Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: hotkeyshook und anderes Ungemach?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.02.2011, 17:21   #1
llemuroc
 
hotkeyshook und anderes Ungemach? - Standard

hotkeyshook und anderes Ungemach?



Hallo auch!

Wegen dem Download eines Trainers für Dead Space 2 von Code5.de öffneten sich eine Unmenge von Fenstern, habe ich mich hier etwas umgesehen und bin auf Malwarebytes' Anti-Malware gestossen. Die verdächtige Datei habe ich nebst Antivir auch über hxxp://virusscan.jotti.org/en geprüft und auch gelöscht. MbAM hat auch die hier im Forum beschriebene hotkeyshook.dll gefunden. (c:\Windows\System32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully). Das Problem ist auch nicht mehr aufgetreten und zumindest der Schnellscan ist sauber.

Wegen diesem Forum bin ich allerdings auch auf OTL gestossen und da ich doch immer mal wieder auf die eine oder andere seltsame Internet-Site mit verdächtigen Nachrichten gelange (z.B. Zum Abbrechen der Insallation klicken sie Cancel.) habe ich ein Logfile erstellt und möchte gerne wissen, ob da sonst noch Ungemach verborgen liegt.

HijackThis (hxxp://www.hijackthis.de/de#anl) gibt mir übrigens an, dass mein Logfile nur sichere Einträge beinhaltet. Spybot ist aktuell und findet ebenfalls nichts.

Für eine Beurteilung der Log-Files wäre ich dankbar. Ich hoffe, alle nötigen Informationen sind enthalten und das Vorgehen korrekt. Ist mein erster Beitrag hier.

Freundliche Grüsse

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 18.02.2011 16:48:39 - Run 4
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\***\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 39.00% Memory free
7.00 Gb Paging File | 4.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.52 Gb Total Space | 437.70 Gb Free Space | 46.99% Space Free | Partition Type: NTFS
Drive D: | 2.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10m_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
PRC - C:\Programme\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
PRC - C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
PRC - C:\Programme\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Programme\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Programme\Logitech\GamePanel Software\LGDevAgt.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\WMPSideShowGadget.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\sttray.exe (SigmaTel, Inc.)
PRC - C:\Games\CleanCache 3.0\CleanCache.exe (ButtUglySoftware)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\PC Tools Security\smum32.dll (PC Tools)
MOD - C:\Programme\PC Tools Security\PCTGMhk.dll (PC Tools)
MOD - C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (Check Point Software Technologies)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll (Microsoft Corporation)
MOD - C:\Windows\System32\WindowsCodecs.dll (Microsoft Corporation)
MOD - C:\Windows\System32\EhStorShell.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cscapi.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (NMIndexingService) -- File not found
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Browser Defender Update Service) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (sdCoreService) -- C:\Programme\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (sdAuxService) -- C:\Programme\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (DAUpdaterSvc) -- C:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (MSSQL$BWDATOOLSET) SQL Server (BWDATOOLSET) -- C:\Program Files\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (getPlus(R) Helper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (msvsmon80) -- c:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (pctEFA) -- C:\Windows\system32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- C:\Windows\system32\drivers\pctDS.sys (PC Tools)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LHidEqd) -- C:\Windows\System32\drivers\LHidEqd.sys (Logitech, Inc.)
DRV - (LEqdUsb) -- C:\Windows\System32\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (s3117obex) -- C:\Windows\System32\drivers\s3117obex.sys (MCCI Corporation)
DRV - (s3117mdfl) -- C:\Windows\System32\drivers\s3117mdfl.sys (MCCI Corporation)
DRV - (s3117mdm) -- C:\Windows\System32\drivers\s3117mdm.sys (MCCI Corporation)
DRV - (s3117unic) Sony Ericsson Device 3117 USB Ethernet Emulation SEMC3117 (WDM) -- C:\Windows\System32\drivers\s3117unic.sys (MCCI Corporation)
DRV - (s3117mgmt) Sony Ericsson Device 3117 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s3117mgmt.sys (MCCI Corporation)
DRV - (s3117nd5) Sony Ericsson Device 3117 USB Ethernet Emulation SEMC3117 (NDIS) -- C:\Windows\System32\drivers\s3117nd5.sys (MCCI Corporation)
DRV - (s3117bus) Sony Ericsson Device 3117 driver (WDM) -- C:\Windows\System32\drivers\s3117bus.sys (MCCI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (JmtFltr) -- C:\Windows\System32\drivers\JmtFltr.sys ()
DRV - (vhidmini) -- C:\Windows\System32\drivers\vhidmini.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (HECI) Intel(R) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (VIAudio) -- C:\Windows\System32\drivers\ac97via.sys (VIA Technologies, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (sfsync04) StarForce Protection Synchronization Driver (version 4.x) -- C:\Windows\System32\drivers\sfsync04.sys (Protection Technology (StarForce))
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (MRENDIS5) -- C:\Programme\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Programme\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011.02.07 19:53:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011.02.18 11:26:26 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2011.02.18 13:04:06 | 000,431,503 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 14854 more lines...
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Programme\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [PCTools FGuard] C:\Programme\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: swisscom.com ([ac] https in Trusted sites)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldde-ch.cab (MSN Photo Upload Tool)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\***\Pictures\MassEffect_Space002.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\Pictures\MassEffect_Space002.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.07.16 23:13:07 | 001,246,440 | R--- | M] (BioWare) - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.01.26 22:22:17 | 000,000,052 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009.07.07 11:14:20 | 000,193,816 | R--- | M] (CAPCOM CO., LTD.) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009.06.29 03:01:24 | 000,000,047 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{d2ab14cc-c5bf-11dc-ae70-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d2ab14cc-c5bf-11dc-ae70-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2009.07.16 23:13:07 | 001,246,440 | R--- | M] (BioWare)
O33 - MountPoints2\{d2ab14cd-c5bf-11dc-ae70-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d2ab14cd-c5bf-11dc-ae70-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2009.07.07 11:14:20 | 000,193,816 | R--- | M] (CAPCOM CO., LTD.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.18 16:04:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Ahead
[2011.02.18 15:41:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.02.18 15:35:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.02.18 15:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2011.02.18 15:22:17 | 000,000,000 | ---D | C] -- C:\Programme\Defraggler
[2011.02.18 15:19:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Threat Expert
[2011.02.18 15:14:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Avira
[2011.02.18 14:38:25 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\HijackThis-Logs
[2011.02.18 14:37:34 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\OTL-Logs
[2011.02.18 14:36:17 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\MBAM-Logs
[2011.02.18 12:57:16 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.02.18 12:15:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\QuickScan
[2011.02.18 11:26:23 | 002,000,848 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2011.02.18 11:26:23 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2011.02.18 11:26:23 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2011.02.18 11:24:56 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2011.02.18 11:24:56 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2011.02.18 11:24:55 | 000,251,560 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2011.02.18 11:24:55 | 000,103,232 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2011.02.18 11:24:41 | 000,239,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2011.02.18 11:24:39 | 000,160,448 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2011.02.18 11:22:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011.02.18 11:21:24 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2011.02.18 11:18:58 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PC Tools
[2011.02.18 11:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.02.18 11:18:43 | 000,000,000 | ---D | C] -- C:\Programme\PC Tools Security
[2011.02.18 11:18:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\PC Tools
[2011.02.18 11:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011.02.18 09:45:01 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011.02.18 09:44:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.02.18 09:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.18 09:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.18 09:44:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.02.18 09:44:50 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.02.09 12:37:40 | 002,039,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.02.09 12:37:38 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.02.09 12:37:37 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.02.09 12:37:33 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.02.09 12:37:33 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.02.09 12:37:33 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011.02.09 12:37:33 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2011.02.09 12:37:33 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.02.09 12:37:33 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.02.09 12:37:33 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.02.09 12:37:32 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.02.09 12:37:32 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011.02.09 12:37:32 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.02.09 12:37:32 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011.02.09 12:37:32 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.02.09 12:37:32 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011.02.09 12:37:32 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011.02.09 12:37:32 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.02.09 12:37:32 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.02.09 12:37:31 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011.02.09 12:37:31 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.02.09 12:37:31 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011.02.09 12:37:31 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011.02.09 12:37:31 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011.02.09 12:37:31 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.02.09 12:37:30 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011.02.09 12:37:30 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.02.09 12:37:30 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.02.09 12:37:24 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.02.09 12:37:24 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.02.09 12:37:24 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.02.09 12:37:24 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.02.09 12:37:24 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.02.09 12:37:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.02.09 12:37:24 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.02.09 12:37:24 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.02.09 12:37:24 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.02.09 12:37:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.02.09 12:37:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.02.09 12:37:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.02.09 12:37:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.02.09 12:37:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.02.09 12:37:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.02.09 12:37:23 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.02.09 12:37:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.02.09 12:37:19 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.02.09 12:37:19 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.02.02 20:05:48 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\EA Games
[2011.02.02 20:02:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\EA Games
[2011.02.02 20:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2011.02.02 19:20:08 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2011.02.02 19:20:08 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2011.02.02 19:20:08 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2011.02.02 19:20:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2011.02.02 19:20:07 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2011.02.02 19:20:07 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2011.02.02 19:20:07 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2011.02.02 19:20:07 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2011.02.02 19:20:07 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2011.01.26 21:18:58 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2011.01.26 21:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.18 16:50:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job
[2011.02.18 16:17:26 | 000,757,186 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011.02.18 16:17:26 | 000,751,282 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2011.02.18 16:17:26 | 000,718,902 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.02.18 16:17:26 | 000,679,436 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.02.18 16:17:26 | 000,163,054 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011.02.18 16:17:26 | 000,162,768 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.02.18 16:17:26 | 000,160,600 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2011.02.18 16:17:26 | 000,137,224 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.02.18 16:10:49 | 000,004,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 16:10:49 | 000,004,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 16:10:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.18 15:35:26 | 000,000,809 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.02.18 15:22:18 | 000,001,707 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011.02.18 13:04:06 | 000,431,503 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.02.18 12:57:23 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.02.18 12:38:27 | 000,372,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.02.18 12:26:29 | 000,038,899 | ---- | M] () -- C:\ProgramData\bdinstall.bin
[2011.02.18 11:26:37 | 003,248,584 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011.02.18 11:22:07 | 000,001,777 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011.02.18 09:44:55 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.13 19:35:41 | 000,000,768 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011.02.13 19:17:31 | 000,000,023 | ---- | M] () -- C:\Windows\BlendSettings.ini
[2011.02.10 15:59:37 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.02.02 20:25:35 | 000,431,241 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110218-130406.backup
[2011.01.24 16:49:03 | 000,000,134 | ---- | M] () -- C:\Users\***\Desktop\Windows-Firewall - Verknüpfung.lnk
[2011.01.24 16:43:31 | 000,430,152 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110202-202535.backup
[2011.01.20 17:08:16 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.01.20 17:08:06 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011.01.20 17:08:06 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.01.20 17:08:06 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011.01.20 17:08:06 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.01.20 17:07:58 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.01.20 17:06:38 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.01.20 17:06:35 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.01.20 17:04:54 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011.01.20 17:04:54 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011.01.20 15:28:38 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011.01.20 15:27:50 | 000,876,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.01.20 15:26:30 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.01.20 15:25:25 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011.01.20 15:24:32 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.01.20 15:24:26 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.01.20 15:15:10 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011.01.20 15:14:39 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011.01.20 15:14:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011.01.20 15:14:03 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.01.20 15:12:46 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.01.20 15:11:34 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011.01.20 14:47:51 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.01.20 14:44:05 | 001,068,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.01.20 14:44:03 | 000,797,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.02.18 15:35:26 | 000,000,809 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.02.18 15:22:18 | 000,001,707 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011.02.18 12:14:04 | 000,038,899 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011.02.18 11:26:23 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011.02.18 11:26:23 | 000,002,125 | ---- | C] () -- C:\Windows\UDB.zip
[2011.02.18 11:26:23 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2011.02.18 11:26:23 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2011.02.18 11:26:23 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2011.02.18 11:25:15 | 003,248,584 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2011.02.18 11:22:07 | 000,001,777 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011.02.18 09:44:55 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.13 16:31:59 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.01.24 16:49:03 | 000,000,134 | ---- | C] () -- C:\Users\***\Desktop\Windows-Firewall - Verknüpfung.lnk
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.06.14 14:16:04 | 000,034,308 | ---- | C] () -- C:\Windows\System32\bassmod.dll
[2010.05.23 17:45:55 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010.05.23 17:45:55 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010.04.13 12:00:26 | 000,017,408 | ---- | C] () -- C:\Users\***\AppData\Local\WebpageIcons.db
[2009.09.18 13:46:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.07.29 17:31:04 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009.07.24 02:57:06 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009.07.01 11:53:35 | 000,048,896 | ---- | C] () -- C:\Windows\System32\drivers\JmtFltr.sys
[2009.04.05 12:13:17 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.04.05 12:13:17 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.04.05 12:13:17 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.04.05 09:04:46 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009.03.06 12:26:07 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2008.10.25 13:41:24 | 000,022,328 | ---- | C] () -- C:\Users\***\AppData\Roaming\PnkBstrK.sys
[2008.09.11 17:24:26 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2008.07.31 16:33:08 | 000,000,208 | ---- | C] () -- C:\Windows\ACROREAD.INI
[2008.07.12 14:08:57 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.06.20 12:30:32 | 000,000,095 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2008.03.02 10:00:12 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.03.02 10:00:12 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.02.23 17:55:19 | 000,007,168 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.18 13:51:25 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2006.11.02 13:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
========== LOP Check ==========
 
[2010.04.23 15:10:49 | 000,000,000 | -HSD | M] -- C:\Users\***\AppData\Roaming\.#
[2008.02.27 12:09:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Bioshock
[2010.12.03 17:44:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CheckPoint
[2008.12.14 14:41:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Codemasters
[2010.07.29 17:21:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010.08.02 13:55:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Command and Conquer 4
[2009.03.06 17:28:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DNA
[2010.01.27 15:46:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dragon Age Toolset
[2010.03.08 03:11:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo
[2009.05.27 13:52:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gnupg
[2008.10.24 11:33:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICAClient
[2010.10.31 13:55:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2009.12.19 12:23:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MobMapUpdater
[2009.03.29 09:06:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDisc
[2011.02.18 12:15:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan
[2009.08.16 08:55:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\temp
[2008.06.20 13:08:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Turbine
[2010.06.14 14:07:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ubisoft
[2011.02.18 16:09:06 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.02.18 16:50:00 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
 
[2011.02.18 16:55:53 | 007,602,176 | -HS- | M] () -- C:\Users\***\ntuser.dat
[2011.02.18 16:55:53 | 000,262,144 | -H-- | M] () -- C:\Users\***\ntuser.dat.LOG1
[2011.02.18 16:55:30 | 000,000,000 | R--D | M] -- C:\Users\***\Desktop
[2011.02.18 16:55:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job
[2011.02.18 16:45:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Local\Temp
[2011.02.18 16:39:16 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2011.02.18 16:17:26 | 003,528,454 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2011.02.18 16:17:26 | 000,757,186 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011.02.18 16:17:26 | 000,751,282 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2011.02.18 16:17:26 | 000,718,902 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.02.18 16:17:26 | 000,679,436 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.02.18 16:17:26 | 000,163,054 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011.02.18 16:17:26 | 000,162,768 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.02.18 16:17:26 | 000,160,600 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2011.02.18 16:17:26 | 000,137,224 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.02.18 16:11:17 | 000,000,000 | ---D | M] -- C:\Programme\PC Tools Security
[2011.02.18 16:11:06 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA
[2011.02.18 16:10:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011.02.18 16:10:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.18 16:09:19 | 000,524,288 | -HS- | M] () -- C:\Users\***\ntuser.dat{24b6a890-16e3-11de-acd4-e60373bdcc57}.TMContainer00000000000000000002.regtrans-ms
[2011.02.18 16:09:19 | 000,065,536 | -HS- | M] () -- C:\Users\***\ntuser.dat{24b6a890-16e3-11de-acd4-e60373bdcc57}.TM.blf
[2011.02.18 16:08:48 | 001,974,671 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2011.02.18 16:07:34 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\Ahead
[2011.02.18 16:04:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ahead
[2011.02.18 15:35:26 | 000,000,809 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.02.18 15:35:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.02.18 15:35:25 | 000,000,000 | ---D | M] -- C:\Programme\CCleaner
[2011.02.18 15:22:19 | 000,000,000 | ---D | M] -- C:\Programme\Defraggler
[2011.02.18 15:22:18 | 000,001,707 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011.02.18 15:22:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2011.02.18 15:19:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Local\Threat Expert
[2011.02.18 15:19:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Spybot - Search & Destroy
[2011.02.18 15:14:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Avira
[2011.02.18 12:57:23 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.02.18 12:40:27 | 000,100,824 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
[2011.02.18 12:26:29 | 000,038,899 | ---- | M] () -- C:\ProgramData\bdinstall.bin
[2011.02.18 12:26:29 | 000,000,000 | ---D | M] -- C:\Programme\Common Files
[2011.02.18 12:15:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan
[2011.02.18 11:26:40 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\PC Tools
[2011.02.18 11:22:07 | 000,001,777 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011.02.18 11:22:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011.02.18 11:21:40 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Tools
[2011.02.18 11:18:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC Tools
[2011.02.18 09:45:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011.02.18 09:44:56 | 000,000,000 | ---D | M] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.02.18 09:44:55 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.18 09:44:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.18 09:44:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2011.02.18 09:41:46 | 000,000,000 | R--D | M] -- C:\Users\***\Favorites
[2011.02.13 19:35:41 | 000,000,768 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011.02.13 19:17:31 | 000,000,023 | ---- | M] () -- C:\Windows\BlendSettings.ini
[2011.02.10 15:59:37 | 000,002,425 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011.02.10 15:59:37 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.02.10 15:53:46 | 000,000,000 | ---D | M] -- C:\Programme\Windows Mail
[2011.02.10 15:53:45 | 000,000,000 | ---D | M] -- C:\Programme\Internet Explorer
[2011.02.09 22:12:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2011.02.02 20:05:48 | 000,000,000 | R--D | M] -- C:\Users\***\Documents
[2011.02.02 20:02:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Local\EA Games
[2011.02.02 20:02:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Solidshield
[2011.02.01 19:56:22 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2011.01.26 21:18:58 | 000,000,000 | ---D | M] -- C:\Programme\7-Zip
[2011.01.26 21:18:58 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011.01.24 16:49:03 | 000,000,134 | ---- | M] () -- C:\Users\***\Desktop\Windows-Firewall - Verknüpfung.lnk
[2011.01.20 17:06:35 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.01.20 15:28:38 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011.01.20 15:27:50 | 000,876,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.01.20 15:26:30 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.01.20 15:25:25 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011.01.20 15:24:32 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.01.20 15:24:26 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010.11.14 14:10:54 | 000,017,408 | ---- | M] () -- C:\Users\***\AppData\Local\WebpageIcons.db
[2010.02.02 12:29:25 | 000,007,168 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.06 12:26:07 | 000,000,680 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2008.10.25 13:41:24 | 000,022,328 | ---- | M] () -- C:\Users\***\AppData\Roaming\PnkBstrK.sys
[2008.09.11 18:14:56 | 000,000,174 | -HS- | M] () -- C:\Programme\desktop.ini
[2008.06.20 12:30:32 | 000,000,095 | ---- | M] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2008.01.18 13:51:25 | 000,000,305 | ---- | M] () -- C:\ProgramData\addr_file.html
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.18 16:55:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job
[2011.02.18 16:17:26 | 000,757,186 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011.02.18 16:17:26 | 000,751,282 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2011.02.18 16:17:26 | 000,718,902 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.02.18 16:17:26 | 000,679,436 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.02.18 16:17:26 | 000,163,054 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011.02.18 16:17:26 | 000,162,768 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.02.18 16:17:26 | 000,160,600 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2011.02.18 16:17:26 | 000,137,224 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.02.18 16:10:49 | 000,004,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 16:10:49 | 000,004,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 16:10:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.18 15:35:26 | 000,000,809 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.02.18 15:22:18 | 000,001,707 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011.02.18 13:04:06 | 000,431,503 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.02.18 12:57:23 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.02.18 12:38:27 | 000,372,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.02.18 12:26:29 | 000,038,899 | ---- | M] () -- C:\ProgramData\bdinstall.bin
[2011.02.18 11:26:37 | 003,248,584 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011.02.18 11:22:07 | 000,001,777 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011.02.18 09:44:55 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.13 19:35:41 | 000,000,768 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011.02.13 19:17:31 | 000,000,023 | ---- | M] () -- C:\Windows\BlendSettings.ini
[2011.02.10 15:59:37 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.02.02 20:25:35 | 000,431,241 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110218-130406.backup
[2011.01.24 16:49:03 | 000,000,134 | ---- | M] () -- C:\Users\***\Desktop\Windows-Firewall - Verknüpfung.lnk
[2011.01.24 16:43:31 | 000,430,152 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110202-202535.backup
[2011.01.20 17:08:16 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.01.20 17:08:06 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011.01.20 17:08:06 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.01.20 17:08:06 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011.01.20 17:08:06 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.01.20 17:07:58 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.01.20 17:06:38 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.01.20 17:06:35 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.01.20 17:04:54 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011.01.20 17:04:54 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011.01.20 15:28:38 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011.01.20 15:27:50 | 000,876,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.01.20 15:26:30 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.01.20 15:25:25 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011.01.20 15:24:32 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.01.20 15:24:26 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.01.20 15:15:10 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011.01.20 15:14:39 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011.01.20 15:14:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011.01.20 15:14:03 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.01.20 15:12:46 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.01.20 15:11:34 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011.01.20 14:47:51 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.01.20 14:44:05 | 001,068,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.01.20 14:44:03 | 000,797,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== LOP Check ==========
 
[2010.04.23 15:10:49 | 000,000,000 | -HSD | M] -- C:\Users\***\AppData\Roaming\.#
[2008.02.27 12:09:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Bioshock
[2010.12.03 17:44:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CheckPoint
[2008.12.14 14:41:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Codemasters
[2010.07.29 17:21:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010.08.02 13:55:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Command and Conquer 4
[2009.03.06 17:28:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DNA
[2010.01.27 15:46:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dragon Age Toolset
[2010.03.08 03:11:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo
[2009.05.27 13:52:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gnupg
[2008.10.24 11:33:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICAClient
[2010.10.31 13:55:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2009.12.19 12:23:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MobMapUpdater
[2009.03.29 09:06:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDisc
[2011.02.18 12:15:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan
[2009.08.16 08:55:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\temp
[2008.06.20 13:08:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Turbine
[2010.06.14 14:07:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ubisoft
[2011.02.18 16:09:06 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.02.18 16:55:00 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
 
< End of report >
SRV - (NMIndexingService) -- File not found
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Browser Defender Update Service) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (sdCoreService) -- C:\Programme\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (sdAuxService) -- C:\Programme\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (DAUpdaterSvc) -- C:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (MSSQL$BWDATOOLSET) SQL Server (BWDATOOLSET) -- C:\Program Files\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (getPlus(R) Helper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (msvsmon80) -- c:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (pctEFA) -- C:\Windows\system32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- C:\Windows\system32\drivers\pctDS.sys (PC Tools)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LHidEqd) -- C:\Windows\System32\drivers\LHidEqd.sys (Logitech, Inc.)
DRV - (LEqdUsb) -- C:\Windows\System32\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (s3117obex) -- C:\Windows\System32\drivers\s3117obex.sys (MCCI Corporation)
DRV - (s3117mdfl) -- C:\Windows\System32\drivers\s3117mdfl.sys (MCCI Corporation)
DRV - (s3117mdm) -- C:\Windows\System32\drivers\s3117mdm.sys (MCCI Corporation)
DRV - (s3117unic) Sony Ericsson Device 3117 USB Ethernet Emulation SEMC3117 (WDM) -- C:\Windows\System32\drivers\s3117unic.sys (MCCI Corporation)
DRV - (s3117mgmt) Sony Ericsson Device 3117 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s3117mgmt.sys (MCCI Corporation)
DRV - (s3117nd5) Sony Ericsson Device 3117 USB Ethernet Emulation SEMC3117 (NDIS) -- C:\Windows\System32\drivers\s3117nd5.sys (MCCI Corporation)
DRV - (s3117bus) Sony Ericsson Device 3117 driver (WDM) -- C:\Windows\System32\drivers\s3117bus.sys (MCCI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (JmtFltr) -- C:\Windows\System32\drivers\JmtFltr.sys ()
DRV - (vhidmini) -- C:\Windows\System32\drivers\vhidmini.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (HECI) Intel(R) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (VIAudio) -- C:\Windows\System32\drivers\ac97via.sys (VIA Technologies, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (sfsync04) StarForce Protection Synchronization Driver (version 4.x) -- C:\Windows\System32\drivers\sfsync04.sys (Protection Technology (StarForce))
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (MRENDIS5) -- C:\Programme\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Programme\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011.02.07 19:53:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011.02.18 11:26:26 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2011.02.18 13:04:06 | 000,431,503 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 14854 more lines...
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Programme\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [PCTools FGuard] C:\Programme\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: swisscom.com ([ac] https in Trusted sites)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldde-ch.cab (MSN Photo Upload Tool)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\***\Pictures\MassEffect_Space002.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\Pictures\MassEffect_Space002.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.07.16 23:13:07 | 001,246,440 | R--- | M] (BioWare) - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.01.26 22:22:17 | 000,000,052 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009.07.07 11:14:20 | 000,193,816 | R--- | M] (CAPCOM CO., LTD.) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009.06.29 03:01:24 | 000,000,047 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{d2ab14cc-c5bf-11dc-ae70-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d2ab14cc-c5bf-11dc-ae70-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2009.07.16 23:13:07 | 001,246,440 | R--- | M] (BioWare)
O33 - MountPoints2\{d2ab14cd-c5bf-11dc-ae70-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d2ab14cd-c5bf-11dc-ae70-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2009.07.07 11:14:20 | 000,193,816 | R--- | M] (CAPCOM CO., LTD.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.18 16:04:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Ahead
[2011.02.18 15:41:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.02.18 15:35:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.02.18 15:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2011.02.18 15:22:17 | 000,000,000 | ---D | C] -- C:\Programme\Defraggler
[2011.02.18 15:19:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Threat Expert
[2011.02.18 15:14:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Avira
[2011.02.18 14:38:25 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\HijackThis-Logs
[2011.02.18 14:37:34 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\OTL-Logs
[2011.02.18 14:36:17 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\MBAM-Logs
[2011.02.18 12:57:16 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.02.18 12:15:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\QuickScan
[2011.02.18 11:26:23 | 002,000,848 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2011.02.18 11:26:23 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2011.02.18 11:26:23 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2011.02.18 11:24:56 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2011.02.18 11:24:56 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2011.02.18 11:24:55 | 000,251,560 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2011.02.18 11:24:55 | 000,103,232 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2011.02.18 11:24:41 | 000,239,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2011.02.18 11:24:39 | 000,160,448 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2011.02.18 11:22:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011.02.18 11:21:24 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2011.02.18 11:18:58 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PC Tools
[2011.02.18 11:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.02.18 11:18:43 | 000,000,000 | ---D | C] -- C:\Programme\PC Tools Security
[2011.02.18 11:18:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\PC Tools
[2011.02.18 11:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011.02.18 09:45:01 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011.02.18 09:44:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.02.18 09:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.18 09:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.18 09:44:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.02.18 09:44:50 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.02.09 12:37:40 | 002,039,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.02.09 12:37:38 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.02.09 12:37:37 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.02.09 12:37:33 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.02.09 12:37:33 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.02.09 12:37:33 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011.02.09 12:37:33 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2011.02.09 12:37:33 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.02.09 12:37:33 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.02.09 12:37:33 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.02.09 12:37:32 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.02.09 12:37:32 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011.02.09 12:37:32 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.02.09 12:37:32 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011.02.09 12:37:32 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.02.09 12:37:32 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011.02.09 12:37:32 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011.02.09 12:37:32 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.02.09 12:37:32 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.02.09 12:37:31 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011.02.09 12:37:31 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.02.09 12:37:31 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011.02.09 12:37:31 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011.02.09 12:37:31 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011.02.09 12:37:31 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.02.09 12:37:30 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011.02.09 12:37:30 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.02.09 12:37:30 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.02.09 12:37:24 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.02.09 12:37:24 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.02.09 12:37:24 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.02.09 12:37:24 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.02.09 12:37:24 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.02.09 12:37:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.02.09 12:37:24 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.02.09 12:37:24 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.02.09 12:37:24 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.02.09 12:37:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.02.09 12:37:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.02.09 12:37:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.02.09 12:37:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.02.09 12:37:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.02.09 12:37:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.02.09 12:37:23 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.02.09 12:37:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.02.09 12:37:19 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.02.09 12:37:19 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.02.02 20:05:48 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\EA Games
[2011.02.02 20:02:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\EA Games
[2011.02.02 20:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2011.02.02 19:20:08 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2011.02.02 19:20:08 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2011.02.02 19:20:08 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2011.02.02 19:20:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2011.02.02 19:20:07 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2011.02.02 19:20:07 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2011.02.02 19:20:07 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2011.02.02 19:20:07 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2011.02.02 19:20:07 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2011.01.26 21:18:58 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2011.01.26 21:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.18 17:00:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job
[2011.02.18 16:17:26 | 000,757,186 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011.02.18 16:17:26 | 000,751,282 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2011.02.18 16:17:26 | 000,718,902 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.02.18 16:17:26 | 000,679,436 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.02.18 16:17:26 | 000,163,054 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011.02.18 16:17:26 | 000,162,768 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.02.18 16:17:26 | 000,160,600 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2011.02.18 16:17:26 | 000,137,224 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.02.18 16:10:49 | 000,004,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 16:10:49 | 000,004,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 16:10:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.18 15:35:26 | 000,000,809 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.02.18 15:22:18 | 000,001,707 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011.02.18 13:04:06 | 000,431,503 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.02.18 12:57:23 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.02.18 12:38:27 | 000,372,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.02.18 12:26:29 | 000,038,899 | ---- | M] () -- C:\ProgramData\bdinstall.bin
[2011.02.18 11:26:37 | 003,248,584 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011.02.18 11:22:07 | 000,001,777 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011.02.18 09:44:55 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.13 19:35:41 | 000,000,768 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011.02.13 19:17:31 | 000,000,023 | ---- | M] () -- C:\Windows\BlendSettings.ini
[2011.02.10 15:59:37 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.02.02 20:25:35 | 000,431,241 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110218-130406.backup
[2011.01.24 16:49:03 | 000,000,134 | ---- | M] () -- C:\Users\***\Desktop\Windows-Firewall - Verknüpfung.lnk
[2011.01.24 16:43:31 | 000,430,152 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110202-202535.backup
[2011.01.20 17:08:16 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.01.20 17:08:06 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011.01.20 17:08:06 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.01.20 17:08:06 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011.01.20 17:08:06 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.01.20 17:07:58 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.01.20 17:06:38 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.01.20 17:06:35 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.01.20 17:04:54 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011.01.20 17:04:54 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011.01.20 15:28:38 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011.01.20 15:27:50 | 000,876,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.01.20 15:26:30 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.01.20 15:25:25 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011.01.20 15:24:32 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.01.20 15:24:26 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.01.20 15:15:10 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011.01.20 15:14:39 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011.01.20 15:14:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011.01.20 15:14:03 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.01.20 15:12:46 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.01.20 15:11:34 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011.01.20 14:47:51 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.01.20 14:44:05 | 001,068,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.01.20 14:44:03 | 000,797,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.02.18 15:35:26 | 000,000,809 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.02.18 15:22:18 | 000,001,707 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011.02.18 12:14:04 | 000,038,899 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011.02.18 11:26:23 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011.02.18 11:26:23 | 000,002,125 | ---- | C] () -- C:\Windows\UDB.zip
[2011.02.18 11:26:23 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2011.02.18 11:26:23 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2011.02.18 11:26:23 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2011.02.18 11:25:15 | 003,248,584 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2011.02.18 11:22:07 | 000,001,777 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011.02.18 09:44:55 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.13 16:31:59 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.01.24 16:49:03 | 000,000,134 | ---- | C] () -- C:\Users\***\Desktop\Windows-Firewall - Verknüpfung.lnk
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.06.14 14:16:04 | 000,034,308 | ---- | C] () -- C:\Windows\System32\bassmod.dll
[2010.05.23 17:45:55 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010.05.23 17:45:55 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010.04.13 12:00:26 | 000,017,408 | ---- | C] () -- C:\Users\***\AppData\Local\WebpageIcons.db
[2009.09.18 13:46:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.07.29 17:31:04 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009.07.24 02:57:06 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009.07.01 11:53:35 | 000,048,896 | ---- | C] () -- C:\Windows\System32\drivers\JmtFltr.sys
[2009.04.05 12:13:17 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.04.05 12:13:17 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.04.05 12:13:17 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.04.05 09:04:46 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009.03.06 12:26:07 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2008.10.25 13:41:24 | 000,022,328 | ---- | C] () -- C:\Users\***\AppData\Roaming\PnkBstrK.sys
[2008.09.11 17:24:26 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2008.07.31 16:33:08 | 000,000,208 | ---- | C] () -- C:\Windows\ACROREAD.INI
[2008.07.12 14:08:57 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.06.20 12:30:32 | 000,000,095 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2008.03.02 10:00:12 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.03.02 10:00:12 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.02.23 17:55:19 | 000,007,168 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.18 13:51:25 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2006.11.02 13:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
========== LOP Check ==========
 
[2010.04.23 15:10:49 | 000,000,000 | -HSD | M] -- C:\Users\***\AppData\Roaming\.#
[2008.02.27 12:09:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Bioshock
[2010.12.03 17:44:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CheckPoint
[2008.12.14 14:41:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Codemasters
[2010.07.29 17:21:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010.08.02 13:55:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Command and Conquer 4
[2009.03.06 17:28:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DNA
[2010.01.27 15:46:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dragon Age Toolset
[2010.03.08 03:11:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo
[2009.05.27 13:52:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gnupg
[2008.10.24 11:33:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICAClient
[2010.10.31 13:55:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2009.12.19 12:23:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MobMapUpdater
[2009.03.29 09:06:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDisc
[2011.02.18 12:15:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan
[2009.08.16 08:55:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\temp
[2008.06.20 13:08:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Turbine
[2010.06.14 14:07:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ubisoft
[2011.02.18 16:09:06 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.02.18 17:00:00 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
 
< End of report >
         

Geändert von llemuroc (18.02.2011 um 17:29 Uhr)

Alt 18.02.2011, 17:23   #2
llemuroc
 
hotkeyshook und anderes Ungemach? - Standard

hotkeyshook und anderes Ungemach?



Hier das Log von Extras.txt
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 18.02.2011 16:48:39 - Run 4
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\***\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 39.00% Memory free
7.00 Gb Paging File | 4.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.52 Gb Total Space | 437.70 Gb Free Space | 46.99% Space Free | Partition Type: NTFS
Drive D: | 2.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09946925-8DD6-4360-B760-EF07075A86FE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
"{0DC2E6E7-1A99-4811-B8DD-A4BBD8B1D51A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{19BB0787-934F-48D4-AC2F-B68B14B6C079}" = rport=138 | protocol=17 | dir=out | app=system | 
"{20E35AFF-5DB2-4D34-AABD-F6E7E1A42924}" = lport=58860 | protocol=17 | dir=in | name=pando media booster | 
"{2F08E6CA-B07A-4831-9228-227481F1FFFF}" = lport=58860 | protocol=6 | dir=in | name=pando media booster | 
"{3C1959C2-E7D8-4F5A-9DE1-0A2C260C6FDB}" = lport=445 | protocol=6 | dir=in | app=system | 
"{474866A7-9332-4B79-A49A-364EA970FE3B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{7D913076-D013-474F-828F-70205BE0DFF4}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A1990BB3-51ED-4BC4-B32B-6886B17CCF5C}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A9C645C9-08D5-4897-BABF-4AA2839EF195}" = lport=139 | protocol=6 | dir=in | app=system | 
"{AAAA3E7C-DAEC-4484-9DB9-3336D98BA663}" = lport=58860 | protocol=17 | dir=in | name=pando media booster | 
"{BC820CC6-E975-43B4-AFFE-BB2BFD43D301}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{C42D41BE-2D3E-42BB-9BD1-CB73BF01EB36}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{D3C2A005-5913-49F6-B5A6-3BC6190E1CDB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{E20B0306-7CA8-49D9-970B-31B1BE3DEA5A}" = lport=58860 | protocol=6 | dir=in | name=pando media booster | 
"{FDFD55EE-361C-49BD-BEC7-703FCBCA6AC7}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00BDF1FD-E9FC-4EBD-A17E-50C4FC2666B5}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{02CABE0E-FEA1-4443-8EED-D67C0D10C4F3}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{0307F9C6-DE0A-4E42-906C-3D0629A190EC}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed ii\assassinscreedii.exe | 
"{03322A66-0EDE-4EFC-B505-DC02D804531D}" = protocol=6 | dir=in | app=c:\games\world of warcraft\launcher.exe | 
"{04F9B2DA-F7FE-4CC1-BFCC-93D0282BDC9E}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | 
"{079617C0-9436-4BCB-B458-AD4F4B2C3AC2}" = protocol=17 | dir=in | app=c:\games\dragon age\daoriginslauncher.exe | 
"{0B5EEB68-0FB7-4D45-BB4B-F1F2F3215E63}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\erfeditor.exe | 
"{0CBECB67-1B3C-421F-9B9C-5AC7BB90B446}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe | 
"{0D857D5D-5900-4AF1-B62A-2BFA5E7E4084}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed ii\uplaybrowser.exe | 
"{0FC411EC-BDBF-4235-A860-564377BDF591}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed ii\assassinscreediigame.exe | 
"{15DD8DA5-0154-4CC8-B46D-303C5ABF0D42}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\gffeditor.exe | 
"{19C4AA17-BA78-41D3-861E-A48114DD6FCE}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{1B7B9671-61AD-4AF4-BF54-D9A02F820E3F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{229FD7AE-799A-4F8D-B255-DB096145EF02}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | 
"{23AF4312-3831-45B0-BE56-28473E2B54CB}" = protocol=17 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\uplaybrowser.exe | 
"{2C330883-7568-4934-9CFD-5ED250AA5EFA}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe | 
"{2E33971E-2439-41B1-8166-03EBD8B386C5}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{2E480798-2609-4844-BFCC-30B1ECB53375}" = protocol=17 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\blackprophecy.exe | 
"{2F454CD2-4F5B-4238-8C59-25A5033862D0}" = protocol=6 | dir=in | app=c:\games\dragon age\daoriginslauncher.exe | 
"{305D3DF1-CFFD-4DD5-B058-25786D2DAD78}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{30661958-D47C-44AE-ACD7-44D7962F39CA}" = protocol=17 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\prince of persia.exe | 
"{315C357C-BEC4-4CEE-BD58-AC1876526533}" = protocol=17 | dir=in | app=c:\games\dragon age\bin_ship\daupdatersvc.service.exe | 
"{32A9B297-B11D-4BEF-954A-F7FDCB05349E}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed ii\assassinscreediigame.exe | 
"{335856D2-304B-4B59-85F7-D0EEEB7F7C51}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{33CBFE67-0DD4-4E22-BB7B-995611BBB239}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | 
"{342C97E0-97C6-455C-9953-8F60F465BF71}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe | 
"{369C2609-7A2C-4289-A48E-B37D3F5EB4F8}" = protocol=17 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe | 
"{3714129E-8EB8-4279-AFBE-E3357FC991E1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3C7F58D6-11FD-4129-91BC-F91FF3D6AF90}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe | 
"{40FA6E04-2EF9-4397-A663-6E817CF9311D}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\dragonagetoolset.exe | 
"{493A0C4C-E5B6-4FA5-A3B9-4AB70CDCA84A}" = protocol=6 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\prince of persia.exe | 
"{4E45BE56-B3F7-44D6-85DF-921A6573D809}" = protocol=17 | dir=in | app=c:\games\namco bandai games\warhammer mark of chaos\warhammer.exe | 
"{504FC8E1-0555-4B09-82E6-DBEF5F08A050}" = protocol=6 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\uplaybrowser.exe | 
"{58841913-007B-4F72-93FC-85DE65DF9784}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\common\oblivion\oblivionlauncher.exe | 
"{5AF26641-43FA-4B43-A9DD-AA1FFBE94503}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | 
"{5DA16476-C249-40AD-899A-F4C3137AC043}" = protocol=17 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe | 
"{5EEF27DC-1125-46B5-A187-E8D2712B9619}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{6019A61B-F971-410E-A20E-8C780E8A4AC7}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\lightmapper\eclipseray.exe | 
"{63949900-D34A-4AE9-8098-787F6861F431}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe | 
"{655756A6-FF33-4BDC-A1DE-943AC1044AD5}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe | 
"{675B465B-970E-4A04-AB02-140FCF2C4217}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{6CAEC738-8266-410E-96A8-FFA2DF4DE753}" = protocol=6 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe | 
"{6D0E90A9-1436-4A9C-A2EC-56A769BBA39D}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{6E19F8A1-1661-48C8-B24E-593E263F17F3}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe | 
"{7210EB8B-E4D7-4F33-89D4-3425E474365F}" = protocol=17 | dir=in | app=c:\games\capcom\resident evil 5\re5dx9.exe | 
"{724D0935-0C35-4190-98C8-1928DC952B95}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\lightmapper\eclipseray.exe | 
"{757C2063-FB10-4D2F-8F03-953DC9CB58A9}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\erfeditor.exe | 
"{7754851B-A505-449C-99EB-24A3F3A5EFFA}" = protocol=6 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\blackprophecy.exe | 
"{78F3A954-3C6C-4F10-8836-0E1B8B0B1B9F}" = protocol=6 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe | 
"{7A8C4A17-7FC0-43E1-A3CC-A29ABA0FE72E}" = protocol=17 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\gamesettings.exe | 
"{7BA9A458-9203-4868-B293-F8D8EDD50E5D}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{80CD7AF2-F633-4741-AEB9-FE2B1009DB42}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\dragonagetoolset.exe | 
"{810FDF38-8B97-489E-A242-42672AACCB5E}" = protocol=6 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\gamesettings.exe | 
"{82009D17-324D-4ADA-9954-D859F6EDA1E9}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{84FF5EBF-B8C4-4F07-A645-61E6330DA9A3}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\gffeditor.exe | 
"{8D0AAC82-4BFA-475F-840B-E2E492F2F4DF}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | 
"{91F78F35-16B0-434B-82F6-D6E6975AA0F7}" = protocol=6 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\gu.exe | 
"{9876CAD9-5327-4968-B572-94D576734F43}" = protocol=17 | dir=in | app=c:\gamess\sega\gas powered games\gpgnet\gpg.multiplayer.client.exe | 
"{9BF0C4ED-816D-47A6-9529-A5A6BF11F74E}" = protocol=6 | dir=in | app=c:\games\dragon age\bin_ship\daupdatersvc.service.exe | 
"{9CF6BC0C-A904-4014-8102-122AF53330AE}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe | 
"{A2DBB9FB-67B9-482A-A358-ADFE32903D22}" = protocol=17 | dir=in | app=c:\games\world of warcraft\launcher.exe | 
"{A60AE5E5-4A33-491B-AFC0-2D504E51FC23}" = protocol=17 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe | 
"{A6884F15-EBDB-4F70-9370-87E69AAF9E78}" = protocol=6 | dir=in | app=c:\games\capcom\resident evil 5\re5dx10.exe | 
"{A777A146-B3FD-4DF5-A9A1-AD72624ED3CD}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\rpu.exe | 
"{AD104E0F-D0AC-47A5-A697-EAFFBFEB78EA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B06638F7-C261-4F6A-BDFA-95F069A561B9}" = protocol=6 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\patcher.exe | 
"{B2CA716B-1FFE-4FED-B661-447E8BC4C981}" = protocol=6 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe | 
"{B54F1998-E839-456D-8EA7-2067904E1D66}" = protocol=17 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\launcher.exe | 
"{BBCE8BC9-265D-4AD5-B6FD-42578BAF6D71}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe | 
"{C45EBF45-6EE9-4D2B-8868-65087FBD5A12}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{C7BCCBE9-7849-41C1-B848-A4DEE9E5E3D8}" = protocol=6 | dir=in | app=c:\games\capcom\resident evil 5\re5dx9.exe | 
"{C94BEF99-B480-4342-9B43-EEF07B2CF0DD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{CC35A5D0-8E25-44B3-924C-05CF7245C910}" = protocol=6 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\launcher.exe | 
"{CC6302A2-2B36-43ED-8614-6A6B38986C95}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{CD0AEA4A-952F-43BF-991A-2FDA649509EA}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{CDCEA230-DE9A-4727-A8BA-8A872DF3E997}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\rpu.exe | 
"{CE580246-E27B-484E-A49B-B8CC7B672ED7}" = protocol=17 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\patcher.exe | 
"{CECD1D88-7DCD-419F-94E4-779BA363C4D3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{CF9B2558-73E1-46C4-A9A8-79C7C862565D}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\common\oblivion\oblivionlauncher.exe | 
"{D0BCA3AA-6076-4DC7-8AFE-4570A1D5961F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{D3F655E5-8F01-4EA0-B79A-BB7B3A25412A}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe | 
"{DF3FC5B3-86E8-40A6-95D1-FBC8A432774B}" = protocol=17 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe | 
"{E136DA31-AF22-4F9F-A47C-E77282A7A967}" = protocol=6 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe | 
"{E2140160-BCA4-418F-92D6-E57342D893D2}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{E45D1D81-ADA2-4479-8113-3D332F38637D}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed ii\assassinscreedii.exe | 
"{E8A57A08-63F3-4340-99E3-B36804498954}" = protocol=17 | dir=in | app=c:\games\capcom\resident evil 5\re5dx10.exe | 
"{E975056E-77A1-4B4C-BA7D-FA8A6D850E98}" = protocol=6 | dir=in | app=c:\games\namco bandai games\warhammer mark of chaos\warhammer.exe | 
"{EAAC04B8-5D63-43E6-A10E-4F86816166E0}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe | 
"{F016EAA6-30AD-4ED5-9477-9F1134352611}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed ii\uplaybrowser.exe | 
"{F7211D81-62BF-4C16-A3B1-163ACDB65AD1}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe | 
"{F72241A2-1B3F-455E-ACDF-93533099CBF0}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | 
"{F79256CD-8ADD-4A7D-A770-D924DB46DC18}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{FD2EEB2E-D119-4CB2-9CA2-8339C61AF38A}" = protocol=17 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\gu.exe | 
"{FD807369-A259-4C33-BF2F-7A44A1D40A5C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{FF682F92-9E3F-4CC1-A908-1DE797F06928}" = protocol=6 | dir=in | app=c:\gamess\sega\gas powered games\gpgnet\gpg.multiplayer.client.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{053D5B39-2C5D-4A83-A193-B6AB3FF94B53}" = Aion
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1A4E47DC-6701-4A85-AA16-C1F99A44598C}" = SpellForce 2 - Shadow Wars
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{23D683DD-93C6-48E6-B84E-78B57778F126}" = Oblivion - Construction Set
"{27223691-82E0-4C93-87D9-02C0B0D3D783}" = SpellForce 2 - Shadow Wars
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars(TM): Knights of the Old Republic (TM)
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (BWDATOOLSET)
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{339E300B-AD83-4013-BABF-E5C0DDAAFE7C}" = Spellforce 2 - Dragon Storm
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Dragon Age Toolset
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections
"{7E8242F8-BD2A-44D7-BCED-9B231A02B367}" = SpellForce 2 Patch
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{86C7336D-0E3A-4953-ADF4-F4B5E0096278}" = Command & Conquer 3 Tiberium Wars(TM) MOD SDK
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9311A75A-D83D-37B5-8D49-88E7F5AB2762}" = Microsoft .NET Framework 3.5 Language Pack - ita
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A30965BD-2D4D-45CE-8F04-6A6889818CF1}" = Microsoft SQL Server 2005 Tools
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C25EF637-BE7A-4761-9B45-9069989C319F}" = Microsoft Visual Studio 2005 Premier Partner Edition - ENU
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{DCAF959E-BE84-4E56-91B1-3E962AED5BF4}" = Dolby Control Center Link
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia The Forgotten Sands™
"{EB731227-8AC5-4889-ACE9-7D87864A9F19}" = Logitech GamePanel Software 3.02.173
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher
"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F43867C9-68FD-46C7-B0AF-214356305B5E}" = Microsoft SQL Server Management Studio Express
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online: Die Belagerung des Düsterwalds v03.0
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat Reader 3.01" = Adobe Acrobat Reader 3.01
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Black Prophecy Client BETA_is1" = Black Prophecy Client BETA
"Browser Defender_is1" = Browser Defender 3.0
"CCleaner" = CCleaner
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"CleanCache 3.0_is1" = CleanCache 3.5
"Defraggler" = Defraggler
"Drakensang_is1" = Drakensang
"EADM" = EA Download Manager
"FreeSpace2" = FreeSpace 2
"HECI" = Intel(R) Management Engine Interface
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.0.2.8
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra
"Microsoft .NET Framework 3.5 Language Pack - ita" = Microsoft .NET Framework 3.5 - Language Pack (italiano)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.12
"OpenAL" = OpenAL
"PROHYBRIDR" = 2007 Microsoft Office system
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"SecuROM Diagnostic Tool" = SecuROM Diagnostic Tool
"Spyware Doctor" = Spyware Doctor mit Antivirus 8.0
"Steam App 220" = Half-Life 2
"Steam App 22330" = The Elder Scrolls IV: Oblivion 
"Steam App 22380" = Fallout: New Vegas
"Steam App 380" = Half-Life 2: Episode One
"Steam App 420" = Half-Life 2: Episode Two
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"VLC media player" = VideoLAN VLC media player 0.8.6f
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
"Zattoo4" = Zattoo4 4.0.5
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 18:42:09 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm Gothic3.exe, Version 1.12.26364.0 arbeitet nicht mehr mit
 Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
 "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen.  Prozess-ID: 11c0  Anfangszeit: 01ca2814708ff2e8  Zeitpunkt
 der Beendigung: 271
 
Error - 29.08.2009 09:57:22 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Gothic3.exe, Version 1.12.26364.0, Zeitstempel
 0x00002af5, fehlerhaftes Modul sharedbase.dll, Version 1.12.26364.0, Zeitstempel
 0x45800e30, Ausnahmecode 0xc0000005, Fehleroffset 0x000ac11a,  Prozess-ID 0x1390,
 Anwendungsstartzeit 01ca287bc3df672c.
 
Error - 29.08.2009 09:57:24 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Gothic3.exe, Version 1.12.26364.0, Zeitstempel
 0x00002af5, fehlerhaftes Modul Engine.dll, Version 1.12.26364.0, Zeitstempel 0x00004672,
 Ausnahmecode 0xc0000005, Fehleroffset 0x0005b7e8,  Prozess-ID 0x1390, Anwendungsstartzeit
 01ca287bc3df672c.
 
[ Media Center Events ]
Error - 16.04.2008 12:44:06 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
 gescheitert.
 
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09946925-8DD6-4360-B760-EF07075A86FE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
"{0DC2E6E7-1A99-4811-B8DD-A4BBD8B1D51A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{19BB0787-934F-48D4-AC2F-B68B14B6C079}" = rport=138 | protocol=17 | dir=out | app=system | 
"{20E35AFF-5DB2-4D34-AABD-F6E7E1A42924}" = lport=58860 | protocol=17 | dir=in | name=pando media booster | 
"{2F08E6CA-B07A-4831-9228-227481F1FFFF}" = lport=58860 | protocol=6 | dir=in | name=pando media booster | 
"{3C1959C2-E7D8-4F5A-9DE1-0A2C260C6FDB}" = lport=445 | protocol=6 | dir=in | app=system | 
"{474866A7-9332-4B79-A49A-364EA970FE3B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{7D913076-D013-474F-828F-70205BE0DFF4}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A1990BB3-51ED-4BC4-B32B-6886B17CCF5C}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A9C645C9-08D5-4897-BABF-4AA2839EF195}" = lport=139 | protocol=6 | dir=in | app=system | 
"{AAAA3E7C-DAEC-4484-9DB9-3336D98BA663}" = lport=58860 | protocol=17 | dir=in | name=pando media booster | 
"{BC820CC6-E975-43B4-AFFE-BB2BFD43D301}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{C42D41BE-2D3E-42BB-9BD1-CB73BF01EB36}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{D3C2A005-5913-49F6-B5A6-3BC6190E1CDB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{E20B0306-7CA8-49D9-970B-31B1BE3DEA5A}" = lport=58860 | protocol=6 | dir=in | name=pando media booster | 
"{FDFD55EE-361C-49BD-BEC7-703FCBCA6AC7}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00BDF1FD-E9FC-4EBD-A17E-50C4FC2666B5}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{02CABE0E-FEA1-4443-8EED-D67C0D10C4F3}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{0307F9C6-DE0A-4E42-906C-3D0629A190EC}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed ii\assassinscreedii.exe | 
"{03322A66-0EDE-4EFC-B505-DC02D804531D}" = protocol=6 | dir=in | app=c:\games\world of warcraft\launcher.exe | 
"{04F9B2DA-F7FE-4CC1-BFCC-93D0282BDC9E}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | 
"{079617C0-9436-4BCB-B458-AD4F4B2C3AC2}" = protocol=17 | dir=in | app=c:\games\dragon age\daoriginslauncher.exe | 
"{0B5EEB68-0FB7-4D45-BB4B-F1F2F3215E63}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\erfeditor.exe | 
"{0CBECB67-1B3C-421F-9B9C-5AC7BB90B446}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe | 
"{0D857D5D-5900-4AF1-B62A-2BFA5E7E4084}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed ii\uplaybrowser.exe | 
"{0FC411EC-BDBF-4235-A860-564377BDF591}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed ii\assassinscreediigame.exe | 
"{15DD8DA5-0154-4CC8-B46D-303C5ABF0D42}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\gffeditor.exe | 
"{19C4AA17-BA78-41D3-861E-A48114DD6FCE}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{1B7B9671-61AD-4AF4-BF54-D9A02F820E3F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{229FD7AE-799A-4F8D-B255-DB096145EF02}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | 
"{23AF4312-3831-45B0-BE56-28473E2B54CB}" = protocol=17 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\uplaybrowser.exe | 
"{2C330883-7568-4934-9CFD-5ED250AA5EFA}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe | 
"{2E33971E-2439-41B1-8166-03EBD8B386C5}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{2E480798-2609-4844-BFCC-30B1ECB53375}" = protocol=17 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\blackprophecy.exe | 
"{2F454CD2-4F5B-4238-8C59-25A5033862D0}" = protocol=6 | dir=in | app=c:\games\dragon age\daoriginslauncher.exe | 
"{305D3DF1-CFFD-4DD5-B058-25786D2DAD78}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{30661958-D47C-44AE-ACD7-44D7962F39CA}" = protocol=17 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\prince of persia.exe | 
"{315C357C-BEC4-4CEE-BD58-AC1876526533}" = protocol=17 | dir=in | app=c:\games\dragon age\bin_ship\daupdatersvc.service.exe | 
"{32A9B297-B11D-4BEF-954A-F7FDCB05349E}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed ii\assassinscreediigame.exe | 
"{335856D2-304B-4B59-85F7-D0EEEB7F7C51}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{33CBFE67-0DD4-4E22-BB7B-995611BBB239}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | 
"{342C97E0-97C6-455C-9953-8F60F465BF71}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe | 
"{369C2609-7A2C-4289-A48E-B37D3F5EB4F8}" = protocol=17 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe | 
"{3714129E-8EB8-4279-AFBE-E3357FC991E1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3C7F58D6-11FD-4129-91BC-F91FF3D6AF90}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe | 
"{40FA6E04-2EF9-4397-A663-6E817CF9311D}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\dragonagetoolset.exe | 
"{493A0C4C-E5B6-4FA5-A3B9-4AB70CDCA84A}" = protocol=6 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\prince of persia.exe | 
"{4E45BE56-B3F7-44D6-85DF-921A6573D809}" = protocol=17 | dir=in | app=c:\games\namco bandai games\warhammer mark of chaos\warhammer.exe | 
"{504FC8E1-0555-4B09-82E6-DBEF5F08A050}" = protocol=6 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\uplaybrowser.exe | 
"{58841913-007B-4F72-93FC-85DE65DF9784}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\common\oblivion\oblivionlauncher.exe | 
"{5AF26641-43FA-4B43-A9DD-AA1FFBE94503}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | 
"{5DA16476-C249-40AD-899A-F4C3137AC043}" = protocol=17 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe | 
"{5EEF27DC-1125-46B5-A187-E8D2712B9619}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{6019A61B-F971-410E-A20E-8C780E8A4AC7}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\lightmapper\eclipseray.exe | 
"{63949900-D34A-4AE9-8098-787F6861F431}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe | 
"{655756A6-FF33-4BDC-A1DE-943AC1044AD5}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe | 
"{675B465B-970E-4A04-AB02-140FCF2C4217}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{6CAEC738-8266-410E-96A8-FFA2DF4DE753}" = protocol=6 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe | 
"{6D0E90A9-1436-4A9C-A2EC-56A769BBA39D}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{6E19F8A1-1661-48C8-B24E-593E263F17F3}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe | 
"{7210EB8B-E4D7-4F33-89D4-3425E474365F}" = protocol=17 | dir=in | app=c:\games\capcom\resident evil 5\re5dx9.exe | 
"{724D0935-0C35-4190-98C8-1928DC952B95}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\lightmapper\eclipseray.exe | 
"{757C2063-FB10-4D2F-8F03-953DC9CB58A9}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\erfeditor.exe | 
"{7754851B-A505-449C-99EB-24A3F3A5EFFA}" = protocol=6 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\blackprophecy.exe | 
"{78F3A954-3C6C-4F10-8836-0E1B8B0B1B9F}" = protocol=6 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe | 
"{7A8C4A17-7FC0-43E1-A3CC-A29ABA0FE72E}" = protocol=17 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\gamesettings.exe | 
"{7BA9A458-9203-4868-B293-F8D8EDD50E5D}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{80CD7AF2-F633-4741-AEB9-FE2B1009DB42}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\dragonagetoolset.exe | 
"{810FDF38-8B97-489E-A242-42672AACCB5E}" = protocol=6 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\gamesettings.exe | 
"{82009D17-324D-4ADA-9954-D859F6EDA1E9}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{84FF5EBF-B8C4-4F07-A645-61E6330DA9A3}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\gffeditor.exe | 
"{8D0AAC82-4BFA-475F-840B-E2E492F2F4DF}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | 
"{91F78F35-16B0-434B-82F6-D6E6975AA0F7}" = protocol=6 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\gu.exe | 
"{9876CAD9-5327-4968-B572-94D576734F43}" = protocol=17 | dir=in | app=c:\gamess\sega\gas powered games\gpgnet\gpg.multiplayer.client.exe | 
"{9BF0C4ED-816D-47A6-9529-A5A6BF11F74E}" = protocol=6 | dir=in | app=c:\games\dragon age\bin_ship\daupdatersvc.service.exe | 
"{9CF6BC0C-A904-4014-8102-122AF53330AE}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe | 
"{A2DBB9FB-67B9-482A-A358-ADFE32903D22}" = protocol=17 | dir=in | app=c:\games\world of warcraft\launcher.exe | 
"{A60AE5E5-4A33-491B-AFC0-2D504E51FC23}" = protocol=17 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe | 
"{A6884F15-EBDB-4F70-9370-87E69AAF9E78}" = protocol=6 | dir=in | app=c:\games\capcom\resident evil 5\re5dx10.exe | 
"{A777A146-B3FD-4DF5-A9A1-AD72624ED3CD}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\rpu.exe | 
"{AD104E0F-D0AC-47A5-A697-EAFFBFEB78EA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B06638F7-C261-4F6A-BDFA-95F069A561B9}" = protocol=6 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\patcher.exe | 
"{B2CA716B-1FFE-4FED-B661-447E8BC4C981}" = protocol=6 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe | 
"{B54F1998-E839-456D-8EA7-2067904E1D66}" = protocol=17 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\launcher.exe | 
"{BBCE8BC9-265D-4AD5-B6FD-42578BAF6D71}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe | 
"{C45EBF45-6EE9-4D2B-8868-65087FBD5A12}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{C7BCCBE9-7849-41C1-B848-A4DEE9E5E3D8}" = protocol=6 | dir=in | app=c:\games\capcom\resident evil 5\re5dx9.exe | 
"{C94BEF99-B480-4342-9B43-EEF07B2CF0DD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{CC35A5D0-8E25-44B3-924C-05CF7245C910}" = protocol=6 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\launcher.exe | 
"{CC6302A2-2B36-43ED-8614-6A6B38986C95}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{CD0AEA4A-952F-43BF-991A-2FDA649509EA}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{CDCEA230-DE9A-4727-A8BA-8A872DF3E997}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\rpu.exe | 
"{CE580246-E27B-484E-A49B-B8CC7B672ED7}" = protocol=17 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\patcher.exe | 
"{CECD1D88-7DCD-419F-94E4-779BA363C4D3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{CF9B2558-73E1-46C4-A9A8-79C7C862565D}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\common\oblivion\oblivionlauncher.exe | 
"{D0BCA3AA-6076-4DC7-8AFE-4570A1D5961F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{D3F655E5-8F01-4EA0-B79A-BB7B3A25412A}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe | 
"{DF3FC5B3-86E8-40A6-95D1-FBC8A432774B}" = protocol=17 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe | 
"{E136DA31-AF22-4F9F-A47C-E77282A7A967}" = protocol=6 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe | 
"{E2140160-BCA4-418F-92D6-E57342D893D2}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{E45D1D81-ADA2-4479-8113-3D332F38637D}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed ii\assassinscreedii.exe | 
"{E8A57A08-63F3-4340-99E3-B36804498954}" = protocol=17 | dir=in | app=c:\games\capcom\resident evil 5\re5dx10.exe | 
"{E975056E-77A1-4B4C-BA7D-FA8A6D850E98}" = protocol=6 | dir=in | app=c:\games\namco bandai games\warhammer mark of chaos\warhammer.exe | 
"{EAAC04B8-5D63-43E6-A10E-4F86816166E0}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe | 
"{F016EAA6-30AD-4ED5-9477-9F1134352611}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed ii\uplaybrowser.exe | 
"{F7211D81-62BF-4C16-A3B1-163ACDB65AD1}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe | 
"{F72241A2-1B3F-455E-ACDF-93533099CBF0}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | 
"{F79256CD-8ADD-4A7D-A770-D924DB46DC18}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{FD2EEB2E-D119-4CB2-9CA2-8339C61AF38A}" = protocol=17 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\gu.exe | 
"{FD807369-A259-4C33-BF2F-7A44A1D40A5C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{FF682F92-9E3F-4CC1-A908-1DE797F06928}" = protocol=6 | dir=in | app=c:\gamess\sega\gas powered games\gpgnet\gpg.multiplayer.client.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{053D5B39-2C5D-4A83-A193-B6AB3FF94B53}" = Aion
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A4E47DC-6701-4A85-AA16-C1F99A44598C}" = SpellForce 2 - Shadow Wars
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{23D683DD-93C6-48E6-B84E-78B57778F126}" = Oblivion - Construction Set
"{27223691-82E0-4C93-87D9-02C0B0D3D783}" = SpellForce 2 - Shadow Wars
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars(TM): Knights of the Old Republic (TM)
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (BWDATOOLSET)
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{339E300B-AD83-4013-BABF-E5C0DDAAFE7C}" = Spellforce 2 - Dragon Storm
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Dragon Age Toolset
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections
"{7E8242F8-BD2A-44D7-BCED-9B231A02B367}" = SpellForce 2 Patch
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{86C7336D-0E3A-4953-ADF4-F4B5E0096278}" = Command & Conquer 3 Tiberium Wars(TM) MOD SDK
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9311A75A-D83D-37B5-8D49-88E7F5AB2762}" = Microsoft .NET Framework 3.5 Language Pack - ita
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A30965BD-2D4D-45CE-8F04-6A6889818CF1}" = Microsoft SQL Server 2005 Tools
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C25EF637-BE7A-4761-9B45-9069989C319F}" = Microsoft Visual Studio 2005 Premier Partner Edition - ENU
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{DCAF959E-BE84-4E56-91B1-3E962AED5BF4}" = Dolby Control Center Link
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia The Forgotten Sands™
"{EB731227-8AC5-4889-ACE9-7D87864A9F19}" = Logitech GamePanel Software 3.02.173
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher
"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F43867C9-68FD-46C7-B0AF-214356305B5E}" = Microsoft SQL Server Management Studio Express
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online: Die Belagerung des Düsterwalds v03.0
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat Reader 3.01" = Adobe Acrobat Reader 3.01
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Black Prophecy Client BETA_is1" = Black Prophecy Client BETA
"Browser Defender_is1" = Browser Defender 3.0
"CCleaner" = CCleaner
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"CleanCache 3.0_is1" = CleanCache 3.5
"Defraggler" = Defraggler
"Drakensang_is1" = Drakensang
"EADM" = EA Download Manager
"FreeSpace2" = FreeSpace 2
"HECI" = Intel(R) Management Engine Interface
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.0.2.8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra
"Microsoft .NET Framework 3.5 Language Pack - ita" = Microsoft .NET Framework 3.5 - Language Pack (italiano)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.12
"OpenAL" = OpenAL
"PROHYBRIDR" = 2007 Microsoft Office system
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"SecuROM Diagnostic Tool" = SecuROM Diagnostic Tool
"Spyware Doctor" = Spyware Doctor mit Antivirus 8.0
"Steam App 220" = Half-Life 2
"Steam App 22330" = The Elder Scrolls IV: Oblivion 
"Steam App 22380" = Fallout: New Vegas
"Steam App 380" = Half-Life 2: Episode One
"Steam App 420" = Half-Life 2: Episode Two
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"VLC media player" = VideoLAN VLC media player 0.8.6f
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
"Zattoo4" = Zattoo4 4.0.5
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 18:42:09 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm Gothic3.exe, Version 1.12.26364.0 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen. Prozess-ID: 11c0 Anfangszeit: 01ca2814708ff2e8 Zeitpunkt
der Beendigung: 271
 
Error - 29.08.2009 09:57:22 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Gothic3.exe, Version 1.12.26364.0, Zeitstempel
0x00002af5, fehlerhaftes Modul sharedbase.dll, Version 1.12.26364.0, Zeitstempel
0x45800e30, Ausnahmecode 0xc0000005, Fehleroffset 0x000ac11a, Prozess-ID 0x1390,
Anwendungsstartzeit 01ca287bc3df672c.
 
Error - 29.08.2009 09:57:24 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Gothic3.exe, Version 1.12.26364.0, Zeitstempel
0x00002af5, fehlerhaftes Modul Engine.dll, Version 1.12.26364.0, Zeitstempel 0x00004672,
Ausnahmecode 0xc0000005, Fehleroffset 0x0005b7e8, Prozess-ID 0x1390, Anwendungsstartzeit
01ca287bc3df672c.
 
[ Media Center Events ]
Error - 16.04.2008 12:44:06 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
gescheitert.
 
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09946925-8DD6-4360-B760-EF07075A86FE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
"{0DC2E6E7-1A99-4811-B8DD-A4BBD8B1D51A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{19BB0787-934F-48D4-AC2F-B68B14B6C079}" = rport=138 | protocol=17 | dir=out | app=system | 
"{20E35AFF-5DB2-4D34-AABD-F6E7E1A42924}" = lport=58860 | protocol=17 | dir=in | name=pando media booster | 
"{2F08E6CA-B07A-4831-9228-227481F1FFFF}" = lport=58860 | protocol=6 | dir=in | name=pando media booster | 
"{3C1959C2-E7D8-4F5A-9DE1-0A2C260C6FDB}" = lport=445 | protocol=6 | dir=in | app=system | 
"{474866A7-9332-4B79-A49A-364EA970FE3B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{7D913076-D013-474F-828F-70205BE0DFF4}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A1990BB3-51ED-4BC4-B32B-6886B17CCF5C}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A9C645C9-08D5-4897-BABF-4AA2839EF195}" = lport=139 | protocol=6 | dir=in | app=system | 
"{AAAA3E7C-DAEC-4484-9DB9-3336D98BA663}" = lport=58860 | protocol=17 | dir=in | name=pando media booster | 
"{BC820CC6-E975-43B4-AFFE-BB2BFD43D301}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{C42D41BE-2D3E-42BB-9BD1-CB73BF01EB36}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{D3C2A005-5913-49F6-B5A6-3BC6190E1CDB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{E20B0306-7CA8-49D9-970B-31B1BE3DEA5A}" = lport=58860 | protocol=6 | dir=in | name=pando media booster | 
"{FDFD55EE-361C-49BD-BEC7-703FCBCA6AC7}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00BDF1FD-E9FC-4EBD-A17E-50C4FC2666B5}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{02CABE0E-FEA1-4443-8EED-D67C0D10C4F3}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{0307F9C6-DE0A-4E42-906C-3D0629A190EC}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed ii\assassinscreedii.exe | 
"{03322A66-0EDE-4EFC-B505-DC02D804531D}" = protocol=6 | dir=in | app=c:\games\world of warcraft\launcher.exe | 
"{04F9B2DA-F7FE-4CC1-BFCC-93D0282BDC9E}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | 
"{079617C0-9436-4BCB-B458-AD4F4B2C3AC2}" = protocol=17 | dir=in | app=c:\games\dragon age\daoriginslauncher.exe | 
"{0B5EEB68-0FB7-4D45-BB4B-F1F2F3215E63}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\erfeditor.exe | 
"{0CBECB67-1B3C-421F-9B9C-5AC7BB90B446}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe | 
"{0D857D5D-5900-4AF1-B62A-2BFA5E7E4084}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed ii\uplaybrowser.exe | 
"{0FC411EC-BDBF-4235-A860-564377BDF591}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed ii\assassinscreediigame.exe | 
"{15DD8DA5-0154-4CC8-B46D-303C5ABF0D42}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\gffeditor.exe | 
"{19C4AA17-BA78-41D3-861E-A48114DD6FCE}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{1B7B9671-61AD-4AF4-BF54-D9A02F820E3F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{229FD7AE-799A-4F8D-B255-DB096145EF02}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | 
"{23AF4312-3831-45B0-BE56-28473E2B54CB}" = protocol=17 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\uplaybrowser.exe | 
"{2C330883-7568-4934-9CFD-5ED250AA5EFA}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe | 
"{2E33971E-2439-41B1-8166-03EBD8B386C5}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{2E480798-2609-4844-BFCC-30B1ECB53375}" = protocol=17 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\blackprophecy.exe | 
"{2F454CD2-4F5B-4238-8C59-25A5033862D0}" = protocol=6 | dir=in | app=c:\games\dragon age\daoriginslauncher.exe | 
"{305D3DF1-CFFD-4DD5-B058-25786D2DAD78}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{30661958-D47C-44AE-ACD7-44D7962F39CA}" = protocol=17 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\prince of persia.exe | 
"{315C357C-BEC4-4CEE-BD58-AC1876526533}" = protocol=17 | dir=in | app=c:\games\dragon age\bin_ship\daupdatersvc.service.exe | 
"{32A9B297-B11D-4BEF-954A-F7FDCB05349E}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed ii\assassinscreediigame.exe | 
"{335856D2-304B-4B59-85F7-D0EEEB7F7C51}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{33CBFE67-0DD4-4E22-BB7B-995611BBB239}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | 
"{342C97E0-97C6-455C-9953-8F60F465BF71}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe | 
"{369C2609-7A2C-4289-A48E-B37D3F5EB4F8}" = protocol=17 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe | 
"{3714129E-8EB8-4279-AFBE-E3357FC991E1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3C7F58D6-11FD-4129-91BC-F91FF3D6AF90}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe | 
"{40FA6E04-2EF9-4397-A663-6E817CF9311D}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\dragonagetoolset.exe | 
"{493A0C4C-E5B6-4FA5-A3B9-4AB70CDCA84A}" = protocol=6 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\prince of persia.exe | 
"{4E45BE56-B3F7-44D6-85DF-921A6573D809}" = protocol=17 | dir=in | app=c:\games\namco bandai games\warhammer mark of chaos\warhammer.exe | 
"{504FC8E1-0555-4B09-82E6-DBEF5F08A050}" = protocol=6 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\uplaybrowser.exe | 
"{58841913-007B-4F72-93FC-85DE65DF9784}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\common\oblivion\oblivionlauncher.exe | 
"{5AF26641-43FA-4B43-A9DD-AA1FFBE94503}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | 
"{5DA16476-C249-40AD-899A-F4C3137AC043}" = protocol=17 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe | 
"{5EEF27DC-1125-46B5-A187-E8D2712B9619}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{6019A61B-F971-410E-A20E-8C780E8A4AC7}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\lightmapper\eclipseray.exe | 
"{63949900-D34A-4AE9-8098-787F6861F431}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe | 
"{655756A6-FF33-4BDC-A1DE-943AC1044AD5}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe | 
"{675B465B-970E-4A04-AB02-140FCF2C4217}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{6CAEC738-8266-410E-96A8-FFA2DF4DE753}" = protocol=6 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe | 
"{6D0E90A9-1436-4A9C-A2EC-56A769BBA39D}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_launcher.exe | 
"{6E19F8A1-1661-48C8-B24E-593E263F17F3}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe | 
"{7210EB8B-E4D7-4F33-89D4-3425E474365F}" = protocol=17 | dir=in | app=c:\games\capcom\resident evil 5\re5dx9.exe | 
"{724D0935-0C35-4190-98C8-1928DC952B95}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\lightmapper\eclipseray.exe | 
"{757C2063-FB10-4D2F-8F03-953DC9CB58A9}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\erfeditor.exe | 
"{7754851B-A505-449C-99EB-24A3F3A5EFFA}" = protocol=6 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\blackprophecy.exe | 
"{78F3A954-3C6C-4F10-8836-0E1B8B0B1B9F}" = protocol=6 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe | 
"{7A8C4A17-7FC0-43E1-A3CC-A29ABA0FE72E}" = protocol=17 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\gamesettings.exe | 
"{7BA9A458-9203-4868-B293-F8D8EDD50E5D}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{80CD7AF2-F633-4741-AEB9-FE2B1009DB42}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\dragonagetoolset.exe | 
"{810FDF38-8B97-489E-A242-42672AACCB5E}" = protocol=6 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\gamesettings.exe | 
"{82009D17-324D-4ADA-9954-D859F6EDA1E9}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{84FF5EBF-B8C4-4F07-A645-61E6330DA9A3}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\gffeditor.exe | 
"{8D0AAC82-4BFA-475F-840B-E2E492F2F4DF}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | 
"{91F78F35-16B0-434B-82F6-D6E6975AA0F7}" = protocol=6 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\gu.exe | 
"{9876CAD9-5327-4968-B572-94D576734F43}" = protocol=17 | dir=in | app=c:\gamess\sega\gas powered games\gpgnet\gpg.multiplayer.client.exe | 
"{9BF0C4ED-816D-47A6-9529-A5A6BF11F74E}" = protocol=6 | dir=in | app=c:\games\dragon age\bin_ship\daupdatersvc.service.exe | 
"{9CF6BC0C-A904-4014-8102-122AF53330AE}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe | 
"{A2DBB9FB-67B9-482A-A358-ADFE32903D22}" = protocol=17 | dir=in | app=c:\games\world of warcraft\launcher.exe | 
"{A60AE5E5-4A33-491B-AFC0-2D504E51FC23}" = protocol=17 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe | 
"{A6884F15-EBDB-4F70-9370-87E69AAF9E78}" = protocol=6 | dir=in | app=c:\games\capcom\resident evil 5\re5dx10.exe | 
"{A777A146-B3FD-4DF5-A9A1-AD72624ED3CD}" = protocol=17 | dir=in | app=c:\games\dragon age\tools\rpu.exe | 
"{AD104E0F-D0AC-47A5-A697-EAFFBFEB78EA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B06638F7-C261-4F6A-BDFA-95F069A561B9}" = protocol=6 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\patcher.exe | 
"{B2CA716B-1FFE-4FED-B661-447E8BC4C981}" = protocol=6 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe | 
"{B54F1998-E839-456D-8EA7-2067904E1D66}" = protocol=17 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\launcher.exe | 
"{BBCE8BC9-265D-4AD5-B6FD-42578BAF6D71}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe | 
"{C45EBF45-6EE9-4D2B-8868-65087FBD5A12}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_dx10.exe | 
"{C7BCCBE9-7849-41C1-B848-A4DEE9E5E3D8}" = protocol=6 | dir=in | app=c:\games\capcom\resident evil 5\re5dx9.exe | 
"{C94BEF99-B480-4342-9B43-EEF07B2CF0DD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{CC35A5D0-8E25-44B3-924C-05CF7245C910}" = protocol=6 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\launcher.exe | 
"{CC6302A2-2B36-43ED-8614-6A6B38986C95}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed\assassinscreed_dx9.exe | 
"{CD0AEA4A-952F-43BF-991A-2FDA649509EA}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{CDCEA230-DE9A-4727-A8BA-8A872DF3E997}" = protocol=6 | dir=in | app=c:\games\dragon age\tools\rpu.exe | 
"{CE580246-E27B-484E-A49B-B8CC7B672ED7}" = protocol=17 | dir=in | app=c:\games\gamigo\black prophecy client beta\bin\win32\patcher.exe | 
"{CECD1D88-7DCD-419F-94E4-779BA363C4D3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{CF9B2558-73E1-46C4-A9A8-79C7C862565D}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\common\oblivion\oblivionlauncher.exe | 
"{D0BCA3AA-6076-4DC7-8AFE-4570A1D5961F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{D3F655E5-8F01-4EA0-B79A-BB7B3A25412A}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe | 
"{DF3FC5B3-86E8-40A6-95D1-FBC8A432774B}" = protocol=17 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe | 
"{E136DA31-AF22-4F9F-A47C-E77282A7A967}" = protocol=6 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe | 
"{E2140160-BCA4-418F-92D6-E57342D893D2}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{E45D1D81-ADA2-4479-8113-3D332F38637D}" = protocol=6 | dir=in | app=c:\games\ubisoft\assassin's creed ii\assassinscreedii.exe | 
"{E8A57A08-63F3-4340-99E3-B36804498954}" = protocol=17 | dir=in | app=c:\games\capcom\resident evil 5\re5dx10.exe | 
"{E975056E-77A1-4B4C-BA7D-FA8A6D850E98}" = protocol=6 | dir=in | app=c:\games\namco bandai games\warhammer mark of chaos\warhammer.exe | 
"{EAAC04B8-5D63-43E6-A10E-4F86816166E0}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe | 
"{F016EAA6-30AD-4ED5-9477-9F1134352611}" = protocol=17 | dir=in | app=c:\games\ubisoft\assassin's creed ii\uplaybrowser.exe | 
"{F7211D81-62BF-4C16-A3B1-163ACDB65AD1}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe | 
"{F72241A2-1B3F-455E-ACDF-93533099CBF0}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | 
"{F79256CD-8ADD-4A7D-A770-D924DB46DC18}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{FD2EEB2E-D119-4CB2-9CA2-8339C61AF38A}" = protocol=17 | dir=in | app=c:\games\ubisoft\prince of persia the forgotten sands\gu.exe | 
"{FD807369-A259-4C33-BF2F-7A44A1D40A5C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{FF682F92-9E3F-4CC1-A908-1DE797F06928}" = protocol=6 | dir=in | app=c:\gamess\sega\gas powered games\gpgnet\gpg.multiplayer.client.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{053D5B39-2C5D-4A83-A193-B6AB3FF94B53}" = Aion
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A4E47DC-6701-4A85-AA16-C1F99A44598C}" = SpellForce 2 - Shadow Wars
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{23D683DD-93C6-48E6-B84E-78B57778F126}" = Oblivion - Construction Set
"{27223691-82E0-4C93-87D9-02C0B0D3D783}" = SpellForce 2 - Shadow Wars
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars(TM): Knights of the Old Republic (TM)
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (BWDATOOLSET)
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{339E300B-AD83-4013-BABF-E5C0DDAAFE7C}" = Spellforce 2 - Dragon Storm
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Dragon Age Toolset
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections
"{7E8242F8-BD2A-44D7-BCED-9B231A02B367}" = SpellForce 2 Patch
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{86C7336D-0E3A-4953-ADF4-F4B5E0096278}" = Command & Conquer 3 Tiberium Wars(TM) MOD SDK
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9311A75A-D83D-37B5-8D49-88E7F5AB2762}" = Microsoft .NET Framework 3.5 Language Pack - ita
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A30965BD-2D4D-45CE-8F04-6A6889818CF1}" = Microsoft SQL Server 2005 Tools
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C25EF637-BE7A-4761-9B45-9069989C319F}" = Microsoft Visual Studio 2005 Premier Partner Edition - ENU
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{DCAF959E-BE84-4E56-91B1-3E962AED5BF4}" = Dolby Control Center Link
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia The Forgotten Sands™
"{EB731227-8AC5-4889-ACE9-7D87864A9F19}" = Logitech GamePanel Software 3.02.173
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher
"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F43867C9-68FD-46C7-B0AF-214356305B5E}" = Microsoft SQL Server Management Studio Express
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online: Die Belagerung des Düsterwalds v03.0
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat Reader 3.01" = Adobe Acrobat Reader 3.01
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Black Prophecy Client BETA_is1" = Black Prophecy Client BETA
"Browser Defender_is1" = Browser Defender 3.0
"CCleaner" = CCleaner
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"CleanCache 3.0_is1" = CleanCache 3.5
"Defraggler" = Defraggler
"Drakensang_is1" = Drakensang
"EADM" = EA Download Manager
"FreeSpace2" = FreeSpace 2
"HECI" = Intel(R) Management Engine Interface
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.0.2.8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra
"Microsoft .NET Framework 3.5 Language Pack - ita" = Microsoft .NET Framework 3.5 - Language Pack (italiano)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.12
"OpenAL" = OpenAL
"PROHYBRIDR" = 2007 Microsoft Office system
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"SecuROM Diagnostic Tool" = SecuROM Diagnostic Tool
"Spyware Doctor" = Spyware Doctor mit Antivirus 8.0
"Steam App 220" = Half-Life 2
"Steam App 22330" = The Elder Scrolls IV: Oblivion 
"Steam App 22380" = Fallout: New Vegas
"Steam App 380" = Half-Life 2: Episode One
"Steam App 420" = Half-Life 2: Episode Two
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"VLC media player" = VideoLAN VLC media player 0.8.6f
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
"Zattoo4" = Zattoo4 4.0.5
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 10:16:13 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 28.08.2009 18:42:09 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm Gothic3.exe, Version 1.12.26364.0 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen. Prozess-ID: 11c0 Anfangszeit: 01ca2814708ff2e8 Zeitpunkt
der Beendigung: 271
 
Error - 29.08.2009 09:57:22 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Gothic3.exe, Version 1.12.26364.0, Zeitstempel
0x00002af5, fehlerhaftes Modul sharedbase.dll, Version 1.12.26364.0, Zeitstempel
0x45800e30, Ausnahmecode 0xc0000005, Fehleroffset 0x000ac11a, Prozess-ID 0x1390,
Anwendungsstartzeit 01ca287bc3df672c.
 
Error - 29.08.2009 09:57:24 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Gothic3.exe, Version 1.12.26364.0, Zeitstempel
0x00002af5, fehlerhaftes Modul Engine.dll, Version 1.12.26364.0, Zeitstempel 0x00004672,
Ausnahmecode 0xc0000005, Fehleroffset 0x0005b7e8, Prozess-ID 0x1390, Anwendungsstartzeit
01ca287bc3df672c.
 
[ Media Center Events ]
Error - 16.04.2008 12:44:06 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
gescheitert.
 
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
__________________


Antwort

Themen zu hotkeyshook und anderes Ungemach?
adobe, alternate, antivir, autorun, avg, avgntflt.sys, avira, bho, browser, checkpoint, conduit, corp./icp, defender, error, excel.exe, firefox, fontcache, format, helper, iexplore.exe, launch, location, log-files, logfile, mozilla, msvcr80.dll, nvlddmkm.sys, nvstor.sys, oldtimer, otl.exe, problem, programdata, realtek, registry, safer networking, sched.exe, security, server, software, spyware, start menu, sttray.exe, studio, system, vista, visual studio, windows, windows-firewall




Ähnliche Themen: hotkeyshook und anderes Ungemach?


  1. GVU und anderes
    Log-Analyse und Auswertung - 17.11.2012 (13)
  2. hotkeyshook immer noch aktiv ?
    Plagegeister aller Art und deren Bekämpfung - 07.06.2010 (7)
  3. Logon.exe und anderes
    Plagegeister aller Art und deren Bekämpfung - 02.09.2009 (8)
  4. Win32.Monitor.Hotkeyshook - Neue Erkenntnisse?
    Log-Analyse und Auswertung - 25.04.2009 (0)
  5. HotKeysHook
    Plagegeister aller Art und deren Bekämpfung - 19.04.2009 (7)
  6. W32/Virutas.Z und anderes..?!
    Log-Analyse und Auswertung - 17.05.2008 (2)
  7. Keylogger und div. anderes :P
    Plagegeister aller Art und deren Bekämpfung - 21.04.2008 (1)
  8. HotKeysHook.A ?
    Plagegeister aller Art und deren Bekämpfung - 19.12.2007 (9)
  9. Trojaner HotKeysHook gefunden, ich glaub aber es ist noch mehr
    Plagegeister aller Art und deren Bekämpfung - 30.10.2007 (1)
  10. Ich fand HotKeysHook jedoch kann es nicht alles sein, fand aber nichts mehr
    Mülltonne - 30.10.2007 (2)
  11. WinAntiVirus Pro und anderes
    Log-Analyse und Auswertung - 17.10.2006 (1)
  12. crazywinnings und anderes
    Log-Analyse und Auswertung - 05.04.2006 (1)
  13. Anderes Bios???
    Netzwerk und Hardware - 25.01.2006 (2)
  14. Trojaner: Keylogger.HotKeysHook -Logfile Auswertung
    Log-Analyse und Auswertung - 27.02.2005 (2)
  15. winlogin.exe und anderes :(
    Plagegeister aller Art und deren Bekämpfung - 05.01.2005 (5)
  16. Mein Log und Anderes...
    Log-Analyse und Auswertung - 27.12.2004 (13)
  17. Hilfe bei Trojaner HotKeysHook.A
    Plagegeister aller Art und deren Bekämpfung - 07.09.2003 (2)

Zum Thema hotkeyshook und anderes Ungemach? - Hallo auch! Wegen dem Download eines Trainers für Dead Space 2 von Code5.de öffneten sich eine Unmenge von Fenstern, habe ich mich hier etwas umgesehen und bin auf Malwarebytes' Anti-Malware - hotkeyshook und anderes Ungemach?...
Archiv
Du betrachtest: hotkeyshook und anderes Ungemach? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.