| Samsa000 | 12.04.2011 17:26 |
So... hier die anderen Logs
OTL.txt
OTL Logfile: Code:
OTL logfile created on: 12.04.2011 18:13:07 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Johannes\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 134,10 Gb Free Space | 28,79% Space Free | Partition Type: NTFS
Drive D: | 3,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: SAMSA | User Name: Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Johannes\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\Temp\Zje.exe (Jordan Russell)
PRC - C:\Windows\Temp\Zjd.exe (Jordan Russell)
PRC - C:\Windows\Temp\Zjc.exe (Jordan Russell)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
PRC - C:\Programme\Steam\Steam.exe (Valve Corporation)
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Discordia, LTD)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\Johannes\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Fun4IM Coordinator) -- File not found
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (mchInjDrv) -- C:\Users\Johannes\AppData\Local\Temp\mc2FFA2.tmp ()
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (volsnap) -- C:\Windows\system32\drivers\volsnap.sys ()
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (AtcL001) -- C:\Windows\System32\drivers\atl01v32.sys (Attansic Technology corporation.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2824382343-4151339049-1840443227-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/402
IE - HKU\S-1-5-21-2824382343-4151339049-1840443227-1000\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2824382343-4151339049-1840443227-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/402"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "hxxp://www.searchqu.com/web?src=ffb&systemid=402&q="
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 00:01:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.24 00:01:58 | 000,000,000 | ---D | M]
[2011.02.09 16:46:56 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Johannes\AppData\Roaming\mozilla\Extensions
[2011.03.23 21:37:28 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\zcrfhx6g.default\extensions
[2011.01.24 18:26:28 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\zcrfhx6g.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.02.27 23:59:46 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\zcrfhx6g.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.10.28 10:41:02 | 000,005,529 | -H-- | M] () -- C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\zcrfhx6g.default\searchplugins\SearchquWebSearch.xml
[2011.03.24 00:01:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.01.23 18:25:17 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.03.23 16:53:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.24 22:15:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
[2011.01.23 18:25:17 | 000,000,000 | ---D | M] (Skype extension) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
[2011.03.23 16:53:04 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.24 22:15:08 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.18 19:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2011.01.24 22:14:46 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2010.10.28 10:41:02 | 000,005,529 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
Hosts file not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - File not found
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Programme\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - File not found
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Programme\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O3 - HKU\S-1-5-21-2824382343-4151339049-1840443227-1000\..\Toolbar\WebBrowser: (BittorrentBar_DE Toolbar) - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Discordia, LTD)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [Metropolis] C:\Windows\System32\sshnas21.dll (Jordan Russell)
O4 - HKU\.DEFAULT..\Run: [W5E7SH31DG] C:\Windows\Temp\Zjd.exe (Jordan Russell)
O4 - HKU\S-1-5-18..\Run: [Metropolis] C:\Windows\System32\sshnas21.dll (Jordan Russell)
O4 - HKU\S-1-5-18..\Run: [W5E7SH31DG] C:\Windows\Temp\Zjd.exe (Jordan Russell)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2824382343-4151339049-1840443227-1000..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2824382343-4151339049-1840443227-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2824382343-4151339049-1840443227-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Johannes\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\wi9130~1\datamngr\datamngr.dll) - c:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Discordia, LTD)
O20 - AppInit_DLLs: (c:\progra~1\fun4im\bndhook.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Johannes\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Johannes\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.02.02 18:03:51 | 000,000,000 | ---D | M] - C:\Autorun -- [ NTFS ]
O32 - AutoRun File - [2009.10.07 22:14:39 | 000,000,035 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{3a45cd59-4c8c-11e0-863e-002354557565}\Shell - "" = AutoRun
O33 - MountPoints2\{3a45cd59-4c8c-11e0-863e-002354557565}\Shell\AutoRun\command - "" = E:\MoWAS_Setup.exe
O33 - MountPoints2\{7fd26ea0-26fe-11e0-addd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7fd26ea0-26fe-11e0-addd-806e6f6e6963}\Shell\AutoRun\command - "" = 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2011.04.12 18:10:10 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
[2011.04.12 18:09:13 | 000,180,736 | ---- | C] (Jordan Russell) -- C:\Windows\System32\sshnas21.dll
[2011.04.12 17:02:47 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Malwarebytes
[2011.04.12 17:02:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.12 17:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.12 17:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.12 17:01:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.12 17:01:59 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.04.12 16:59:15 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Johannes\Desktop\mal.exe
[2011.04.12 16:06:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.04.12 14:57:09 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{AEEE887D-A5B9-462A-8F9A-BD88C5CA49BF}
[2011.04.11 16:21:35 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{BE6D6B5B-5154-489A-8B94-D903FF14CC9F}
[2011.04.10 12:42:25 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{72858EC6-A08A-4F18-B7DA-7BC31478205D}
[2011.04.10 00:41:47 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{490DB069-F025-446E-A593-83642B75B518}
[2011.04.09 22:25:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2011.04.09 22:25:24 | 000,000,000 | ---D | C] -- C:\Programme\Lavalys
[2011.04.09 12:41:31 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{18E825B8-CE9C-4E6A-AC0C-0B9AFD7B25D2}
[2011.04.08 14:46:44 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{4FA3FD9A-2B4A-4105-895F-7B20250FBCBF}
[2011.04.07 14:07:14 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{50959048-A3A2-47F2-A383-89AC679A5512}
[2011.04.06 16:07:49 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{76E6C616-D0DA-4B26-BBAF-8B846E383E68}
[2011.04.05 15:15:24 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{FD10A02D-9CC7-4BEA-B0DB-E729CD81E047}
[2011.04.04 13:42:01 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{A221C9E7-B358-472E-ADB8-3F53F8F045A8}
[2011.04.03 10:56:13 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{9D66EE1F-4BD9-427F-858D-7915CEBAAA59}
[2011.04.02 18:06:44 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\Arktos
[2011.04.02 14:18:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\War Inc Battlezone
[2011.04.02 14:18:22 | 000,000,000 | ---D | C] -- C:\Programme\War Inc Battlezone
[2011.04.02 14:18:04 | 002,148,272 | -H-- | C] (Arktos Entertainment Group LLC ) -- C:\Users\Johannes\Desktop\WarInc_WebSetup.exe
[2011.04.02 11:53:12 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{2C01F727-D28D-4AEA-A5C9-DE3E552669B1}
[2011.04.01 16:07:43 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{5F9A686C-FD10-498F-8DF6-42DAB2CE13C3}
[2011.03.31 16:29:08 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{5201A3D4-30FD-42EB-BA07-060B37135106}
[2011.03.30 16:14:49 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{CA1B586F-DCB1-4662-A9E8-43B546BE762F}
[2011.03.29 14:34:56 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{8DC0ECC7-1D4B-43E2-9296-D295EE1BAE97}
[2011.03.29 14:17:10 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2011.03.29 14:17:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.03.29 14:17:08 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn Hamachi
[2011.03.28 15:03:56 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{5D30988C-97CD-4EC7-A0F1-D94F397A178B}
[2011.03.27 16:44:16 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{B414F018-8E39-4EB3-B6A1-369AC8E98B18}
[2011.03.25 20:58:07 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Roaming\NVIDIA
[2011.03.25 20:58:01 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\LAG
[2011.03.25 20:58:01 | 000,000,000 | ---D | C] -- C:\ProgramData\LAG
[2011.03.25 20:57:47 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard
[2011.03.25 15:13:15 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{7A1E796E-8CC1-4503-B91E-A6D871FA8D8E}
[2011.03.24 18:25:12 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{E72E7A4F-5A9B-4C52-B13D-27B6AE0124E8}
[2011.03.23 18:26:10 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\Schule
[2011.03.23 16:56:54 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Roaming\OpenOffice.org
[2011.03.23 16:54:52 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2011.03.23 16:53:59 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3
[2011.03.23 16:52:38 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.03.23 16:52:38 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.03.23 16:50:45 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\Desktop\OpenOffice.org 3.3 (de) Installation Files
[2011.03.23 16:40:26 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{3E879095-B04B-4644-8CBF-777E68F36AEA}
[2011.03.22 16:09:38 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{BB2C374A-E842-4261-B291-77834784D81C}
[2011.03.21 16:09:26 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{CC2DAC8A-0A92-4BED-917D-6C019AAAE185}
[2011.03.20 19:36:33 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\Wings of Prey
[2011.03.20 19:36:18 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\WOP
[2011.03.20 19:36:18 | 000,000,000 | ---D | C] -- C:\ProgramData\WOP
[2011.03.20 12:49:56 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{12FBD497-9763-4EB9-90B6-CBFCCE6F67BB}
[2011.03.20 00:49:19 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{F5CEEBB2-CD5E-4D59-8160-58AB24D250B5}
[2011.03.20 00:34:13 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2011.03.20 00:34:12 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\Adobe
[2011.03.20 00:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.03.20 00:34:11 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Roaming\Adobe
[2011.03.20 00:07:55 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\Desktop\Photoshop Portable
[2011.03.19 12:48:41 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{75F33F7B-04E5-4788-9FCF-62906A3E1283}
[2011.03.18 23:24:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
[2011.03.18 23:24:39 | 000,000,000 | ---D | C] -- C:\Sierra
[2011.03.18 20:56:20 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\Desktop\Bla
[2011.03.18 20:13:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company
[2011.03.18 17:26:42 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{215902EA-2B08-4CF4-BCCA-AC8BEDA90022}
[2011.03.17 16:00:19 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{03285AC8-15E7-4C5F-9376-499FABEF3F9F}
[2011.03.16 18:06:43 | 000,000,000 | ---D | C] -- C:\Programme\LucasArts
[2011.03.16 18:06:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
[2011.03.16 17:05:51 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{8BDA518F-3B2F-42BF-A121-BA9DF46BD5F0}
[2011.03.15 20:18:57 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\Warhammer Mark of Chaos
[2011.03.15 19:53:10 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\Documents\Warhammer Mark of Chaos
[2011.03.15 19:46:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2011.03.15 19:40:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAMCO BANDAI Games
[2011.03.15 19:40:43 | 000,000,000 | ---D | C] -- C:\Programme\NAMCO BANDAI Games
[2011.03.15 19:06:04 | 000,000,000 | -H-D | C] -- C:\Users\Johannes\AppData\Local\{76D62A02-C262-4DC1-A1B1-C69B9D383AD4}
[2011.01.23 19:42:34 | 000,632,320 | -H-- | C] (Salt Int'l Coporation) -- C:\Users\Johannes\AppData\Local\ujoyomebufebosuy.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.04.12 18:13:02 | 000,638,972 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.12 18:13:02 | 000,604,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.12 18:13:02 | 000,131,012 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.12 18:13:02 | 000,107,898 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.12 18:10:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
[2011.04.12 18:09:25 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.04.12 18:09:22 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.04.12 18:09:19 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.04.12 18:09:13 | 000,180,736 | ---- | M] (Jordan Russell) -- C:\Windows\System32\sshnas21.dll
[2011.04.12 18:06:06 | 000,004,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.12 18:06:06 | 000,004,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.12 18:05:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.12 18:05:52 | 3218,214,912 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.12 17:02:02 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.12 16:59:31 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Johannes\Desktop\mal.exe
[2011.04.12 16:38:19 | 135,320,035 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.04.12 16:23:10 | 000,000,136 | ---- | M] () -- C:\ProgramData\~42327816r
[2011.04.12 16:23:10 | 000,000,104 | ---- | M] () -- C:\ProgramData\~42327816
[2011.04.12 15:59:35 | 000,000,581 | -H-- | M] () -- C:\Users\Johannes\Desktop\Windows Restore.lnk
[2011.04.12 15:59:27 | 000,000,336 | ---- | M] () -- C:\ProgramData\42327816
[2011.04.09 22:25:25 | 000,000,907 | -H-- | M] () -- C:\Users\Johannes\Desktop\EVEREST Home Edition.lnk
[2011.04.02 14:17:49 | 002,148,272 | -H-- | M] (Arktos Entertainment Group LLC ) -- C:\Users\Johannes\Desktop\WarInc_WebSetup.exe
[2011.03.27 19:53:56 | 000,021,840 | ---- | M] () -- C:\Windows\System32\SIntfNT.dll
[2011.03.27 19:53:56 | 000,017,212 | ---- | M] () -- C:\Windows\System32\SIntf32.dll
[2011.03.27 19:53:56 | 000,012,067 | ---- | M] () -- C:\Windows\System32\SIntf16.dll
[2011.03.24 18:22:03 | 000,257,496 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.03.24 00:02:01 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.03.23 16:57:24 | 000,001,028 | -H-- | M] () -- C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011.03.23 16:54:52 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2011.03.18 23:29:04 | 000,001,585 | ---- | M] () -- C:\Users\Public\Desktop\Empire Earth.lnk
[2011.03.18 23:24:40 | 000,000,218 | ---- | M] () -- C:\Windows\SIERRA.INI
[2011.03.18 20:56:55 | 000,001,129 | -H-- | M] () -- C:\Users\Johannes\Desktop\mow_assault_squad.exe - Verknüpfung.lnk
[2011.03.15 19:40:43 | 000,001,731 | ---- | M] () -- C:\Users\Public\Desktop\Warhammer® Mark of Chaos™.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.04.12 18:09:22 | 000,000,252 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.04.12 18:09:19 | 000,000,252 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.04.12 18:09:16 | 000,000,252 | -H-- | C] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.04.12 18:05:52 | 3218,214,912 | -HS- | C] () -- C:\hiberfil.sys
[2011.04.12 17:02:02 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.12 16:06:12 | 135,320,035 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.04.12 15:59:36 | 000,000,136 | ---- | C] () -- C:\ProgramData\~42327816r
[2011.04.12 15:59:36 | 000,000,104 | ---- | C] () -- C:\ProgramData\~42327816
[2011.04.12 15:59:35 | 000,000,581 | -H-- | C] () -- C:\Users\Johannes\Desktop\Windows Restore.lnk
[2011.04.12 15:59:27 | 000,000,336 | ---- | C] () -- C:\ProgramData\42327816
[2011.04.09 22:25:25 | 000,000,907 | -H-- | C] () -- C:\Users\Johannes\Desktop\EVEREST Home Edition.lnk
[2011.03.24 00:02:01 | 000,000,858 | -H-- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.03.23 16:57:24 | 000,001,028 | -H-- | C] () -- C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011.03.23 16:54:52 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2011.03.18 23:29:04 | 000,001,585 | ---- | C] () -- C:\Users\Public\Desktop\Empire Earth.lnk
[2011.03.18 23:24:54 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2011.03.18 23:24:53 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2011.03.18 23:24:53 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2011.03.18 23:24:40 | 000,000,218 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011.03.18 20:56:45 | 000,001,129 | -H-- | C] () -- C:\Users\Johannes\Desktop\mow_assault_squad.exe - Verknüpfung.lnk
[2011.03.15 19:40:43 | 000,001,731 | ---- | C] () -- C:\Users\Public\Desktop\Warhammer® Mark of Chaos™.lnk
[2011.03.09 22:17:06 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.02.25 19:48:53 | 000,000,992 | ---- | C] () -- C:\Windows\disney.ini
[2011.02.15 19:02:41 | 000,138,416 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.02.15 19:02:41 | 000,138,056 | -H-- | C] () -- C:\Users\Johannes\AppData\Roaming\PnkBstrK.sys
[2011.02.15 19:02:03 | 000,270,904 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.02.15 19:02:01 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.02.15 19:01:56 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2011.01.28 21:27:40 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.01.23 23:06:28 | 000,004,608 | -H-- | C] () -- C:\Users\Johannes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.23 19:42:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.01.23 19:42:35 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.01.23 19:42:17 | 000,226,280 | ---- | C] () -- C:\Windows\System32\drivers\volsnap.sys
[2011.01.23 18:31:03 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.01.23 18:29:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.01.23 17:25:32 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.01.23 16:47:24 | 000,000,680 | -H-- | C] () -- C:\Users\Johannes\AppData\Local\d3d9caps.dat
[2008.01.21 10:21:25 | 000,638,972 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 10:21:25 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 10:21:25 | 000,131,012 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 10:21:25 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:44:53 | 000,257,496 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,604,566 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,107,898 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2004.08.13 10:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
========== LOP Check ==========
[2011.01.24 21:59:36 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\.minecraft
[2011.02.20 18:20:26 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\.Nitrous
[2011.02.10 16:35:47 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Bandoo
[2011.04.12 18:06:55 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\BitTorrent
[2011.01.23 23:05:12 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Canneverbe Limited
[2011.02.03 18:42:00 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\DAEMON Tools Lite
[2011.02.25 20:14:03 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Disney Interactive Studios
[2011.02.27 23:59:46 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.01.29 00:03:09 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\LolClient
[2011.03.23 16:56:54 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\OpenOffice.org
[2011.01.23 22:55:53 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\six-rsync
[2011.03.11 19:17:42 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\six-updater
[2011.02.09 20:26:20 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\The Creative Assembly
[2011.01.23 20:42:56 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\TS3Client
[2011.01.26 23:38:39 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\wargaming.net
[2011.04.12 16:31:39 | 000,032,572 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.04.12 18:09:22 | 000,000,252 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.04.12 18:09:19 | 000,000,252 | -H-- | M] () -- C:\Windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.04.12 18:09:25 | 000,000,252 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.01.24 21:59:36 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\.minecraft
[2011.02.20 18:20:26 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\.Nitrous
[2011.04.12 15:53:35 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Adobe
[2011.02.21 17:18:18 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Adobe-BackupByPhotoshopCS4Portable
[2011.02.10 16:35:47 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Bandoo
[2011.04.12 18:06:55 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\BitTorrent
[2011.01.23 23:05:12 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Canneverbe Limited
[2011.02.03 18:42:00 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\DAEMON Tools Lite
[2011.02.25 20:14:03 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Disney Interactive Studios
[2011.02.27 23:59:46 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.01.23 16:47:28 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Identities
[2011.01.28 20:01:40 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\InstallShield
[2011.01.29 00:03:09 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\LolClient
[2011.01.23 17:28:52 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Macromedia
[2011.04.12 17:02:47 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Malwarebytes
[2011.02.21 17:18:18 | 000,000,000 | --SD | M] -- C:\Users\Johannes\AppData\Roaming\Microsoft
[2011.02.09 16:47:01 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Mozilla
[2011.03.25 20:58:07 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\NVIDIA
[2011.03.23 16:56:54 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\OpenOffice.org
[2011.02.15 22:42:00 | 000,000,000 | RH-D | M] -- C:\Users\Johannes\AppData\Roaming\SecuROM
[2011.01.23 22:55:53 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\six-rsync
[2011.03.11 19:17:42 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\six-updater
[2011.04.11 22:53:15 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Skype
[2011.04.11 20:32:53 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\skypePM
[2011.02.09 20:26:20 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\The Creative Assembly
[2011.01.23 20:42:56 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\TS3Client
[2011.01.26 23:38:39 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\wargaming.net
[2011.02.28 00:18:01 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\Winamp
[2011.03.12 21:43:40 | 000,000,000 | -H-D | M] -- C:\Users\Johannes\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2011.01.16 16:55:21 | 000,255,488 | -H-- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\Johannes\AppData\Local\Temp\RarSFX0\procs\explorer.exe
[2011.01.16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\Johannes\AppData\Local\Temp\RarSFX1\procs\explorer.exe
[2011.01.16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\Johannes\AppData\Local\Temp\RarSFX2\procs\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2005.08.16 02:54:58 | 000,001,536 | ---- | M] () MD5=53E979547D8C2EA86560AC45DE08AE25 -- C:\Users\Johannes\AppData\Local\Temp\RarSFX3\h\explorer.exe
[2011.01.16 16:55:21 | 000,255,488 | ---- | M] () MD5=A09B6C794B2A02C1D3412FA53231138B -- C:\Users\Johannes\AppData\Local\Temp\RarSFX3\procs\explorer.exe
[2005.08.16 02:54:58 | 000,001,536 | -H-- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\Johannes\AppData\Local\Temp\RarSFX0\h\explorer.exe
[2005.08.16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\Johannes\AppData\Local\Temp\RarSFX1\h\explorer.exe
[2005.08.16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\Johannes\AppData\Local\Temp\RarSFX2\h\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTORV.SYS >
[2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2008.01.21 04:34:02 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2009.05.26 19:47:22 | 000,031,232 | ---- | M] () MD5=9CC544B7333C1F741765CE8AFC8B8F27 -- C:\Users\Johannes\AppData\Local\Temp\RarSFX3\userinit.exe
[2009.05.26 19:47:22 | 000,031,232 | -H-- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\Johannes\AppData\Local\Temp\RarSFX0\userinit.exe
[2009.05.26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\Johannes\AppData\Local\Temp\RarSFX1\userinit.exe
[2009.05.26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\Johannes\AppData\Local\Temp\RarSFX2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009.05.26 19:47:22 | 000,031,232 | -H-- | M] () MD5=9CC544B7333C1F741765CE8AFC8B8F27 -- C:\Users\Johannes\AppData\Local\Temp\RarSFX0\winlogon.exe
[2009.05.26 19:47:22 | 000,031,232 | ---- | M] () MD5=9CC544B7333C1F741765CE8AFC8B8F27 -- C:\Users\Johannes\AppData\Local\Temp\RarSFX1\winlogon.exe
[2009.05.26 19:47:22 | 000,031,232 | ---- | M] () MD5=9CC544B7333C1F741765CE8AFC8B8F27 -- C:\Users\Johannes\AppData\Local\Temp\RarSFX2\winlogon.exe
[2009.05.26 19:47:22 | 000,031,232 | ---- | M] () MD5=9CC544B7333C1F741765CE8AFC8B8F27 -- C:\Users\Johannes\AppData\Local\Temp\RarSFX3\winlogon.exe
[2008.01.21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 04:34:35 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:34:35 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.21 04:34:07 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2008.01.21 04:34:07 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll[/QUOTE]
Extras.Txt
[QUOTE]OTL Extras logfile created on: 12.04.2011 18:13:07 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Johannes\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 134,10 Gb Free Space | 28,79% Space Free | Partition Type: NTFS
Drive D: | 3,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: SAMSA | User Name: Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-2824382343-4151339049-1840443227-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04CDDAAC-1BD4-43DD-8BF0-EC8277F790D0}" = lport=6942 | protocol=6 | dir=in | name=league of legends launcher |
"{1994363F-8CE1-4953-B5EF-8DF90CF00B4E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{29394BDF-CBCE-4AB3-B2A0-477F08B35A33}" = lport=6918 | protocol=17 | dir=in | name=league of legends launcher |
"{3D1C6BCD-E504-45AE-B3A9-B8588C85E7FE}" = lport=6936 | protocol=17 | dir=in | name=league of legends launcher |
"{3D30A4FB-EA60-42B5-AB85-E1B678EC0DF9}" = lport=6936 | protocol=6 | dir=in | name=league of legends launcher |
"{5151CDE7-D9CE-4A05-9EF4-98F4CFC02292}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{871202EF-E2E9-45B5-9A48-3C87D22AC125}" = lport=6907 | protocol=17 | dir=in | name=league of legends launcher |
"{92E5EA68-1587-4E1B-A68C-770528C8B1E0}" = lport=6905 | protocol=17 | dir=in | name=league of legends launcher |
"{9AB2367B-F450-4282-BDE6-14A852E50C29}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{AC4DDB5A-CDCB-4CEC-B886-DDC77C2914FC}" = lport=6907 | protocol=6 | dir=in | name=league of legends launcher |
"{AFC2E389-3F1C-4F36-A1FD-717A3E124C61}" = lport=6918 | protocol=6 | dir=in | name=league of legends launcher |
"{B94EF325-76EA-45DB-8550-B10AC27F32C9}" = lport=6905 | protocol=6 | dir=in | name=league of legends launcher |
"{C77FA95F-5B3A-45EC-95FD-EEB49DCDD2BB}" = lport=6942 | protocol=17 | dir=in | name=league of legends launcher |
"{FEAE4DE7-9193-4D38-8F66-0E6262F06FE5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006A2817-B5CD-4752-B001-6487ACBFCC81}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 |
"{012B3755-1944-4F0B-94D2-8EB773C21E73}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\lead and gold gangs of the wild west\lag_win32_public_dev.exe |
"{0F72BA39-A603-4B1D-9294-A49321FA63F8}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{1366E315-B582-4040-92FD-3747C2323811}" = protocol=6 | dir=in | app=c:\program files\dragon age 2 demo\bin_ship\dragonage2demo.exe |
"{24D236A3-9D3F-4B70-97A6-68821BA2650F}" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe |
"{2F9A4704-1351-4F59-B2EA-A4732383242E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{49D9A568-6C1A-4D28-9AA7-1C0B3B95DE45}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{5148C816-4590-4BAC-AA91-C7E7396359F2}" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe |
"{54A93BDB-B9BD-4A1D-AAAB-ED1F05DCF815}" = protocol=17 | dir=in | app=c:\program files\dragon age 2 demo\dragonage2launcher.exe |
"{58105A3E-CF42-429B-80BA-CE3026300FA9}" = protocol=6 | dir=in | app=c:\program files\dragon age 2 demo\dragonage2launcher.exe |
"{596094CB-C3F3-4077-98FC-67FD6B76542D}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2\arma2oa.exe |
"{5DFDB0A7-4AC6-4EEA-9E5F-9CCED170AB48}" = protocol=58 | dir=in | app=system |
"{6112A4CE-5405-4AC8-B4AF-895780889EA7}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{63D57DCF-0C1E-44FC-875D-D187EB264F2F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\wings of prey\launcher.exe |
"{65C8BAE7-FC83-4FEE-9810-5CDCA76BD5B3}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{6D3B5553-E21C-4522-B48B-5C8027FDA8FB}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{6F5D352D-AD43-43A3-9977-16C2B602594A}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{7192613A-50D5-44A5-92A8-1A2B333BD635}" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{75148632-E05B-4560-BCE4-6976739997BF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{7F6CCB97-1A0B-47D4-8962-AD5576C3B75E}" = dir=in | app=c:\program files\war inc battlezone\warinc.exe |
"{8D8B8172-8164-41B5-A279-9A4033C238AF}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8E4F4834-7B19-4E5C-9825-CD5E61BED105}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{95B86202-4ED2-4881-9286-D764A38A1230}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{9725AA47-7F9E-442D-9E40-9857B5969A91}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{99ED27B4-1A43-4905-98AA-4491F1C77431}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\empire total war\empire.exe |
"{9A1A1F43-9067-43B7-BAD6-A16430488417}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9A1A429B-6676-414C-9339-E44AD33FA95B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{9B0AF33F-D3F4-4246-9587-E0BF66F8306A}" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe |
"{9DCB0FF4-3EE3-4F81-8F92-B221F481B8F0}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{A3B419B7-1CFA-4EC3-8E5E-C5374516D5D8}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\empire total war\empire.exe |
"{A4FBD887-6FD0-453D-8293-9DDAA6B2BD4D}" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_launcher.exe |
"{AACB434E-E277-4EF9-B4E6-89CFC71B6C7A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{AC0460CE-3BE1-48D3-B689-AB8E09E4DC8B}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{AFF29B1C-555A-4CB4-B8C7-6704AE7BA1BA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{B2ED318F-FB59-4FDC-8FF4-9F52C0749EC1}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{B65EBF0D-763E-434B-AA77-899A47EF933D}" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe |
"{B707C115-FD2C-4223-8A3B-0F45C02040D6}" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{B70CA955-0B0C-4745-95D3-8B58FB53B895}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B965E991-3DF6-4409-9288-92EB54386274}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\lead and gold gangs of the wild west\lag_win32_public_dev.exe |
"{BB50D399-DB5A-4D18-8523-3704D36C8470}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{BD97CFC4-C740-47DB-B453-090B6FA579F7}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{BDA37955-76AA-437C-B226-F956235AD061}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BE774229-177F-4A1B-8216-43B20EE04510}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{BFABFD31-431B-4175-8561-1EBFFACB39D0}" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_launcher.exe |
"{C2C350F4-9CCD-42AC-AC3D-C35C5D268FAB}" = protocol=17 | dir=in | app=c:\program files\dragon age 2 demo\bin_ship\dragonage2demo.exe |
"{CE43B7DB-941A-471D-8763-43FC9D59CDFA}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis 2 demo\bin32\crysis2launcher.exe |
"{D37AAACC-D76E-4C46-9F30-57C285B859FF}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{D8E7C024-67DC-45D7-A87A-3749DB7A0371}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD59049B-67C2-44B7-9167-33CAD510B11F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{EABE4465-3A3C-41E5-8719-5B9663B7CA9A}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2\arma2oa.exe |
"{F271B010-6035-4B16-87FD-80B672EE4F61}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{F2A81310-0CB0-46F5-84D0-ED967440B29F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{F862ADC0-DD76-44B0-8365-9F34517A1A63}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis 2 demo\bin32\crysis2launcher.exe |
"{F8EC3EB7-843C-4EB3-B8EB-809281A801ED}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\wings of prey\launcher.exe |
"TCP Query User{069CDF4C-CAB7-48ED-AD75-D175F559C429}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"TCP Query User{0905F07D-D4CF-467A-A468-449E35E5E3DB}C:\program files\bohemia interactive\arma 2\arma2.exe" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2\arma2.exe |
"TCP Query User{1E00B5B6-4CB9-440A-9B70-16C3C53EFB1F}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{353764D8-EC78-431C-925C-0A58C388737D}C:\program files\namco bandai games\warhammer® mark of chaos\warhammer.exe" = protocol=6 | dir=in | app=c:\program files\namco bandai games\warhammer® mark of chaos\warhammer.exe |
"TCP Query User{3D498730-9CC5-4097-AD27-622EB3467276}C:\sierra\empire earth\empire earth.exe" = protocol=6 | dir=in | app=c:\sierra\empire earth\empire earth.exe |
"TCP Query User{4169EB72-50C8-4660-BF45-9383DB57E021}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{4B1DDCF7-82D9-451B-BB3A-3D366DC2C14A}C:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{681F1EBE-A14F-433F-9F00-7F67D629AFBC}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:\program files\thq\dawn of war - soulstorm\soulstorm.exe |
"TCP Query User{8056D92A-F0BE-495B-8EC5-42C896179278}C:\games\world_of_tanks_closed_beta\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks_closed_beta\wotlauncher.exe |
"TCP Query User{8D614789-05E9-41FE-82CF-1261EEBC3144}C:\program files\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe |
"TCP Query User{902A4D73-B37B-4E55-B783-253CECEF9093}C:\games\world_of_tanks_closed_beta\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks_closed_beta\worldoftanks.exe |
"TCP Query User{9D2E4E43-9D2E-45F7-9386-07C7647FCCD8}C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold crusader.exe |
"TCP Query User{B5350997-2E48-4B84-A35D-E34AE0C4FB3C}C:\program files\1c company\men of war. assault squad\mow_assault_squad.exe" = protocol=6 | dir=in | app=c:\program files\1c company\men of war. assault squad\mow_assault_squad.exe |
"TCP Query User{C30044AF-0B54-4478-942F-254E395F6015}C:\program files\six-updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files\six-updater\tools\bin\rsync.exe |
"TCP Query User{DA9387FE-6F45-464C-A77A-58D6738A090B}C:\program files\steam\steamapps\common\wings of prey\acess.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\wings of prey\acess.exe |
"UDP Query User{06F9516F-C763-4AE7-B4F6-9EF3ED5D93EE}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{2DF32DAC-5238-49E3-A5A9-9AB639E81036}C:\program files\namco bandai games\warhammer® mark of chaos\warhammer.exe" = protocol=17 | dir=in | app=c:\program files\namco bandai games\warhammer® mark of chaos\warhammer.exe |
"UDP Query User{3BDEC57F-D531-41AF-B6CE-09C91E4F8BEC}C:\program files\bohemia interactive\arma 2\arma2.exe" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2\arma2.exe |
"UDP Query User{5DE3B2DE-91E5-4C09-A46E-9BBDD442F0F8}C:\program files\1c company\men of war. assault squad\mow_assault_squad.exe" = protocol=17 | dir=in | app=c:\program files\1c company\men of war. assault squad\mow_assault_squad.exe |
"UDP Query User{6E1BC7CE-6E5D-4FFD-9B9F-C6BE9B2D2660}C:\program files\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe |
"UDP Query User{72B5B100-18D8-4988-B611-8650F08438C9}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:\program files\thq\dawn of war - soulstorm\soulstorm.exe |
"UDP Query User{85FBB0B8-FB0A-49BA-AD49-C089AA0F1BB5}C:\program files\six-updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files\six-updater\tools\bin\rsync.exe |
"UDP Query User{8A786248-D467-4296-941B-FEA4B32D9687}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"UDP Query User{9B3C2FAD-511B-40F7-8D08-056C58EC0272}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{AFBC2D93-E138-40DC-A2B9-7D794038EF88}C:\sierra\empire earth\empire earth.exe" = protocol=17 | dir=in | app=c:\sierra\empire earth\empire earth.exe |
"UDP Query User{B49BFDAE-9C49-4236-AABA-F512F25F09AE}C:\games\world_of_tanks_closed_beta\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks_closed_beta\wotlauncher.exe |
"UDP Query User{C50045D8-C713-4DA6-8280-13196AF71223}C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold crusader.exe |
"UDP Query User{E8C70A34-49F0-4A6B-A05A-06EF81AF553A}C:\program files\steam\steamapps\common\wings of prey\acess.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\wings of prey\acess.exe |
"UDP Query User{F8A253B1-209B-4496-8735-8B474637D50C}C:\games\world_of_tanks_closed_beta\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks_closed_beta\worldoftanks.exe |
"UDP Query User{FA0D7073-9A9C-458D-BFE8-CCFC3FB5F4F4}C:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.5
"{1BF4CB15-6055-452A-8487-021AE2D91208}" = Crysis® 2 Demo
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks closed Beta v.0.6.2.8
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Ethernet Utility
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20533183-D42D-4261-A125-956736FBEA8C}" = Dawn of War - Soulstorm
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D565319-8B91-41cb-961C-0DDC86101AC5}" = Dragon Age II Demo
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{5731C0A8-B266-451A-8D3F-8066AA21836F}" = Tom Clancy's Rainbow Six Vegas
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5F374D5D-DB43-4263-9C29-BAB2C93FEFE6}" = Warhammer® Mark of Chaos
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6E19F210-3813-4002-B561-94D66AA182B6}" = Attansic L1 Gigabit Ethernet Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83F12F73-D52E-40C0-93B1-463C311C4E17}" = Dawn Of War
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E4F0E65-209E-4713-8BE2-7F8802BB3987}_is1" = War Inc Battlezone version 0.9.1
"{A2B3C27C-1F09-47C6-9A90-9683BEFD7963}" = Dawn of War - Soulstorm
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{D8B5C1BB-5951-422D-A4D5-451675614956}_is1" = Men of War: Assault Squad (Remove Only)
"{D8B5C1BB-5951-422D-A4D5-451675614956}_update1.81.2" = Update 1.81.2 for "Men of War: Assault Squad"
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF39FC01-819B-42E4-AE49-1968AF12DDD4}" = Dawn of War - Dark Crusade
"{FF3C203A-2F19-43A2-9C7C-EC1B5A0FC873}" = Pure
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"ArmA2" = ArmA2 Uninstall
"BattlEye" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"BitTorrent" = BitTorrent
"BittorrentBar_DE Toolbar" = BittorrentBar_DE Toolbar
"Blitzkrieg" = Blitzkrieg Mod
"Company of Heroes" = Company of Heroes
"conduitEngine" = Conduit Engine
"DAEMON Tools Lite" = DAEMON Tools Lite
"DarthMod Ultimate Commander Edition" = DarthMod Ultimate Commander Edition
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.33
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"Revo Uninstaller" = Revo Uninstaller 1.91
"Searchqu MediaBar" = Windows Searchqu Toolbar
"Six Updater Suite" = Six Updater Suite
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 10500" = Empire: Total War
"Steam App 300" = Day of Defeat: Source
"Steam App 42120" = Lead and Gold - Gangs of the Wild West
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 45300" = Wings of Prey
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2824382343-4151339049-1840443227-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Third Age - Total War 2.0 (Part1of2)" = Third Age - Total War 2.0 (Part1of2)
"Third Age - Total War 2.0 (Part2of2)" = Third Age - Total War 2.0 (Part2of2)
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12.04.2011 12:11:53 | Computer Name = Samsa | Source = Windows Search Service | ID = 3013
Description =
Error - 12.04.2011 12:11:53 | Computer Name = Samsa | Source = Windows Search Service | ID = 3013
Description =
Error - 12.04.2011 12:11:53 | Computer Name = Samsa | Source = Windows Search Service | ID = 3013
Description =
Error - 12.04.2011 12:11:53 | Computer Name = Samsa | Source = Windows Search Service | ID = 3013
Description =
Error - 12.04.2011 12:11:53 | Computer Name = Samsa | Source = Windows Search Service | ID = 3013
Description =
Error - 12.04.2011 12:11:53 | Computer Name = Samsa | Source = Windows Search Service | ID = 3013
Description =
Error - 12.04.2011 12:11:53 | Computer Name = Samsa | Source = Windows Search Service | ID = 3013
Description =
Error - 12.04.2011 12:11:53 | Computer Name = Samsa | Source = Windows Search Service | ID = 3013
Description =
Error - 12.04.2011 12:11:53 | Computer Name = Samsa | Source = Windows Search Service | ID = 3013
Description =
Error - 12.04.2011 12:13:49 | Computer Name = Samsa | Source = SPP | ID = 16387
Description =
[ System Events ]
Error - 24.02.2011 14:56:52 | Computer Name = Samsa | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom1.
Error - 24.02.2011 14:56:52 | Computer Name = Samsa | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom1.
Error - 24.02.2011 14:56:52 | Computer Name = Samsa | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom1.
Error - 24.02.2011 14:56:53 | Computer Name = Samsa | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom1.
Error - 24.02.2011 14:56:53 | Computer Name = Samsa | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom1.
Error - 24.02.2011 14:56:53 | Computer Name = Samsa | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom1.
Error - 24.02.2011 14:56:53 | Computer Name = Samsa | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom1.
Error - 24.02.2011 14:56:53 | Computer Name = Samsa | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom1.
Error - 24.02.2011 14:56:53 | Computer Name = Samsa | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom1.
Error - 24.02.2011 14:56:53 | Computer Name = Samsa | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom1.
< End of report >
--- --- --- |
