| Warfare65 | 17.06.2012 18:27 |
OTL & Extras & mbam-logs
Code:
OTL logfile created on: 17.06.2012 14:57:40 - Run 3
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\Warfare\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 54,96% Memory free
8,00 Gb Paging File | 5,85 Gb Available in Paging File | 73,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 114,94 Gb Total Space | 50,75 Gb Free Space | 44,15% Space Free | Partition Type: NTFS
Drive E: | 21,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 931,51 Gb Total Space | 252,38 Gb Free Space | 27,09% Space Free | Partition Type: NTFS
Computer Name: WARFARE-PC | User Name: Warfare | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Warfare\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Fighters\SPYWAREfighter\swproTray.exe (SPAMfighter)
PRC - C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe (Preventon Technologies Limited)
PRC - C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe (Preventon Technologies Limited)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Fighters\FighterSuiteService.exe (SPAMfighter ApS)
PRC - C:\Program Files (x86)\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\ProgramData\DatacardService\DCService.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avformat-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll ()
MOD - C:\Users\Warfare\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll ()
MOD - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AV Engine Scanning Service) -- C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe ()
SRV - (AV Watch Service) -- C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Suite Service) -- C:\Program Files (x86)\Fighters\FighterSuiteService.exe (SPAMfighter ApS)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (DCService.exe) -- C:\ProgramData\DatacardService\DCService.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (AVFSFilter) -- C:\Windows\SysNative\drivers\avfsfilter.sys ()
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ewsercd) -- C:\Windows\SysNative\drivers\ewsercd.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys (Protect Software GmbH)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (regi) -- C:\Windows\SysWOW64\drivers\regi.sys (InterVideo)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://service.gmx.net/de/cgi/g.fcgi/application/navigator?CUSTOMERNO=64077473&t=de1332385977.1330764348.bf7efd7c
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F5 13 A4 09 6B E1 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {378E88C5-5D58-4753-9C38-533F5E41BA9B}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{09038620-190C-402B-A92F-18864E6AB22F}: "URL" = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{0FC594E6-877C-433A-B09A-BDDA338FCE74}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
IE - HKCU\..\SearchScopes\{378E88C5-5D58-4753-9C38-533F5E41BA9B}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{40064957-18EB-412d-9146-3F57E8D92EEC}: "URL" = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms}
IE - HKCU\..\SearchScopes\{5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6B1D1FB7-7233-4F7C-802C-21A1DDB12754}: "URL" = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{8D27B32E-89EE-460e-82D2-5FC354078EAD}: "URL" = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms}
IE - HKCU\..\SearchScopes\{DCE59F23-A446-45a5-9459-E68FDC0DE38D}: "URL" = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms}
IE - HKCU\..\SearchScopes\{F6658E1C-7078-43EE-951A-5E6BA0B50A3C}: "URL" = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.gmx.net/"
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\Warfare\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.16 08:20:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.03.22 18:10:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Warfare\AppData\Roaming\mozilla\Extensions
[2012.05.20 15:16:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Warfare\AppData\Roaming\mozilla\Firefox\Profiles\shabcuki.default\extensions
[2011.07.06 06:43:38 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Warfare\AppData\Roaming\mozilla\Firefox\Profiles\shabcuki.default\extensions\DefaultManager@Microsoft
[2011.11.03 10:59:03 | 000,000,933 | ---- | M] () -- C:\Users\Warfare\AppData\Roaming\Mozilla\Firefox\Profiles\shabcuki.default\searchplugins\11-suche.xml
[2011.11.03 10:59:04 | 000,002,419 | ---- | M] () -- C:\Users\Warfare\AppData\Roaming\Mozilla\Firefox\Profiles\shabcuki.default\searchplugins\englische-ergebnisse.xml
[2011.08.11 23:00:39 | 000,010,525 | ---- | M] () -- C:\Users\Warfare\AppData\Roaming\Mozilla\Firefox\Profiles\shabcuki.default\searchplugins\gmx-suche.xml
[2012.06.13 22:51:16 | 000,001,056 | ---- | M] () -- C:\Users\Warfare\AppData\Roaming\Mozilla\Firefox\Profiles\shabcuki.default\searchplugins\icqplugin.xml
[2011.11.03 10:59:03 | 000,002,457 | ---- | M] () -- C:\Users\Warfare\AppData\Roaming\Mozilla\Firefox\Profiles\shabcuki.default\searchplugins\lastminute.xml
[2012.05.20 15:17:01 | 000,005,489 | ---- | M] () -- C:\Users\Warfare\AppData\Roaming\Mozilla\Firefox\Profiles\shabcuki.default\searchplugins\webde-suche.xml
[2011.11.09 16:04:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.01.06 09:48:25 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\WARFARE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SHABCUKI.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.05.20 15:16:59 | 000,574,144 | ---- | M] () (No name found) -- C:\USERS\WARFARE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SHABCUKI.DEFAULT\EXTENSIONS\TOOLBAR@GMX.NET.XPI
[2012.06.16 08:20:23 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.09 10:30:55 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.09 10:30:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.11.09 10:30:55 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.22 20:10:41 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src
[2011.11.09 10:30:55 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.09 10:30:55 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.09 10:30:55 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Warfare\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Protect Disc License Acquisition Plugin (Enabled) = C:\Users\Warfare\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Warfare\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Warfare\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\Warfare\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (GMX Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (GMX Konfiguration) - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\ProgramData\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (GMX Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (GMX Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (GMX Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files (x86)\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (GMX Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (GMX Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files (x86)\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SWPROguard] C:\Program Files (x86)\Fighters\SPYWAREfighter\swproTray.exe (SPAMfighter)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF0BCC49-7330-4970-A3F2-1C60341ADCDB}: NameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C889EE2D-B913-4291-8AE5-8D9F32278D48}: NameServer = 193.189.244.225 193.189.244.206
O18:64bit: - Protocol\Handler\gmx {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gmx {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.20 10:49:08 | 000,126,976 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.05.17 01:26:42 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{1156ee98-3168-11e0-b1d4-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{1156ee98-3168-11e0-b1d4-001a4d50a21c}\Shell\AutoRun\command - "" = G:\Setupx.exe
O33 - MountPoints2\{3816b30f-dfd3-11e0-9549-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{3816b30f-dfd3-11e0-9549-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{3a3fc955-91bd-11e0-954f-001e101f4da1}\Shell - "" = AutoRun
O33 - MountPoints2\{3a3fc955-91bd-11e0-954f-001e101f4da1}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{408d2b0e-6229-11e1-bdfc-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{408d2b0e-6229-11e1-bdfc-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{408d2b19-6229-11e1-bdfc-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{408d2b19-6229-11e1-bdfc-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{4947c6bd-458e-11e0-9872-001e101fb45e}\Shell - "" = AutoRun
O33 - MountPoints2\{4947c6bd-458e-11e0-9872-001e101fb45e}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{4947c6dc-458e-11e0-9872-001e101fb45e}\Shell - "" = AutoRun
O33 - MountPoints2\{4947c6dc-458e-11e0-9872-001e101fb45e}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{50be4018-3bf3-11e0-9b9b-001e101f82a7}\Shell - "" = AutoRun
O33 - MountPoints2\{50be4018-3bf3-11e0-9b9b-001e101f82a7}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{577653cf-6211-11e1-a060-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{577653cf-6211-11e1-a060-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{577653f4-6211-11e1-a060-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{577653f4-6211-11e1-a060-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{77d63c85-375a-11e0-9790-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{77d63c85-375a-11e0-9790-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{7ec472e4-906f-11e0-a629-001e101fe70e}\Shell - "" = AutoRun
O33 - MountPoints2\{7ec472e4-906f-11e0-a629-001e101fe70e}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{811f9161-ce86-11e0-97d6-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{811f9161-ce86-11e0-97d6-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{9764322a-78e6-11e0-a189-001e101f57d0}\Shell - "" = AutoRun
O33 - MountPoints2\{9764322a-78e6-11e0-a189-001e101f57d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{97643238-78e6-11e0-a189-001e101f57d0}\Shell - "" = AutoRun
O33 - MountPoints2\{97643238-78e6-11e0-a189-001e101f57d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{97a1e789-1dac-11e1-b34f-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{97a1e789-1dac-11e1-b34f-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{9bc45787-6238-11e1-90a0-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{9bc45787-6238-11e1-90a0-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{a86a9ea7-7a43-11e0-8a22-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{a86a9ea7-7a43-11e0-8a22-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{ad032663-38ba-11e0-8388-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{ad032663-38ba-11e0-8388-001e101f8924}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{c60687de-78a0-11e0-9d11-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{c60687de-78a0-11e0-9d11-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{c8677eee-36f5-11e0-9400-001e101fe70e}\Shell - "" = AutoRun
O33 - MountPoints2\{c8677eee-36f5-11e0-9400-001e101fe70e}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{d17a1b49-9d4a-11e0-82d3-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{d17a1b49-9d4a-11e0-82d3-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{d17a1b54-9d4a-11e0-82d3-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{d17a1b54-9d4a-11e0-82d3-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{d741c33b-5314-11e1-9dc8-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{d741c33b-5314-11e1-9dc8-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{dd7e0f2f-a1b7-11e0-807b-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{dd7e0f2f-a1b7-11e0-807b-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{df84d1ca-e76a-11e0-9cf3-001e101fb4df}\Shell - "" = AutoRun
O33 - MountPoints2\{df84d1ca-e76a-11e0-9cf3-001e101fb4df}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Start.hta
O33 - MountPoints2\{ed40318c-30c0-11e0-bf5c-001a4d50a21c}\Shell - "" = AutoRun
O33 - MountPoints2\{ed40318c-30c0-11e0-bf5c-001a4d50a21c}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Setup.EXE
O33 - MountPoints2\D\Shell\verb0\command - "" = \SETUP.EXE
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.08.20 10:49:08 | 000,126,976 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.06.17 13:51:03 | 000,000,000 | ---D | C] -- C:\Users\Warfare\AppData\Roaming\Malwarebytes
[2012.06.17 13:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.17 13:50:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.17 13:50:34 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.17 13:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.17 13:42:27 | 000,000,000 | ---D | C] -- C:\Users\Warfare\AppData\Roaming\JPEGsnoop
[2012.06.17 12:06:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.06.17 10:42:45 | 000,000,000 | ---D | C] -- C:\ProgramData\clp
[2012.06.17 10:42:40 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Warfare\Desktop\OTL.exe
[2012.06.17 10:42:25 | 000,000,000 | ---D | C] -- C:\Users\Warfare\AppData\Roaming\Fighters
[2012.06.17 10:42:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters
[2012.06.17 10:41:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Common Toolkit Suite
[2012.06.17 10:41:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fighters
[2012.06.17 10:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Toolkit Suite
[2012.06.17 10:39:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters
[2012.06.17 10:03:26 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2012.06.17 09:48:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2012.06.17 09:47:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2012.06.16 08:20:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.06.16 08:20:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.06.14 05:42:41 | 000,000,000 | ---D | C] -- C:\Users\Warfare\AppData\Roaming\Apple Computer
[2012.06.13 23:20:12 | 000,000,000 | ---D | C] -- C:\Users\Warfare\AppData\Local\Macromedia
[2012.06.13 23:19:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.06.13 23:19:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.06.13 23:19:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.06.13 23:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.06.13 23:15:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012.06.13 23:15:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.06.13 23:14:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.06.13 23:14:14 | 000,000,000 | ---D | C] -- C:\Users\Warfare\AppData\Local\Apple
[2012.06.13 23:14:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.06.13 23:14:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.06.13 23:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012.06.13 21:18:38 | 000,000,000 | ---D | C] -- C:\Users\Warfare\Documents\Outlook-Dateien
[2012.05.20 14:09:00 | 000,000,000 | ---D | C] -- C:\Users\Warfare\Documents\Star Wars - The Old Republic
[2012.05.20 08:54:24 | 000,000,000 | ---D | C] -- C:\Users\Warfare\Documents\HeroBlade Logs
[2012.05.20 08:37:44 | 000,000,000 | ---D | C] -- C:\Users\Warfare\Documents\InterVideo
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Warfare\Documents\*.tmp files -> C:\Users\Warfare\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.06.17 14:48:48 | 014,492,672 | ---- | M] () -- C:\Users\Warfare\Documents\Outlook.pst
[2012.06.17 14:33:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.17 14:27:46 | 000,000,000 | ---- | M] () -- C:\Users\Warfare\defogger_reenable
[2012.06.17 14:10:21 | 000,020,480 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.17 14:10:21 | 000,020,480 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.17 14:07:52 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.17 14:05:20 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.17 14:04:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.17 14:04:50 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.17 13:50:58 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.17 12:16:37 | 000,000,000 | ---- | M] () -- C:\Users\Warfare\Desktop\Neue Bitmap.bmp
[2012.06.17 11:52:54 | 000,011,816 | ---- | M] () -- C:\Users\Warfare\Documents\cc_20120617_115242.reg
[2012.06.17 10:43:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Warfare\Desktop\OTL.exe
[2012.06.17 10:42:22 | 000,001,963 | ---- | M] () -- C:\Users\Public\Desktop\SPYWAREfighter.lnk
[2012.06.17 08:12:35 | 000,003,424 | ---- | M] () -- C:\bootsqm.dat
[2012.06.14 19:49:32 | 001,643,132 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.14 19:49:32 | 000,700,358 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.14 19:49:32 | 000,655,070 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.14 19:49:32 | 000,149,154 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.14 19:49:32 | 000,121,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.14 19:12:57 | 000,484,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.05.30 11:48:18 | 000,013,720 | ---- | M] () -- C:\Windows\SysNative\drivers\avfsfilter.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Warfare\Documents\*.tmp files -> C:\Users\Warfare\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.06.17 14:27:46 | 000,000,000 | ---- | C] () -- C:\Users\Warfare\defogger_reenable
[2012.06.17 13:50:58 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.17 12:16:37 | 000,000,000 | ---- | C] () -- C:\Users\Warfare\Desktop\Neue Bitmap.bmp
[2012.06.17 11:52:51 | 000,011,816 | ---- | C] () -- C:\Users\Warfare\Documents\cc_20120617_115242.reg
[2012.06.17 10:42:22 | 000,001,963 | ---- | C] () -- C:\Users\Public\Desktop\SPYWAREfighter.lnk
[2012.06.17 08:12:35 | 000,003,424 | ---- | C] () -- C:\bootsqm.dat
[2012.06.13 23:14:12 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.06.13 23:11:31 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.13 21:20:35 | 014,492,672 | ---- | C] () -- C:\Users\Warfare\Documents\Outlook.pst
[2012.06.13 21:07:45 | 3220,037,632 | -HS- | C] () -- C:\hiberfil.sys
[2012.05.30 11:48:18 | 000,013,720 | ---- | C] () -- C:\Windows\SysNative\drivers\avfsfilter.sys
[2012.02.27 11:51:17 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012.02.27 11:36:51 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini
[2011.10.11 21:15:08 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2011.07.01 13:07:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.06.28 07:07:38 | 000,013,824 | ---- | C] () -- C:\Users\Warfare\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.08 11:02:55 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2011.04.29 16:56:22 | 001,599,034 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.27 14:19:32 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.04.27 14:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.04.27 14:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.04.27 14:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.04.27 14:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.03.25 15:42:04 | 000,000,038 | ---- | C] () -- C:\Windows\SysWow64\ZX9EQJT7_{42C8934A-382D-4E78-85E8-6043EC9B17BC}.dat
[2011.02.26 21:25:01 | 000,007,610 | ---- | C] () -- C:\Users\Warfare\AppData\Local\Resmon.ResmonCfg
========== LOP Check ==========
[2011.05.20 14:50:50 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\1&1 Mail & Media GmbH
[2011.12.02 13:18:29 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\elsterformular
[2012.06.17 10:42:53 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\Fighters
[2012.03.17 23:53:15 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\ICQ
[2011.03.12 09:14:55 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\InterVideo
[2012.06.17 13:42:27 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\JPEGsnoop
[2011.07.02 21:46:36 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\Lexware
[2012.06.17 15:02:46 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\NetSpeedMonitor
[2011.10.11 18:05:54 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\ProtectDisc
[2011.06.28 07:05:37 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\Samsung
[2011.06.18 12:34:28 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\Telefónica
[2011.02.13 01:16:45 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\Telekom
[2011.02.13 01:31:28 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\Telekom Internet Manager
[2012.06.13 22:48:07 | 000,000,000 | ---D | M] -- C:\Users\Warfare\AppData\Roaming\TS3Client
[2012.03.28 16:49:07 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:A0F9C283
End of report
Code:
OTL Extras logfile created on: 17.06.2012 13:06:21 - Run 2
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\Warfare\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 52,36% Memory free
8,00 Gb Paging File | 5,31 Gb Available in Paging File | 66,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 114,94 Gb Total Space | 50,87 Gb Free Space | 44,26% Space Free | Partition Type: NTFS
Drive E: | 21,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 931,51 Gb Total Space | 252,38 Gb Free Space | 27,09% Space Free | Partition Type: NTFS
Computer Name: WARFARE-PC | User Name: Warfare | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [scan_with_SPYWAREfighter] -- C:\Program Files (x86)\Fighters\SPYWAREfighter\swproTray.exe /scan "%1" (SPAMfighter)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [scan_with_SPYWAREfighter] -- C:\Program Files (x86)\Fighters\SPYWAREfighter\swproTray.exe /scan "%1" (SPAMfighter)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01AC4F52-AD66-4A70-9274-E474D9B5C70C}" = lport=445 | protocol=6 | dir=in | app=system |
"{1EBE44D1-0ED5-4F96-B74E-421789043792}" = lport=138 | protocol=17 | dir=in | app=system |
"{2D16AA8F-D40B-48E8-A6ED-4817FD276556}" = lport=137 | protocol=17 | dir=in | app=system |
"{2D7FBABB-576C-4D03-883F-93D1D4373A3B}" = lport=139 | protocol=6 | dir=in | app=system |
"{3961053F-3873-4244-AAB5-B2C7F0913D83}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3BADB66D-78E2-40B5-A403-57D1723069C2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{42ABD6E8-4B30-402C-AD27-BB0781A517E9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4DB6B258-9626-4C0E-810C-3ECFF1C3CB51}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66D70630-B7D5-4351-85FA-608CE194A3BC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{67EF37FE-5471-48DA-8773-0F3014E507E5}" = rport=445 | protocol=6 | dir=out | app=system |
"{7795E123-2B05-428A-8989-8ADC54D0C1C7}" = rport=138 | protocol=17 | dir=out | app=system |
"{826064B9-083F-4165-B26B-B7E5CCDF6299}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{8BAA0D7A-4A25-4AD9-AE8B-2DE851EAC3BB}" = rport=139 | protocol=6 | dir=out | app=system |
"{9DC1D282-F73C-45F1-9812-A9465B0CDB71}" = rport=137 | protocol=17 | dir=out | app=system |
"{B65F25E6-A100-4CF6-84A3-BCE4F8AF8B3B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{CE437454-8893-4EF3-807D-78CA48F346C1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D67917C4-B0D4-4C9B-9809-F5D48CE2E943}" = lport=49266 | protocol=6 | dir=in | name=akamai netsession interface |
"{EFF5B703-6E4F-4D3B-8DEA-C91C35C7DE8F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F2FD14BD-F4FB-41FB-9685-84981EA35FDC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00220555-5309-40FD-A1B7-B857F8CADD12}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{045D3BE1-EED7-4171-AFC6-AF1D9B64D7E5}" = protocol=17 | dir=in | app=f:\world of warcraft\launcher.exe |
"{08248938-AB1D-4EC3-92A9-CFE4C567296A}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{102D0CD3-068F-4851-A68E-796DEF1625D7}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{1D8126CE-54E5-4E10-BF5F-0D056A402636}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1EE25F5A-0E52-4818-A9D2-D1ECD1C9E58D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{250F2730-1F4D-4572-B26F-8C34370C9EE3}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{25234D62-57F2-4BD5-9430-38625E56317A}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe |
"{27FCDCEF-8748-46C5-8F7D-787FDF3DFDBB}" = protocol=6 | dir=in | app=c:\users\warfare\appdata\local\apps\2.0\43p4woh6.60n\o6bh9226.31n\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\curseclient.exe |
"{440CC541-DDE6-410D-8A9F-D3F5C017CB17}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{580C892C-9EC3-4022-BDAB-0756B1A143C7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{683080B8-8998-4FB2-8B15-0A17B1788D25}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{6A96B4B6-8F0F-4DA6-AF38-440D7B1DF2D2}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{6B25795C-21C5-4D35-A4B9-73193322A29E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6E64EA09-BFF0-4BDA-B865-D2C5D1F4BAD6}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{6FEEEFE4-7F27-44A0-9847-B389BB17B937}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{85C984C2-B987-42B7-9CBF-492DDDCA45E5}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe |
"{9AC01B37-C031-4035-9B4E-59C35A8DE8E2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{9B60C666-097C-4E8E-8629-33C3A0795326}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{A40EC9BA-C400-4409-B671-9B3C4A931BB7}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe |
"{A874DF1B-ACE1-41A8-92FA-44AB832D68DE}" = protocol=17 | dir=in | app=c:\users\warfare\appdata\local\apps\2.0\43p4woh6.60n\o6bh9226.31n\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\curseclient.exe |
"{AF0E3A09-A97B-433D-AB23-9BBBA5A01931}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{C70A0CE0-DED3-4723-9D9C-53475E2A16BB}" = protocol=6 | dir=in | app=f:\world of warcraft\launcher.exe |
"{C82F2631-9CD5-4497-B370-ACDEAABB23C4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C96DF054-57C5-4F17-BC91-4E68C2C5BE90}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CA8D95C2-2981-44B5-B127-2BC7A07E849D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{CBBFB401-E476-48E6-840E-23E3A54E11EC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D6041F91-5AEA-4A17-8047-EB16B06F5A77}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{DFBC3AA6-B9C0-45EC-94A3-46D088385267}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{E78FD64B-5F8A-4875-B475-F8D065E2698A}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{ECB8FC23-E142-43F3-947B-E80B30EAA321}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe |
"{FF109719-7CAE-4DC7-9A2D-BB614A630DC8}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"TCP Query User{1BCB0CB9-6B88-46C0-BCBB-65FF95CDB458}C:\program files (x86)\sony\station\launchpad\launchpad.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sony\station\launchpad\launchpad.exe |
"TCP Query User{A4B41B05-5245-45BA-89B9-183B998DCE42}C:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"TCP Query User{A68F8365-D5F3-4BC8-BA24-6EECE8ED129B}C:\program files (x86)\corel\graphics10\register\navbrowser.exe" = protocol=6 | dir=in | app=c:\program files (x86)\corel\graphics10\register\navbrowser.exe |
"UDP Query User{25B4A70C-DA04-490A-A37A-C6F32F56D2C5}C:\program files (x86)\corel\graphics10\register\navbrowser.exe" = protocol=17 | dir=in | app=c:\program files (x86)\corel\graphics10\register\navbrowser.exe |
"UDP Query User{787E8FE7-D0C0-49DB-9E50-B2F3525C5F95}C:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"UDP Query User{BE051F04-0A7F-4B90-BEC0-84265115D230}C:\program files (x86)\sony\station\launchpad\launchpad.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sony\station\launchpad\launchpad.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{391ED0B2-B886-A6D0-B1A6-C25A7FE5B452}" = ATI AVIVO64 Codecs
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{47FBE83E-4AE6-4E4C-A9AA-F5838E1FF925}" = GMX Toolbar MSVC100 CRT x64
"{4A1FCB72-812A-4096-8713-F1BB101A904E}" = Microsoft SQL Server Native Client
"{4F8A27CA-6788-7965-3259-5C3B9C37FCD8}" = ATI Problem Report Wizard
"{60A95961-E9F4-17C6-2A91-578C34ED9A0C}" = ATI Catalyst Install Manager
"{6DF41AAD-B5F7-84BE-37F5-4C93184F5FBE}" = ccc-utility64
"{83ED5086-5D6B-698F-5CD4-2F631DA8FD69}" = AMD Drag and Drop Transcoding
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0471C553-36C2-E7A0-7489-E99CD3F9683C}" = CCC Help Chinese Standard
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{06B91450-DDDE-4023-9CD3-B693C4B5A12A}" = Fighters
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{07BFA98D-6DB0-6D9C-95D5-7EF347AF587B}" = HydraVision
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BD171A4-7DAC-A12B-14E3-E33DA0B6FE6A}" = CCC Help Finnish
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1D33BBA9-75E5-7B82-9776-277DEA2C4BA2}" = Catalyst Control Center Graphics Previews Vista
"{1D4BA420-070F-3F9B-4969-126689978A98}" = CCC Help Greek
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{2198B991-FCB1-F74E-26C9-5F7127B9DB0F}" = ccc-core-static
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3ED6B766-BDF2-F30F-F18E-16BA10ABA22A}" = CCC Help French
"{3F0BBF8C-9BAF-5F16-A2BF-B513D528F1B9}" = Catalyst Control Center Graphics Previews Common
"{469032A5-C6F3-CE61-67B1-F8820B747401}" = Application Profiles
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{516D7330-6BA3-6E53-9C7A-F50666C758E0}" = CCC Help Swedish
"{59624372-3B85-47f4-9B04-4911E551DF1E}" = Lexware Info Service
"{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{66391B4E-194D-C20E-F1E5-D7222F1A8104}" = CCC Help Turkish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D1496ED-3150-FCD5-CA3B-4C08B89D00D0}" = Catalyst Control Center Localization All
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77CD6B28-D387-9905-EF5B-78BF8AF722C6}" = CCC Help Chinese Traditional
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8A54BB79-658E-84A4-FBB7-93FD1EB20174}" = CCC Help Danish
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DD59B6E-6FC4-4CDC-896D-2FDF19CBE70B}" = DDBAC
"{8F7C09A4-EBAE-11D3-A9AF-005004D2ECE4}" = Attune 2.3.2
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{95140000-007F-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DC1A9BA-070A-455F-8AC3-62587524ADFB}" = Quicken 2011 - ServicePack 4
"{9E50DEC9-081B-441F-B647-98DBEA8B01DD}" = CorelDRAW 10
"{A0855EE1-F653-3A5A-C7AF-D6CC3BF7A506}" = Catalyst Control Center InstallProxy
"{A0D2B948-BB85-589F-D283-2145A54BB11B}" = CCC Help English
"{A13D9E3A-B31D-4E69-8681-EDB7AA02E365}" = Quicken Import Export Server 2011
"{A48A1D1C-307A-46F9-983E-9762863D15F1}" = GMX Toolbar MSVC100 CRT x86
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9C4FF3C-C5E5-07F7-AD5D-C26C2B41CFF3}" = CCC Help Dutch
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ABA5FB59-633D-23B0-5841-D11A7B97C624}" = CCC Help Hungarian
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B0F9D227-9243-E2E6-21CE-7FB9528202C5}" = CCC Help Norwegian
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1D6F9CC-55FC-CD82-1D5C-BF725BF9311E}" = CCC Help Portuguese
"{B282CB34-95CC-06B2-DFBC-07617F722837}" = CCC Help Spanish
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E259DE5F-4980-4882-85D0-312F82721ED5}" = Quicken 2011
"{E342FAD9-ACA4-BE69-D78C-F26CDF6DC9DC}" = CCC Help Italian
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{ED9E5BCC-371A-5BE1-6DC6-CF7D8DC9A2B7}" = CCC Help Czech
"{EF829AE4-69BB-F791-F3DF-C6CBF8942881}" = CCC Help Korean
"{EFF33410-5603-B27E-778A-7AB406C7A785}" = CCC Help Japanese
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F241F4AB-9D50-52E4-6CA5-D1EA5A0713BC}" = CCC Help Russian
"{F3F8BEC4-1D0E-9E50-0AF6-54A16094C92E}" = CCC Help German
"{F6995FC4-2D91-4169-B3C4-7C51B7123902}" = Lexware online banking
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA39D1A0-3B11-AF64-5EF0-1DBC97F47075}" = CCC Help Thai
"{FD20D0EA-5F36-5870-26EC-5CA842E8C713}" = CCC Help Polish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1&1 Mail & Media GmbH 1und1InternetExplorerAddon" = GMX Internet Explorer Addon
"1&1 Mail & Media GmbH Toolbar FF" = GMX Toolbar für Mozilla Firefox
"1&1 Mail & Media GmbH Toolbar IE8" = GMX Toolbar für Internet Explorer
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BewerbungsGenie 7_is1" = DATA BECKER BewerbungsGenie 7
"CorelDRAW 10" = CorelDRAW 10
"ElsterFormular 12.4.0.7094p" = ElsterFormular
"Google Chrome" = Google Chrome
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"InstallShield_{E259DE5F-4980-4882-85D0-312F82721ED5}" = Quicken Deluxe 2011
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"SPYWAREfighter" = SPYWAREfighter
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The KMPlayer" = The KMPlayer (remove only)
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.7
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"MyFreeCodec" = MyFreeCodec
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.10.2011 08:11:28 | Computer Name = Warfare-PC | Source = Windows Backup | ID = 4103
Description =
Error - 30.10.2011 10:39:15 | Computer Name = Warfare-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: riftpatchlive.exe, Version: 1.0.0.0,
Zeitstempel: 0x4e956f17 Name des fehlerhaften Moduls: QtCore4.dll, Version: 4.6.2.0,
Zeitstempel: 0x4d239522 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022629 ID des fehlerhaften
Prozesses: 0x135c Startzeit der fehlerhaften Anwendung: 0x01cc970308ea7673 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\RIFT Game\riftpatchlive.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\RIFT Game\QtCore4.dll Berichtskennung:
f072f43e-0304-11e1-922b-001e101f82a7
Error - 31.10.2011 08:35:50 | Computer Name = Warfare-PC | Source = Windows Backup | ID = 4103
Description =
Error - 04.11.2011 13:26:37 | Computer Name = Warfare-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 05.11.2011 19:44:54 | Computer Name = Warfare-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: riftpatchlive.exe, Version: 1.0.0.0,
Zeitstempel: 0x4e956f17 Name des fehlerhaften Moduls: QtCore4.dll, Version: 4.6.2.0,
Zeitstempel: 0x4d239522 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022629 ID des fehlerhaften
Prozesses: 0xd14 Startzeit der fehlerhaften Anwendung: 0x01cc9c14d0b61555 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\RIFT Game\riftpatchlive.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\RIFT Game\QtCore4.dll Berichtskennung:
28cd402f-0808-11e1-bf14-001e101fb45e
Error - 19.11.2011 13:02:53 | Computer Name = Warfare-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: RAYMAN.exe, Version: 7.0.2.85, Zeitstempel:
0x37489012 Name des fehlerhaften Moduls: MacroMix.x32, Version: 7.0.1.39, Zeitstempel:
0x36e64b9e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004d66 ID des fehlerhaften Prozesses:
0xeec Startzeit der fehlerhaften Anwendung: 0x01cca6dcfec0e790 Pfad der fehlerhaften
Anwendung: D:\RAYMAN.exe Pfad des fehlerhaften Moduls: D:\xtras\MacroMix.x32 Berichtskennung:
515c4547-12d0-11e1-8f20-001e101fde3a
Error - 19.11.2011 13:24:25 | Computer Name = Warfare-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: RAYMAN.exe, Version: 7.0.2.85, Zeitstempel:
0x37489012 Name des fehlerhaften Moduls: MacroMix.x32, Version: 7.0.1.39, Zeitstempel:
0x36e64b9e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004d66 ID des fehlerhaften Prozesses:
0x130c Startzeit der fehlerhaften Anwendung: 0x01cca6dfacf072a9 Pfad der fehlerhaften
Anwendung: D:\RAYMAN.exe Pfad des fehlerhaften Moduls: D:\xtras\MacroMix.x32 Berichtskennung:
53683a76-12d3-11e1-8f20-001e101fde3a
Error - 19.11.2011 13:25:21 | Computer Name = Warfare-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: RAYMAN.exe, Version: 7.0.2.85, Zeitstempel:
0x37489012 Name des fehlerhaften Moduls: MacroMix.x32, Version: 7.0.1.39, Zeitstempel:
0x36e64b9e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00006447 ID des fehlerhaften Prozesses:
0x1240 Startzeit der fehlerhaften Anwendung: 0x01cca6e0234a1ae9 Pfad der fehlerhaften
Anwendung: D:\RAYMAN.exe Pfad des fehlerhaften Moduls: D:\xtras\MacroMix.x32 Berichtskennung:
7504721c-12d3-11e1-8f20-001e101fde3a
Error - 26.11.2011 14:04:01 | Computer Name = Warfare-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 67c Startzeit: 01ccac658cb6b567 Endzeit: 16 Anwendungspfad:
C:\Windows\Explorer.EXE Berichts-ID: fd09c3f8-1858-11e1-926a-001e101fe5e1
Error - 30.11.2011 12:40:17 | Computer Name = Warfare-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: riftpatchlive.exe, Version: 1.0.0.0,
Zeitstempel: 0x4e956f17 Name des fehlerhaften Moduls: QtCore4.dll, Version: 4.6.2.0,
Zeitstempel: 0x4d239522 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022629 ID des fehlerhaften
Prozesses: 0x1228 Startzeit der fehlerhaften Anwendung: 0x01ccaf7e91515344 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\RIFT Game\riftpatchlive.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\RIFT Game\QtCore4.dll Berichtskennung:
fbd374d8-1b71-11e1-b3af-001e101f36d9
[ Media Center Events ]
Error - 29.11.2011 11:29:31 | Computer Name = Warfare-PC | Source = MCUpdate | ID = 0
Description = 16:29:31 - Fehler beim Herstellen der Internetverbindung. 16:29:31
- Serververbindung konnte nicht hergestellt werden..
Error - 04.12.2011 06:19:17 | Computer Name = Warfare-PC | Source = MCUpdate | ID = 0
Description = 11:19:16 - Fehler beim Herstellen der Internetverbindung. 11:19:16
- Serververbindung konnte nicht hergestellt werden..
Error - 09.12.2011 03:35:52 | Computer Name = Warfare-PC | Source = MCUpdate | ID = 0
Description = 08:35:52 - Fehler beim Herstellen der Internetverbindung. 08:35:52
- Serververbindung konnte nicht hergestellt werden..
Error - 09.12.2011 04:35:57 | Computer Name = Warfare-PC | Source = MCUpdate | ID = 0
Description = 09:35:57 - Fehler beim Herstellen der Internetverbindung. 09:35:57
- Serververbindung konnte nicht hergestellt werden..
Error - 09.12.2011 05:36:02 | Computer Name = Warfare-PC | Source = MCUpdate | ID = 0
Description = 10:36:02 - Fehler beim Herstellen der Internetverbindung. 10:36:02
- Serververbindung konnte nicht hergestellt werden..
Error - 09.12.2011 06:36:07 | Computer Name = Warfare-PC | Source = MCUpdate | ID = 0
Description = 11:36:07 - Fehler beim Herstellen der Internetverbindung. 11:36:07
- Serververbindung konnte nicht hergestellt werden..
Error - 14.12.2011 03:12:24 | Computer Name = Warfare-PC | Source = MCUpdate | ID = 0
Description = 08:12:24 - Fehler beim Herstellen der Internetverbindung. 08:12:24
- Serververbindung konnte nicht hergestellt werden..
Error - 18.01.2012 03:37:01 | Computer Name = Warfare-PC | Source = MCUpdate | ID = 0
Description = 08:37:01 - Fehler beim Herstellen der Internetverbindung. 08:37:01
- Serververbindung konnte nicht hergestellt werden..
Error - 22.01.2012 22:59:14 | Computer Name = Warfare-PC | Source = MCUpdate | ID = 0
Description = 03:59:13 - Fehler beim Herstellen der Internetverbindung. 03:59:13
- Serververbindung konnte nicht hergestellt werden..
Error - 22.01.2012 23:59:18 | Computer Name = Warfare-PC | Source = MCUpdate | ID = 0
Description = 04:59:18 - Fehler beim Herstellen der Internetverbindung. 04:59:18
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 17.06.2012 07:09:02 | Computer Name = Warfare-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AV Engine Scanning Service" wurde unerwartet beendet. Dies
ist bereits 5 Mal passiert.
Error - 17.06.2012 07:10:23 | Computer Name = Warfare-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AV Engine Scanning Service" wurde unerwartet beendet. Dies
ist bereits 6 Mal passiert.
Error - 17.06.2012 07:11:44 | Computer Name = Warfare-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AV Engine Scanning Service" wurde unerwartet beendet. Dies
ist bereits 7 Mal passiert.
Error - 17.06.2012 07:13:05 | Computer Name = Warfare-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AV Engine Scanning Service" wurde unerwartet beendet. Dies
ist bereits 8 Mal passiert.
Error - 17.06.2012 07:14:26 | Computer Name = Warfare-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AV Engine Scanning Service" wurde unerwartet beendet. Dies
ist bereits 9 Mal passiert.
Error - 17.06.2012 07:15:47 | Computer Name = Warfare-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AV Engine Scanning Service" wurde unerwartet beendet. Dies
ist bereits 10 Mal passiert.
Error - 17.06.2012 07:17:09 | Computer Name = Warfare-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AV Engine Scanning Service" wurde unerwartet beendet. Dies
ist bereits 11 Mal passiert.
Error - 17.06.2012 07:18:30 | Computer Name = Warfare-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AV Engine Scanning Service" wurde unerwartet beendet. Dies
ist bereits 12 Mal passiert.
Error - 17.06.2012 07:19:52 | Computer Name = Warfare-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AV Engine Scanning Service" wurde unerwartet beendet. Dies
ist bereits 13 Mal passiert.
Error - 17.06.2012 07:21:13 | Computer Name = Warfare-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AV Engine Scanning Service" wurde unerwartet beendet. Dies
ist bereits 14 Mal passiert.
< End of report >
Code:
Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org
Datenbank Version: v2012.06.17.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Warfare :: WARFARE-PC [Administrator]
Schutz: Aktiviert
17.06.2012 13:53:01
mbam-log-2012-06-17 (13-53-01).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 207136
Laufzeit: 6 Minute(n), 51 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 1
C:\Windows\AutoKMS.exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
|
