-83C3-436B-9447-06E5D89F7C77}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5D1EA9CE-0C9B-4513-A89F-28F3A747DA46}" = dir=in | app=c:\skype\phone\skype.exe |
"{8418F736-EA61-47A2-B2B6-79AF80F093A6}" = protocol=6 | dir=in | app=d:\company of heroes\reliccoh.exe |
"{8FA167DC-8E63-421E-8E6E-9255C7B04F61}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\alien swarm\srcds.exe |
"{96C449AD-2060-4F17-A253-EB49D6BF70CD}" = protocol=17 | dir=in | app=d:\company of heroes\reliccoh.exe |
"{9ED2E4F5-D751-4866-A814-10E717C04006}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AA2ACB8D-AABE-4A55-B06E-C3AF2C975857}" = protocol=17 | dir=in | app=c:\utorrent\utorrent.exe |
"{AF0C2A25-9531-42C0-9EE8-A9DF96BF90FF}" = protocol=6 | dir=in | app=c:\itunes\itunes.exe |
"{B766D692-EB62-4AD1-903A-D0433AE68089}" = protocol=17 | dir=in | app=c:\itunes\itunes.exe |
"{D45E477E-620B-4507-A959-246A911CE7A7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DBF272AD-D508-451E-A52D-D309582A7C36}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\alien swarm\srcds.exe |
"{F9075A63-EB4C-4C41-B05F-E01DF8852BF3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{13259800-F656-4548-8FC5-A04153331A9E}C:\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\zattoo\zattoo.exe |
"TCP Query User{18CD3DF8-FBE0-4814-A85B-B89FB13BFD01}C:\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\sopcast\sopcast.exe |
"TCP Query User{3DCA1070-6165-4BC4-A8EA-8349F5EC1F13}C:\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\mozilla firefox\firefox.exe |
"TCP Query User{4CB3CDAA-6932-48C4-BC5A-A17B7659CA19}C:\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\sopcast\adv\sopadver.exe |
"TCP Query User{9C888949-049F-4190-B050-F9DCAA3F89CB}C:\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\zattoo\zattood.exe |
"TCP Query User{DD356105-1EF5-46C4-8B06-68B9298B0653}D:\age of kings\empires2.exe" = protocol=6 | dir=in | app=d:\age of kings\empires2.exe |
"TCP Query User{E64E8023-E273-445C-BC8D-051D587F7FBC}C:\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\trillian\trillian.exe |
"TCP Query User{EB5422C6-E239-4037-9095-49A7EFCC91CF}D:\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\call of duty 2\cod2mp_s.exe |
"TCP Query User{FB6E1C51-2007-46B0-B8D9-03E8C0D6DB10}D:\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\tmnationsforever\tmforever.exe |
"UDP Query User{0F1A59E0-BC5D-4902-8D34-20B4C31F3DB0}D:\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\tmnationsforever\tmforever.exe |
"UDP Query User{34459F5D-65D4-4998-AFE1-6CD9BDF84D85}C:\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\zattoo\zattood.exe |
"UDP Query User{64B80577-F205-4BDB-A306-7E1C04C6C8A5}D:\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\call of duty 2\cod2mp_s.exe |
"UDP Query User{C48BD305-B99E-4CA3-AFE4-A3DBE3E3D435}C:\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\mozilla firefox\firefox.exe |
"UDP Query User{CC922145-08A2-4EBC-A00D-D614933B2418}C:\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\sopcast\adv\sopadver.exe |
"UDP Query User{CEF4FFE0-AE9A-4FF7-AA58-10732DFEE669}C:\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\trillian\trillian.exe |
"UDP Query User{E3725AB9-1314-4558-97F3-CC2951E7936D}C:\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\sopcast\sopcast.exe |
"UDP Query User{EDB72A6D-61BC-4DA1-937A-70B64ADF752F}C:\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\zattoo\zattoo.exe |
"UDP Query User{FC594EDB-398D-411A-A887-D4BE2FEB537E}D:\age of kings\empires2.exe" = protocol=17 | dir=in | app=d:\age of kings\empires2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{053B3DA8-91B5-4682-A130-715412A1A252}" = Paint.NET v3.5.4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{17BADF87-3597-46FE-8D74-69C4FA78883E}" = Gothic 3
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{2806ECD7-D23E-45D7-A918-D6E5EA1C4D8E}" = S.W.I.N.E.
"{2D5E623B-01E3-403C-B429-6ECA4B9B6BF4}" = Windows Vista Cleaner 3.0
"{2FEA102C-F535-4513-009B-57B165013C18}" = Tiger Woods PGA TOUR 08
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3EE2F527-F306-49E9-0086-662C337ADD3B}" = FUSSBALL MANAGER 07
"{40FE74B5-71A1-4393-A0AB-21D6E1DA5A66}" = Gothic 2 Gold
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{4E5EE953-0D92-A385-E3A0-FBFCB2DE15AA}" = EA Download Manager UI
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1" = PokerStove version 1.21
"{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2614BE8-5A35-4C28-A3EA-69A1ED98CE0E}" = Zatikon
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.3 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{BBF10B37-4ED3-11D5-A818-00500435FC18}" = Gothic
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{CC13FB47-0B90-46C3-9BB7-57D2DB455D4D}" = Microsoft Xbox 360 Accessories 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}" = Microsoft IntelliPoint 7.0
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Age of Mythology 1.0" = Age of Mythology
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"ComandoDeinstKey" = Commando
"Company of Heroes" = Company of Heroes
"Crazy Towers_is1" = Crazy Towers V1.2
"Defraggler" = Defraggler
"Die Gilde Gold-Edition" = Die Gilde Gold-Edition
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"EA Download Manager" = EA Download Manager
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FLV Player" = FLV Player 2.0 (build 25)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free FLV Converter_is1" = Free FLV Converter V 6.7.4
"Free YouTube Download_is1" = Free YouTube Download 2.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"GameSpy Arcade" = GameSpy Arcade
"Gangsters" = Gangsters
"Glary Utilities_is1" = Glary Utilities 2.23.0.923
"GNU Backgammon_is1" = GNU Backgammon (MAIN branch, 20091230 code)
"Google Updater" = Google Updater
"Grand Theft Auto" = Grand Theft Auto
"Hitman: Contracts" = Hitman: Contracts
"IncubationDeinstall" = Incubation
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"InstallShield_{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PokerStars" = PokerStars
"PPStream_is1" = PPStream
"PRIMETIME_is1" = Prime Time
"PROPLUS" = Microsoft Office Professional Plus 2007
"RADVideo" = RAD Video Tools
"Railroad Tycoon II" = Railroad Tycoon II
"Rainlendar2" = Rainlendar2 (remove only)
"SimCity2000CDv1" = SimCity 2000® CD-Collection
"SopCast" = SopCast 3.0.3
"Steam App 240" = Counter-Strike: Source
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 440" = Team Fortress 2
"Steam App 630" = Alien Swarm
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TIPP10_is1" = TIPP10 Version 2.0.3
"TmNationsForever_is1" = TmNationsForever
"Trillian" = Trillian
"TVAnts 1.0" = TVAnts 1.0
"TweakVI" = TweakVI
"Uninstall_is1" = Uninstall 1.0.0.1
"UT2003" = Unreal Tournament 2003
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"Xvid_is1" = Xvid 1.2.1 final uninstall
"Zattoo" = Zattoo 3.3.3 Beta
"Zattoo4" = Zattoo4 4.0.4
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2799548120-1605598452-3434428995-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report > und otl.txt Code:
OTL logfile created on: 28.07.2010 21:47:32 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\SeppoKing\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 83,01 Gb Total Space | 31,96 Gb Free Space | 38,50% Space Free | Partition Type: NTFS
Drive D: | 112,30 Gb Total Space | 30,52 Gb Free Space | 27,17% Space Free | Partition Type: NTFS
Drive E: | 92,78 Gb Total Space | 54,53 Gb Free Space | 58,77% Space Free | Partition Type: NTFS
Drive F: | 2,89 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KINGMACHINE
Current User Name: SeppoKing
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\SeppoKing\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Rainlendar2\Rainlendar2.exe ()
PRC - C:\Programme\SamSung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Mail\WinMail.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\SeppoKing\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (ADDMEM) -- C:\Users\SEPPOK~1\AppData\Local\Temp\__Samsung_Update\ADDMEM.SYS File not found
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Point32) -- C:\Windows\System32\drivers\point32k.sys (Microsoft Corporation)
DRV - (SVKP) -- C:\Windows\System32\SVKP.sys (AntiCracking)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (VMC302) -- C:\Windows\System32\drivers\vmc302.sys (Vimicro Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (xusb21) -- C:\Windows\System32\drivers\xusb21.sys (Microsoft Corporation)
DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2799548120-1605598452-3434428995-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2799548120-1605598452-3434428995-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2799548120-1605598452-3434428995-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 09 14 03 0B 30 57 CA 01 [binary data]
IE - HKU\S-1-5-21-2799548120-1605598452-3434428995-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2799548120-1605598452-3434428995-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\BitDefender\BitDefender 2010\bdaphffext\
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Mozilla Firefox\components [2010.07.27 21:02:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Mozilla Firefox\plugins [2010.07.27 21:02:19 | 000,000,000 | ---D | M]
[2008.11.08 21:01:10 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\mozilla\Extensions
[2010.07.28 20:01:50 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\mozilla\Firefox\Profiles\xabtgjpi.default\extensions
[2010.04.29 14:51:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\SeppoKing\AppData\Roaming\mozilla\Firefox\Profiles\xabtgjpi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.14 15:35:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SeppoKing\AppData\Roaming\mozilla\Firefox\Profiles\xabtgjpi.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.07.11 13:13:26 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\SeppoKing\AppData\Roaming\mozilla\Firefox\Profiles\xabtgjpi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008.11.08 21:01:17 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\mozilla\Firefox\Profiles\xabtgjpi.default\extensions\toolbar_extras@de.yahoo.com
[2010.02.27 12:21:04 | 000,002,280 | ---- | M] () -- C:\Users\SeppoKing\AppData\Roaming\Mozilla\FireFox\Profiles\xabtgjpi.default\searchplugins\google-und-download-suche.xml
[2008.12.31 20:24:40 | 000,002,109 | ---- | M] () -- C:\Users\SeppoKing\AppData\Roaming\Mozilla\FireFox\Profiles\xabtgjpi.default\searchplugins\youtube-videosuche.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2799548120-1605598452-3434428995-1000..\Run: [Rainlendar2] C:\Rainlendar2\Rainlendar2.exe ()
O4 - HKU\S-1-5-21-2799548120-1605598452-3434428995-1000..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-2799548120-1605598452-3434428995-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = -33
O8 - Extra context menu item: Free YouTube Download - C:\Users\SeppoKing\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\SeppoKing\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\SeppoKing\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.01.19 22:00:00 | 000,000,043 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{3c1e4bea-adbf-11dd-8a12-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3c1e4bea-adbf-11dd-8a12-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe ()
MsConfig - State: "bootini" - 2
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP62 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2010.07.28 19:08:40 | 000,000,000 | ---D | C] -- C:\Programme\trend micro
[2010.07.28 19:08:40 | 000,000,000 | ---D | C] -- C:\rsit
[2010.07.28 18:02:31 | 000,000,000 | ---D | C] -- C:\Users\SeppoKing\AppData\Roaming\Malwarebytes
[2010.07.28 18:02:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.07.28 18:02:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.07.28 18:02:17 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2010.07.28 18:02:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.28 17:40:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.07.28 15:09:51 | 000,000,000 | ---D | C] -- C:\Users\SeppoKing\AppData\Roaming\BitDefender
[2010.07.28 15:09:51 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2010.07.28 15:09:51 | 000,000,000 | ---D | C] -- C:\BitDefender
[2010.07.28 14:53:04 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\BitDefender
[2010.07.28 13:41:36 | 000,000,000 | ---D | C] -- C:\Users\SeppoKing\AppData\Roaming\SUPERAntiSpyware.com
[2010.07.28 13:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.07.28 13:41:25 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2010.07.28 13:35:32 | 000,000,000 | ---D | C] -- C:\Trend Micro
[2010.07.28 03:50:24 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010.07.28 03:25:25 | 000,000,000 | ---D | C] -- C:\Users\SeppoKing\AppData\Local\Sunbelt Software
[2010.07.28 03:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010.07.28 00:34:47 | 000,000,000 | ---D | C] -- C:\Spybot - Search & Destroy
[2010.07.28 00:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.07.27 22:54:45 | 000,000,000 | ---D | C] -- C:\Users\SeppoKing\AppData\Roaming\Avira
[2010.07.24 13:54:04 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2010.07.23 02:12:58 | 000,000,000 | ---D | C] -- C:\Users\SeppoKing\Documents\Microsoft Hardware
[2010.07.21 00:29:35 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliPoint
[2010.07.11 17:02:23 | 000,283,648 | ---- | C] (Stirling Technologies, Inc.) -- C:\Windows\uninst.exe
========== Files - Modified Within 30 Days ==========
[2010.07.28 21:47:25 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\SupBackGroundTask.job
[2010.07.28 21:45:46 | 004,456,448 | ---- | M] () -- C:\Users\SeppoKing\NTUSER.DAT
[2010.07.28 21:37:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.28 21:27:08 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.07.28 21:25:42 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.28 21:25:42 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.28 21:25:27 | 000,108,395 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.07.28 21:25:27 | 000,108,395 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.07.28 21:25:05 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2010.07.28 21:24:37 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2010.07.28 21:24:32 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.28 21:24:27 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.28 21:24:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.28 21:16:44 | 000,524,288 | -HS- | M] () -- C:\Users\SeppoKing\NTUSER.DAT{fed4b99f-399b-11df-9558-001377a9ceb0}.TMContainer00000000000000000001.regtrans-ms
[2010.07.28 21:16:44 | 000,065,536 | -HS- | M] () -- C:\Users\SeppoKing\NTUSER.DAT{fed4b99f-399b-11df-9558-001377a9ceb0}.TM.blf
[2010.07.28 21:16:31 | 003,647,800 | -H-- | M] () -- C:\Users\SeppoKing\AppData\Local\IconCache.db
[2010.07.28 18:02:22 | 000,000,608 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.28 17:40:11 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pcwords2.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pcwords.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_sign.slf
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
[2010.07.28 13:41:27 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.07.28 13:36:50 | 000,002,343 | ---- | M] () -- C:\Users\SeppoKing\Desktop\HiJackThis.lnk
[2010.07.28 03:50:24 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010.07.28 00:22:54 | 000,097,792 | ---- | M] () -- C:\Users\SeppoKing\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.23 19:39:46 | 000,100,640 | ---- | M] () -- C:\Users\SeppoKing\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.23 19:39:14 | 000,374,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.07.21 01:40:55 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.07.13 15:01:59 | 001,427,406 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.13 15:01:59 | 000,621,952 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.13 15:01:59 | 000,590,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.13 15:01:59 | 000,123,852 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.13 15:01:59 | 000,102,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat
========== Files Created - No Company Name ==========
[2010.07.28 18:02:22 | 000,000,608 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.28 17:22:33 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords2.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_sign.slf
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010.07.28 17:12:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010.07.28 13:41:27 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.07.28 13:35:32 | 000,002,343 | ---- | C] () -- C:\Users\SeppoKing\Desktop\HiJackThis.lnk
[2010.05.01 18:22:22 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI
[2010.04.11 16:07:14 | 000,000,023 | ---- | C] () -- C:\Windows\clofghls.dll
[2009.10.19 22:42:07 | 000,000,004 | ---- | C] () -- C:\Windows\win32t4.dll
[2009.09.24 03:20:56 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 03:20:39 | 000,000,221 | ---- | C] () -- C:\Windows\System32\rcdb51.ini
[2009.07.19 23:25:22 | 000,000,495 | ---- | C] () -- C:\Windows\ULead32.ini
[2009.03.06 23:35:22 | 000,000,379 | ---- | C] () -- C:\Windows\psnetwork.ini
[2009.03.06 23:35:22 | 000,000,065 | ---- | C] () -- C:\Windows\powerplayer.ini
[2009.02.24 23:49:12 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.02.24 23:49:12 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.12.25 01:28:19 | 000,137,688 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008.12.25 01:15:36 | 000,000,277 | ---- | C] () -- C:\Windows\game.ini
[2008.11.08 20:25:21 | 000,000,742 | ---- | C] () -- C:\Windows\HotFixList.ini
[2008.11.08 20:22:44 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2008.11.08 20:22:44 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2008.11.08 20:20:45 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.05.04 19:08:55 | 000,020,480 | ---- | C] () -- C:\Windows\System32\CPUINFO2.DLL
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
========== LOP Check ==========
[2010.07.28 15:10:36 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\BitDefender
[2010.05.14 15:35:58 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.12.11 20:58:15 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\FreeFLVConverter
[2010.06.08 00:09:24 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\GlarySoft
[2010.03.19 04:50:00 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Leadertech
[2009.01.24 22:28:37 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\PeerNetworking
[2009.03.06 23:35:22 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\ppstream
[2010.04.05 21:53:16 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\temp
[2010.03.27 15:18:43 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\TuneUp Software
[2009.09.22 06:31:50 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\uTorrent
[2009.09.22 21:43:37 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Zylom
[2010.07.28 21:25:05 | 000,000,522 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job
[2010.07.28 21:24:37 | 000,000,308 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2010.07.28 21:16:38 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.07.28 21:47:25 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\SupBackGroundTask.job
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.02.03 16:34:32 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Adobe
[2009.12.24 23:37:05 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Apple Computer
[2010.07.27 22:54:45 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Avira
[2010.07.28 15:10:36 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\BitDefender
[2010.05.25 23:05:56 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\DivX
[2010.05.14 15:35:58 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.12.11 20:58:15 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\FreeFLVConverter
[2010.06.08 00:09:24 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\GlarySoft
[2009.01.10 12:12:13 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Google
[2009.09.22 21:43:37 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Identities
[2008.11.08 20:17:18 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\InstallShield
[2010.03.19 04:50:00 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Leadertech
[2008.11.08 21:46:47 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Macromedia
[2010.07.28 18:02:31 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Media Center Programs
[2010.07.23 02:11:40 | 000,000,000 | --SD | M] -- C:\Users\SeppoKing\AppData\Roaming\Microsoft
[2008.11.08 21:01:10 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Mozilla
[2009.01.24 22:28:37 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\PeerNetworking
[2009.03.06 23:35:22 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\ppstream
[2008.11.18 20:20:55 | 000,000,000 | RH-D | M] -- C:\Users\SeppoKing\AppData\Roaming\SecuROM
[2010.07.11 19:31:15 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Skype
[2010.07.11 19:30:56 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\skypePM
[2010.07.28 13:41:36 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\SUPERAntiSpyware.com
[2009.02.04 22:48:06 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\teamspeak2
[2010.04.05 21:53:16 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\temp
[2010.03.27 15:18:43 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\TuneUp Software
[2009.09.22 06:31:50 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\uTorrent
[2010.05.30 18:48:32 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\vlc
[2009.12.11 00:16:20 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Winamp
[2009.02.24 03:43:28 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\WinRAR
[2009.09.22 21:43:37 | 000,000,000 | ---D | M] -- C:\Users\SeppoKing\AppData\Roaming\Zylom
< %APPDATA%\*.exe /s >
[2010.02.13 20:52:44 | 000,038,784 | ---- | M] () -- C:\Users\SeppoKing\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2009.11.22 03:37:26 | 000,025,214 | R--- | M] () -- C:\Users\SeppoKing\AppData\Roaming\Microsoft\Installer\{2D5E623B-01E3-403C-B429-6ECA4B9B6BF4}\_D07EA5DB6B6853CE06300A.exe
[2009.11.22 03:37:26 | 000,025,214 | R--- | M] () -- C:\Users\SeppoKing\AppData\Roaming\Microsoft\Installer\{2D5E623B-01E3-403C-B429-6ECA4B9B6BF4}\_D507799F453783F1AAFA7F.exe
[2010.07.28 13:35:33 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\SeppoKing\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2009.01.28 16:32:50 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Users\SeppoKing\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2008.07.22 16:33:26 | 000,396,312 | ---- | M] (Intel Corporation) MD5=5C62352AFF7F1FB36B2C19329F7C949D -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.07.22 16:33:02 | 000,319,000 | ---- | M] (Intel Corporation) MD5=ABFEBC5F846C71AFEBD7F8F6BA740C03 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.07.22 16:33:02 | 000,319,000 | ---- | M] (Intel Corporation) MD5=ABFEBC5F846C71AFEBD7F8F6BA740C03 -- C:\Windows\System32\drivers\iaStor.sys
[2008.07.22 16:33:02 | 000,319,000 | ---- | M] (Intel Corporation) MD5=ABFEBC5F846C71AFEBD7F8F6BA740C03 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_783fb8da\iaStor.sys
[2008.06.16 22:38:10 | 000,318,488 | ---- | M] (Intel Corporation) MD5=F263A9036F8897FFA2AE54685E03AD60 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3506096f\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< End of report > gruß |