![]() |
Plagegeister aller Art und deren Bekämpfung: Keine Rückmeldung und FreezeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() |
![]() | #16 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Keine Rückmeldung und Freeze Dann bitte in zwei Posting verteilt posten in CODE-Tags Ich hab auch gerade einen Hinweis bekommen, dass du den mediyes hast, da müssen wir auchnochmal richtig ran ![]()
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #17 |
![]() ![]() | ![]() Keine Rückmeldung und Freeze Alles klar hier kommt der 1.
ATTFilter OTL logfile created on: 13.10.2012 18:12:32 - Run 1 OTL by OldTimer - Version Folder = C:\Users\MaxMustermann\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,75 Gb Total Physical Memory | 2,63 Gb Available Physical Memory | 70,14% Memory free 7,50 Gb Paging File | 6,14 Gb Available in Paging File | 81,89% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 317,86 Gb Free Space | 68,26% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: MaxMustermann | User Name: MaxMustermann | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MaxMustermann\Desktop\OTL.exe PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.07.18 18:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe PRC - [2005.07.22 09:22:22 | 000,126,976 | ---- | M] (T-Com Bereich Endgeräte) -- C:\Program Files (x86)\OnlineControl\ocontrol.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Update-Service-Installer-Service) SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Dnscache) SRV - [2012.10.09 03:51:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.10.05 01:28:45 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.08.30 21:36:30 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll -- (Akamai) SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2012.07.14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.06.29 05:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5) SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.11.12 19:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.02.15 13:08:56 | 000,675,840 | ---- | M] (RapidSolution Software AG) [Disabled | Stopped] -- C:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe -- (ScrambyServer) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.07.28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012.07.18 18:04:42 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.07.18 18:04:42 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.07.18 18:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.05.21 15:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) DRV:64bit: - [2010.09.26 20:32:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2010.08.12 13:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET) DRV:64bit: - [2010.07.01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc) DRV:64bit: - [2010.02.14 17:06:19 | 000,575,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2008.11.11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem) DRV:64bit: - [2008.11.11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag) DRV:64bit: - [2008.11.11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus) DRV:64bit: - [2007.08.08 08:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scramby_out.sys -- (scramby_out) DRV:64bit: - [2006.12.05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207) DRV - [2011.12.12 19:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2010.11.01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01 [binary data] IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01 [binary data] IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.) IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{5E4D3DCE-F4DD-433C-A690-3EF511A532F2}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{9ECAE799-1810-47F9-AA0D-74B6C39860CF}: "URL" = hxxp://www.ricardo.ch/search/search.asp?txtSearch={searchTerms}&Catg=1&InTitleAndDesc=1 IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{EE232B47-5DB3-4AA9-87BD-51DD6FA63286}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms} IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms} IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p=" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=685749" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DragoTheOwner\AppData\Local\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DragoTheOwner\AppData\Local\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 04:57:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.01 12:37:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\DragoTheOwner\AppData\Roaming\IDM\idmmzcc3 [2012.07.22 04:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Extensions [2012.10.12 18:11:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions [2012.09.17 19:22:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.09.18 17:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions [2011.07.17 20:51:18 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.05.09 17:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\ffxtlbr@babylon.com [2012.08.07 18:04:54 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.10.12 18:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.08.24 22:46:49 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Conduit (Enabled) CHR - default_search_provider: search_url = hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050 CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Free Studio (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\\np_dvs_plugin.dll CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\\plugins/ConduitChromeApiPlugin.dll CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\\plugins/np-cwmp.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll O1 HOSTS File: ([2012.08.07 19:07:25 | 000,444,231 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: hxxp://legendmt2.eu/ l2testauthd.lineage2.com O1 - Hosts: hxxp://legendmt2.eu/ l2authd.lineage2.com O1 - Hosts: www.007guard.com O1 - Hosts: 007guard.com O1 - Hosts: 008i.com O1 - Hosts: www.008k.com O1 - Hosts: 008k.com O1 - Hosts: www.00hq.com O1 - Hosts: 00hq.com O1 - Hosts: 010402.com O1 - Hosts: www.032439.com O1 - Hosts: 032439.com O1 - Hosts: www.0scan.com O1 - Hosts: 0scan.com O1 - Hosts: www.1000gratisproben.com O1 - Hosts: 1000gratisproben.com O1 - Hosts: 1001namen.com O1 - Hosts: www.1001namen.com O1 - Hosts: 100888290cs.com O1 - Hosts: www.100888290cs.com O1 - Hosts: www.100sexlinks.com O1 - Hosts: 100sexlinks.com O1 - Hosts: www.10sek.com O1 - Hosts: 10sek.com O1 - Hosts: www.1-2005-search.com O1 - Hosts: 15246 more lines... O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.) O2 - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found. O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found. O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit) O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\system32\d3dywzbtg.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri64_4.4.26.0.cab (SysInfo Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.7.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47dda526-fe72-4f24-ae70-b0681e2df27d}: DhcpNameServer = O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27:64bit: - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software) O27:64bit: - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software) O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Seite1.exe O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk - - File not found MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk - - File not found MsConfig:64bit - StartUpReg: BabylonToolbar - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Free Download Manager - hkey= - key= - C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG) MsConfig:64bit - StartUpReg: HBLiteSA - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= - File not found MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - StartUpReg: Windows Game Service - hkey= - key= - File not found MsConfig:64bit - State: "bootini" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: DnsCache - C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices Code:
ATTFilter ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L) Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll () Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.10.13 18:03:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe [2012.10.12 22:59:07 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Shizuka3-Client-2012-v3 [2012.10.10 18:29:00 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\CRE [2012.10.09 15:21:06 | 000,024,960 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe [2012.10.09 15:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Toolbar [2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit [2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5 [2012.09.23 21:16:38 | 000,000,000 | ---D | C] -- C:\Windows\de [2012.09.23 21:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive [2012.09.23 21:07:37 | 000,000,000 | R--D | C] -- C:\Users\DragoTheOwner\SkyDrive [2012.09.23 21:07:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive [2012.09.23 17:44:28 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple Computer [2012.09.23 17:44:27 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer [2012.09.23 17:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.09.23 17:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2012.09.23 17:41:50 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple [2012.09.23 17:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012.09.23 17:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012.09.18 17:54:25 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes [2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.18 17:54:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.18 17:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.09.18 17:31:19 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Drum & Bass und DubStep [2012.09.15 22:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3 [2012.09.15 22:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2012.09.15 22:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit [3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.13 18:13:01 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job [2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe [2012.10.13 17:54:27 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.13 17:54:27 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.13 17:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.13 17:46:05 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2012.10.13 17:46:03 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job [2012.10.13 17:45:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.13 15:13:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job [2012.10.12 23:34:29 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.12 23:34:29 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.12 23:34:29 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.12 23:34:29 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.12 23:34:29 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.12 23:00:14 | 000,000,707 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk [2012.10.12 16:05:43 | 000,284,749 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg [2012.10.12 15:52:22 | 000,538,327 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe [2012.10.11 20:38:17 | 000,577,076 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5466_kimmundo_leblanc_league_of_legends.png [2012.10.11 18:07:17 | 000,263,365 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\615911_538994196117062_708083328_o.jpg [2012.10.11 01:18:36 | 000,002,523 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Google Chrome.lnk [2012.10.10 18:46:08 | 046,796,570 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Entdecke die Schönen Seiten im Leben.mp4 [2012.10.10 18:29:09 | 000,000,009 | ---- | M] () -- C:\END [2012.10.10 15:34:18 | 000,212,245 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg [2012.10.09 15:10:14 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk [2012.10.08 18:36:38 | 003,256,058 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a [2012.10.08 11:35:33 | 000,009,216 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.10.07 18:43:08 | 000,000,220 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url [2012.09.29 23:42:11 | 000,000,219 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url [2012.09.29 22:59:13 | 000,001,243 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk [2012.09.26 04:32:38 | 000,029,114 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\Folder.jpg [2012.09.26 04:32:38 | 000,006,205 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\AlbumArtSmall.jpg [2012.09.26 04:25:54 | 000,433,908 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg [2012.09.26 03:20:32 | 057,228,076 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Ich kann nicht ohne dich...mp4 [2012.09.23 21:23:02 | 000,349,777 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg [2012.09.23 21:15:54 | 000,001,305 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk [2012.09.23 17:44:17 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.09.20 19:36:36 | 000,000,222 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url [2012.09.19 21:25:16 | 002,311,218 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov [2012.09.18 17:54:10 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.18 17:37:47 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img [2012.09.18 05:57:42 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img.bak [2012.09.17 09:41:33 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.09.15 22:25:16 | 000,001,186 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk [2012.09.15 22:25:16 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk [3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.12 23:00:14 | 000,000,707 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk [2012.10.12 16:05:41 | 000,284,749 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg [2012.10.12 15:52:20 | 000,538,327 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe [2012.10.11 20:38:16 | 000,577,076 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5466_kimmundo_leblanc_league_of_legends.png [2012.10.11 18:07:17 | 000,263,365 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\615911_538994196117062_708083328_o.jpg [2012.10.10 18:43:10 | 046,796,570 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Entdecke die Schönen Seiten im Leben.mp4 [2012.10.10 18:29:07 | 000,000,009 | ---- | C] () -- C:\END [2012.10.10 15:34:18 | 000,212,245 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg [2012.10.09 15:10:14 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk [2012.10.08 18:36:35 | 003,256,058 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a [2012.10.07 18:43:08 | 000,000,220 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url [2012.09.29 23:42:11 | 000,000,219 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url [2012.09.26 04:26:54 | 000,433,908 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg [2012.09.26 03:13:15 | 057,228,076 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Ich kann nicht ohne dich...mp4 [2012.09.24 05:01:33 | 000,000,617 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\League of Legends spielen .lnk [2012.09.23 21:23:08 | 000,349,777 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg [2012.09.23 21:15:54 | 000,001,305 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk [2012.09.23 21:15:42 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [2012.09.23 21:14:59 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2012.09.23 21:07:35 | 000,002,200 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk [2012.09.23 17:44:17 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.09.23 17:41:47 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012.09.20 19:36:36 | 000,000,222 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url [2012.09.19 21:23:33 | 002,311,218 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov [2012.09.18 17:54:10 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.17 19:22:41 | 000,001,243 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk [2012.09.15 22:25:16 | 000,001,186 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk [2012.09.15 22:25:16 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk [2012.09.07 06:01:03 | 000,008,976 | ---- | C] () -- C:\Users\DragoTheOwner\.recently-used.xbel [2012.07.27 14:11:05 | 000,003,551 | ---- | C] () -- C:\Windows\wininit.ini [2012.07.23 00:33:25 | 000,009,216 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.06.28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.05.01 21:50:14 | 922,460,208 | ---- | C] () -- C:\Users\DragoTheOwner\War_Rock_10182011_G1_Xfire.exe [2012.03.21 18:54:48 | 000,000,000 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\{30DEB4EF-7BA3-4C31-B2F1-2D0414B6C43D} [2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.09.25 01:58:18 | 000,282,472 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.09.25 01:58:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.05.24 18:06:10 | 000,150,184 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.04.18 23:30:47 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.03.10 16:58:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.11.22 12:00:06 | 004,269,056 | ---- | C] () -- C:\Windows\SysWow64\system.dll [2010.11.16 15:33:06 | 000,021,220 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\UserTile.png [2010.03.01 20:09:42 | 000,007,606 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\Resmon.ResmonCfg ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.09.10 03:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft [2011.12.17 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics [2011.05.22 11:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux [2010.01.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener [2011.02.10 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache [2012.06.15 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations [2012.07.06 17:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB [2012.10.10 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft [2012.09.17 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers [2010.01.27 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner [2012.05.17 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson [2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen [2011.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader [2012.10.09 15:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager [2010.06.10 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo [2012.09.07 06:01:03 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0 [2011.06.18 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios [2011.11.03 11:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ [2011.01.15 00:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM [2012.10.09 15:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit [2010.07.15 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics [2010.08.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient [2012.05.24 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2 [2010.10.11 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX [2011.10.30 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut [2011.04.03 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World [2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF [2011.07.10 21:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++ [2012.06.15 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org [2010.06.27 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape [2012.07.03 20:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games [2011.10.08 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee [2011.05.14 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot [2012.07.20 02:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater [2012.06.28 20:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync [2010.12.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat [2012.08.07 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer [2011.05.10 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds [2012.09.17 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client [2012.04.20 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software [2012.09.18 17:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue [2011.10.15 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.09.10 03:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft [2012.06.15 10:44:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Adobe [2012.09.23 17:45:20 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer [2010.10.08 21:44:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ArcSoft [2011.12.17 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics [2011.05.22 11:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux [2012.07.27 15:44:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Avira [2011.01.08 00:17:15 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\AVS4YOU [2010.01.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener [2011.01.08 17:15:16 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DivX [2011.02.10 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache [2012.06.15 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations [2012.07.06 17:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB [2012.10.10 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft [2012.09.17 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers [2010.01.27 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner [2012.05.17 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson [2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen [2011.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader [2012.10.09 15:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager [2010.06.10 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo [2012.09.07 06:01:03 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0 [2010.09.18 16:21:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hamachi [2011.06.18 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios [2011.11.03 11:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ [2010.01.27 16:55:55 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Identities [2011.01.15 00:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM [2010.02.14 17:06:21 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\InstallShield [2012.10.09 15:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit [2010.07.15 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics [2010.08.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient [2012.05.24 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2 [2010.01.27 20:28:38 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia [2010.10.11 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX [2012.09.18 17:54:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes [2009.07.14 20:18:18 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Media Center Programs [2012.09.30 01:10:48 | 000,000,000 | --SD | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft [2012.07.22 04:58:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Mozilla [2011.10.30 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut [2011.04.03 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World [2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF [2011.07.10 21:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++ [2012.04.22 15:31:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\NVIDIA [2012.06.15 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org [2010.06.27 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape [2012.07.03 20:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games [2011.10.08 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee [2011.05.14 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot [2012.07.20 02:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater [2012.06.28 20:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync [2012.10.13 18:12:37 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Skype [2011.07.24 00:03:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\skypePM [2010.12.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat [2010.08.10 13:36:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\teamspeak2 [2012.08.07 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer [2011.05.10 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds [2012.09.17 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client [2012.04.20 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software [2012.09.18 17:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue [2011.10.15 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer [2010.01.27 17:09:32 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2011.01.29 17:45:25 | 079,043,646 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe7 [2011.01.29 17:45:25 | 087,148,709 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe5 [2011.01.29 17:45:25 | 074,667,317 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe6 [2011.01.29 17:45:25 | 079,551,845 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe4 [2011.01.29 17:45:25 | 068,507,997 | ---- | M] (Igor Pavlov) -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe [2011.01.29 17:45:25 | 064,054,648 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe1 [2011.01.29 17:45:25 | 075,811,492 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe2 [2011.01.29 17:45:25 | 074,545,348 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe3 [2010.11.27 04:01:28 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [2012.04.12 13:33:48 | 008,738,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe [2011.01.16 16:07:29 | 000,348,160 | ---- | M] (Octoshape ApS) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe < %SYSTEMDRIVE%\*.exe > [2008.04.11 08:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTORV.SYS > [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < > [2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010.06.28 21:36:59 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2011.10.15 12:41:45 | 000,000,198 | ---- | C] () -- C:\Windows\Tasks\{CD7D28A7-F48B-41CE-B478-5A4BFF4BF3EB}.job [2012.03.27 17:33:15 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core1cd0c2eed37e280.job [2012.04.24 13:09:42 | 000,000,240 | ---- | C] () -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012.job [2012.05.23 18:15:41 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012.06.09 16:06:09 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job [2012.07.13 03:14:16 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job [2012.07.26 17:34:42 | 000,001,152 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job ========== Alternate Data Streams ========== @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1 < End of report > |
![]() | #18 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Keine Rückmeldung und Freeze Das ist aber nicht das Fixlog, bitte das Log nach dem Fix posten
__________________ |
![]() | #19 |
![]() ![]() | ![]() Keine Rückmeldung und Freeze Ok ich denke das ist es. Code:
ATTFilter OTL Extras logfile created on: 13.10.2012 18:12:32 - Run 1 OTL by OldTimer - Version Folder = C:\Users\DragoTheOwner\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,75 Gb Total Physical Memory | 2,63 Gb Available Physical Memory | 70,14% Memory free 7,50 Gb Paging File | 6,14 Gb Available in Paging File | 81,89% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 317,86 Gb Free Space | 68,26% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: NOEL | User Name: DragoTheOwner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- Reg Error: Key error. File not found .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) .js[@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation) .jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation) .vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation) .vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation) .wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- Reg Error: Key error. File not found .js [@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- Reg Error: Key error. htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation) jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation) wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- Reg Error: Key error. CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- Reg Error: Key error. htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation) jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation) wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- Reg Error: Key error. CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0181F78D-5CE6-4286-ACFD-B79B89A4ACB3}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher | "{0215D7D0-6125-4B20-B2DB-00C281D6CF6B}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{043A0207-AC8A-4CF9-9CF9-F3AE0EB75AD7}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client | "{0624245A-F330-411B-AE1C-50DAB5407FEF}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher | "{07E2F0D4-8481-4382-9931-9160542DABC2}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{07EF7F63-D8C0-4D4E-B3DD-A28FC9388B97}" = lport=6898 | protocol=6 | dir=in | name=league of legends launcher | "{0A035BE2-93FE-44CE-8339-0D7F008F42C3}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | "{0EC10FD2-A665-4842-B7F3-F946F58E92F7}" = lport=6929 | protocol=17 | dir=in | name=league of legends launcher | "{15B5565E-617B-4DD0-B58A-2A65E26F9D17}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | "{1C391C93-81D5-4879-B616-A8D2087C5160}" = lport=6961 | protocol=17 | dir=in | name=league of legends launcher | "{1F446F90-6367-49D9-9555-4E2987106D1F}" = lport=6900 | protocol=6 | dir=in | name=league of legends launcher | "{1F71F3EB-BBF0-4568-BC9D-1F919BF9E01D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{21A88D69-9145-44C3-9824-CA6A09327135}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby | "{21C5279B-7B43-4529-A6BB-9991141AB25C}" = lport=6962 | protocol=6 | dir=in | name=league of legends launcher | "{25042E63-EB50-409D-9C2B-A2386DE4D6E2}" = lport=6919 | protocol=17 | dir=in | name=league of legends launcher | "{2C71F38C-57C9-4809-B326-490489AE13C4}" = lport=6945 | protocol=17 | dir=in | name=league of legends launcher | "{2F8FE8F8-15AC-4C96-8B1E-65442319FB22}" = lport=6895 | protocol=17 | dir=in | name=league of legends launcher | "{3218AE2C-66E4-480D-8C15-F68BDCE451FE}" = lport=6967 | protocol=17 | dir=in | name=league of legends launcher | "{334AD1A3-D6C1-4299-A1B8-90CFFA94E335}" = lport=6959 | protocol=17 | dir=in | name=league of legends launcher | "{3453A4B5-76B9-4495-B87C-D0B66D4EF34F}" = rport=445 | protocol=6 | dir=out | app=system | "{34C297EF-1E60-4EE2-9EE4-0369E6DFFD49}" = lport=6948 | protocol=6 | dir=in | name=league of legends launcher | "{36F32453-2174-4AF1-BFAE-84D2167003B6}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | "{37AAFDCC-EF15-4891-B939-ABD648B38D1B}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client | "{38D0497C-9328-4BDB-819A-29403F3B07A9}" = lport=6938 | protocol=6 | dir=in | name=league of legends launcher | "{39E12260-B2FF-40DF-AC8C-DD0C80ADDB02}" = lport=6893 | protocol=17 | dir=in | name=league of legends launcher | "{3B6F384D-6B56-4FF0-8224-65AFA007C545}" = lport=6888 | protocol=6 | dir=in | name=league of legends launcher | "{3C29D026-9BBA-4BFC-B307-CB8B21784021}" = lport=6923 | protocol=17 | dir=in | name=league of legends launcher | "{42F44017-048D-4D8C-96F5-40677E8256CE}" = lport=139 | protocol=6 | dir=in | app=system | "{44EB6ED0-B2A9-443F-9856-E123AF8D005F}" = lport=6908 | protocol=6 | dir=in | name=league of legends launcher | "{44F94022-4158-413D-9E07-155C1788BF64}" = lport=6888 | protocol=17 | dir=in | name=league of legends launcher | "{45501073-1523-42C3-AAF9-FB09C0490B45}" = lport=6974 | protocol=17 | dir=in | name=league of legends launcher | "{486617AF-ABB1-427E-A35D-08A6FFF16665}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | "{4C00C683-3FAD-4D6E-9304-140C7880BE54}" = lport=6992 | protocol=6 | dir=in | name=league of legends launcher | "{4C356839-28B8-4598-9494-C6CC32BC719A}" = lport=6908 | protocol=17 | dir=in | name=league of legends launcher | "{4CB603C9-3F77-4926-B2DE-F11660A84482}" = lport=137 | protocol=17 | dir=in | app=system | "{4D49FCC4-D1E4-4962-B493-238E55191D78}" = lport=6906 | protocol=17 | dir=in | name=league of legends launcher | "{4DF3713D-5B8B-43A0-A3C0-CB2474263A3A}" = lport=6895 | protocol=17 | dir=in | name=league of legends launcher | "{5044B455-4C35-4CE3-B664-7D95C0ACB103}" = lport=6910 | protocol=17 | dir=in | name=league of legends launcher | "{5217827B-072A-46A7-BF78-715172EF80E7}" = lport=6962 | protocol=17 | dir=in | name=league of legends launcher | "{535D0BEA-7F26-4CC6-8DC8-332358E35284}" = lport=6924 | protocol=6 | dir=in | name=league of legends launcher | "{54AF4826-EFD0-4BD3-B175-A7EC85E0484B}" = lport=6986 | protocol=6 | dir=in | name=league of legends launcher | "{56040CC9-E8F4-46F5-81F7-52B157A0CDEC}" = lport=6895 | protocol=6 | dir=in | name=league of legends launcher | "{56D86038-EB48-4DED-B478-EF9A6FA46CEF}" = lport=6963 | protocol=17 | dir=in | name=league of legends launcher | "{57433B7D-8D26-4FC5-9E7D-1D8A19B63598}" = lport=6955 | protocol=6 | dir=in | name=league of legends launcher | "{58761F36-6AAC-4169-88BE-0F5E12DC6A00}" = lport=49170 | protocol=6 | dir=in | name=akamai netsession interface | "{58F8051C-C16A-4DE2-8D79-B79300C0C836}" = lport=6949 | protocol=17 | dir=in | name=league of legends launcher | "{599EE1F3-853F-45ED-9B1F-0689183E2B97}" = lport=6888 | protocol=6 | dir=in | name=league of legends launcher | "{59B9D11B-1F75-427C-BB34-D678DC3169D7}" = lport=6893 | protocol=6 | dir=in | name=league of legends launcher | "{5B83656C-5477-4CB7-A696-B2F775046BF8}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{5C20C9F0-D7EC-4AFD-B5E8-5EE8A242CE85}" = lport=6921 | protocol=6 | dir=in | name=league of legends launcher | "{5F88EE07-53E2-4A8F-AE41-C7FD08A4951E}" = lport=6899 | protocol=17 | dir=in | name=league of legends launcher | "{609BC565-50AA-4910-8136-E642FA1C555F}" = lport=6972 | protocol=6 | dir=in | name=league of legends launcher | "{61886DF5-D463-4CFB-8327-12BCC8FAA1B7}" = lport=6888 | protocol=17 | dir=in | name=league of legends launcher | "{61FBBBB1-AF5B-4195-903F-8156AADB1053}" = lport=6973 | protocol=17 | dir=in | name=league of legends launcher | "{622EB039-7382-4F66-9023-F07B68FA9AC5}" = lport=6974 | protocol=6 | dir=in | name=league of legends launcher | "{655AF73E-0770-424C-8339-E3B5A759EFF4}" = lport=6916 | protocol=6 | dir=in | name=league of legends launcher | "{6AE49FBB-8221-4FAA-8D93-22625176FF28}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{6BDB25EE-4499-4071-9AA6-AE55C011E8BA}" = lport=6973 | protocol=6 | dir=in | name=league of legends launcher | "{6CB2311A-54BD-4F5B-9B33-FAABEA2F09AB}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby | "{6E94131B-197D-42E3-9BF6-621C3BBAEED6}" = lport=6997 | protocol=17 | dir=in | name=league of legends launcher | "{6EAE8F25-5017-4022-A696-6B24BA1185BC}" = lport=6951 | protocol=6 | dir=in | name=league of legends launcher | "{7469E944-8E94-4AA0-B08E-2F3495D691C6}" = lport=6949 | protocol=6 | dir=in | name=league of legends launcher | "{74E0D935-AC31-4456-A30B-2C44A1EC5C56}" = lport=6910 | protocol=6 | dir=in | name=league of legends launcher | "{75CD009E-1AA1-491B-B098-FEDD6FE23398}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher | "{76742038-BD21-4997-A2BB-816394FC4DB3}" = lport=138 | protocol=17 | dir=in | app=system | "{7ABDFFED-9861-485E-8C31-36DB9D84098B}" = lport=6899 | protocol=6 | dir=in | name=league of legends launcher | "{7AE4DEAF-378C-4CD8-AE01-79D39579EC2F}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher | "{7C5804C4-2629-4EEC-9B0C-E987CAFDAD62}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client | "{7D3E74A5-8FB4-4C1C-A329-394A930FF93C}" = lport=6959 | protocol=6 | dir=in | name=league of legends launcher | "{7EEF91E2-0512-461F-A995-3E51048E0C41}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | "{84D9E18D-7CF7-4BA2-B65F-863B3945C986}" = lport=6924 | protocol=17 | dir=in | name=league of legends launcher | "{87C912B4-02A5-4DCF-9893-8B63AD18CD25}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{88854A7F-12FD-4B7A-9D5D-80CA6DD3F39F}" = lport=6958 | protocol=17 | dir=in | name=league of legends launcher | "{8B554B7D-2916-4B53-A665-95C9D46386B7}" = lport=6895 | protocol=6 | dir=in | name=league of legends launcher | "{8B768A98-0DD9-4881-827A-7D9AA1B60063}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher | "{8C849DB0-4DD1-4504-A1CE-C77DF2C241AE}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client | "{91170BF9-CBF5-47A8-80B2-A0004DF584C8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{95472323-035B-48E6-B190-0B4804DAA110}" = lport=6981 | protocol=6 | dir=in | name=league of legends launcher | "{97197243-B0E2-4D65-9E3A-2C61197551E5}" = rport=2869 | protocol=6 | dir=out | app=system | "{9742BBD9-615F-43B8-BF27-B3CC0BA0460C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{9808C5A0-3C9F-46F6-A013-AB86AD020EE6}" = lport=6970 | protocol=17 | dir=in | name=league of legends launcher | "{9A0F7963-8BC9-4D1C-8EBE-849DAC48A364}" = lport=445 | protocol=6 | dir=in | app=system | "{9A119EB0-E983-43BB-878A-E72173DE2DA1}" = lport=6993 | protocol=6 | dir=in | name=league of legends launcher | "{9C90351D-FF94-4576-B8CD-6FDA94000375}" = lport=6997 | protocol=6 | dir=in | name=league of legends launcher | "{9D611338-CBDC-459A-8072-9B9D95709C82}" = lport=6884 | protocol=6 | dir=in | name=league of legends launcher | "{9D6BEC60-13C4-4FF1-8E0D-5A796A849D20}" = lport=6958 | protocol=6 | dir=in | name=league of legends launcher | "{9F7F625E-AFF5-4142-A670-0C72DF0F0129}" = lport=6938 | protocol=17 | dir=in | name=league of legends launcher | "{A63A74CA-0F0D-47B5-814A-B082C00CB09F}" = lport=6992 | protocol=17 | dir=in | name=league of legends launcher | "{A70822BF-12AA-40FF-80DF-BA56D11C3B3F}" = lport=6972 | protocol=17 | dir=in | name=league of legends launcher | "{A9340B90-3FCC-424C-B011-B516B3A88480}" = lport=6898 | protocol=17 | dir=in | name=league of legends launcher | "{AA128517-49FA-42C6-863B-5F4A62E90506}" = lport=6925 | protocol=17 | dir=in | name=league of legends launcher | "{AAE111D4-AFE6-4F11-941D-A6152E4DD0EC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{AD0E7F71-6057-4FE2-B6A2-F150F4790581}" = lport=6955 | protocol=17 | dir=in | name=league of legends launcher | "{B078C6D4-ECA9-4FD9-ACBF-168D8D7286B7}" = lport=6901 | protocol=6 | dir=in | name=league of legends launcher | "{B31F07B7-3293-430C-8EF9-32B9513E8CAA}" = rport=138 | protocol=17 | dir=out | app=system | "{B3D25BED-9C7A-4EF3-9B4B-B99CE0A46C46}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{B473C4B2-1AD7-4421-9AF5-F35CC4910E96}" = lport=6986 | protocol=17 | dir=in | name=league of legends launcher | "{BBB5BF17-78BB-4DA6-9C9E-C0569F8D8563}" = lport=2869 | protocol=6 | dir=in | app=system | "{C1C5A996-0BA5-4C8A-B486-50872E14EF99}" = lport=6906 | protocol=6 | dir=in | name=league of legends launcher | "{C2083098-08F3-40B6-B010-E5C178AB2F99}" = lport=56728 | protocol=6 | dir=in | name=akamai netsession interface | "{C2B6D530-8C74-4435-A188-E564049D3086}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{C3FDA257-B8CD-4B69-B8A5-113D2DDE1738}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby | "{C416656D-9C01-4434-91D2-4F533FBFC452}" = lport=6916 | protocol=17 | dir=in | name=league of legends launcher | "{C53DCB03-E831-4D55-B48C-5A54511BA8B2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C66F0361-C74B-40CE-8D48-09AC406D8204}" = lport=6925 | protocol=6 | dir=in | name=league of legends launcher | "{C80D2B93-069C-4C51-A329-A39021ADC2A1}" = lport=6956 | protocol=17 | dir=in | name=league of legends launcher | "{C9E3C64C-0970-4088-B356-78009014EDB3}" = lport=6970 | protocol=6 | dir=in | name=league of legends launcher | "{CC699927-FC79-4EA2-BD56-251F93A5DA91}" = lport=6973 | protocol=17 | dir=in | name=league of legends launcher | "{D19040B6-3CEC-4010-BFC0-D702E9E6FA40}" = lport=6973 | protocol=6 | dir=in | name=league of legends launcher | "{D2AEBAD4-1E77-446D-9A32-CA0E77C91FD5}" = lport=6929 | protocol=6 | dir=in | name=league of legends launcher | "{D345E497-5438-4624-A222-BF3E6A3AC850}" = lport=6987 | protocol=6 | dir=in | name=league of legends launcher | "{D3E3890F-7A35-45A6-8B9E-D8F4569F1DFC}" = lport=6991 | protocol=17 | dir=in | name=league of legends launcher | "{D74209DF-6FB4-4B90-B979-D9E8D257BE31}" = rport=139 | protocol=6 | dir=out | app=system | "{D7E1484A-E0EE-4C9D-92A2-99B80B18627E}" = lport=6951 | protocol=17 | dir=in | name=league of legends launcher | "{D81C56A1-3D8B-44A9-9916-964765465630}" = lport=6945 | protocol=6 | dir=in | name=league of legends launcher | "{D944A160-5B92-428C-BA67-AA3E77B72F03}" = lport=6948 | protocol=17 | dir=in | name=league of legends launcher | "{DA25D335-5B53-41DA-94B2-E67A440FFC59}" = lport=6956 | protocol=6 | dir=in | name=league of legends launcher | "{DA8808E3-AE7A-4347-8189-9958BADAC0DA}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | "{DA910466-D1E7-4F9E-B1D8-C2304BE0B234}" = lport=6981 | protocol=17 | dir=in | name=league of legends launcher | "{DC8F8188-E3FF-47FD-A0FD-D05DDB24270E}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{E11CDB96-A35A-4ED7-B2A8-39AA08C63FAE}" = lport=6993 | protocol=17 | dir=in | name=league of legends launcher | "{E231FDAA-7300-4D30-8D29-5C43E9BEA56B}" = lport=6961 | protocol=6 | dir=in | name=league of legends launcher | "{E2D301F1-649A-4B45-B879-7A2AF7309AE5}" = lport=6923 | protocol=6 | dir=in | name=league of legends launcher | "{E2DF213D-D47F-4089-A8CA-BF8208EE03D8}" = rport=137 | protocol=17 | dir=out | app=system | "{E48E1D16-420A-4CD0-A020-F4D9EF763804}" = lport=6975 | protocol=6 | dir=in | name=league of legends launcher | "{E4C2200F-B830-4D48-B0FB-B7A2AF960CCA}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher | "{E61F8937-9FCB-4C42-A5BF-456C9BDFA6E6}" = lport=6921 | protocol=17 | dir=in | name=league of legends launcher | "{E77DC069-2EE8-4B02-923A-3953EE9A9FA8}" = lport=6967 | protocol=6 | dir=in | name=league of legends launcher | "{E980BE68-EF21-4A94-9E9F-C27F75333789}" = lport=6991 | protocol=6 | dir=in | name=league of legends launcher | "{E9FA3997-A301-4402-B1E4-FE29792F8C3F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{ED8B9B5D-A16A-4016-A3AB-EB2D54EABFA6}" = lport=6884 | protocol=17 | dir=in | name=league of legends launcher | "{EF23489D-87B4-4D36-AB56-47C849736CC8}" = lport=6963 | protocol=6 | dir=in | name=league of legends launcher | "{F1398547-AFBE-41F8-AA1F-6E82581D20C9}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby | "{F170C795-DF22-4775-8B62-B960397F75FD}" = lport=6975 | protocol=17 | dir=in | name=league of legends launcher | "{F5A56737-8F41-476B-9FF8-47A2F5B17DEF}" = lport=6987 | protocol=17 | dir=in | name=league of legends launcher | "{F8E8BC49-88E3-4AA5-9288-EE25B3F8C4DD}" = lport=6901 | protocol=17 | dir=in | name=league of legends launcher | "{FAE5F774-6D41-4585-9787-3D569802699B}" = lport=6919 | protocol=6 | dir=in | name=league of legends launcher | "{FC589C0F-D4FE-4EB0-8FB7-EF4801C51D81}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FF66BBC8-6D15-490D-9FD5-0FCF7992144E}" = lport=6900 | protocol=17 | dir=in | name=league of legends launcher | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{000CBF69-198F-43DF-A7A7-F4737DE8FC7A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "{00E21F34-8F0F-47BE-A6DC-5FB51252EC59}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{07333EB7-B85B-4884-9919-DC7BB1128BF5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{085247E5-346F-4E5A-AC0D-9B331BC04359}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | "{092C72A6-6108-441E-8963-2BB86FE2A9A1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{093828A4-5B1C-4865-9361-7D3F13A572BA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{0D750937-053F-4B97-B584-F0F1F1500F7C}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo ag\levelr\levelr.bin | "{0EB7DD18-CA56-404B-94A1-E462D8989B4A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{0FCF00AB-3CF4-4333-9ABF-041F96370D8D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | "{13ABB685-A593-45C5-996C-F9B050F14E8C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\bin\sdklauncher.exe | "{140BAE6A-1A7F-4B6F-8B7F-1A872617E825}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe | "{16CC8864-7561-4E07-AA28-B07EF0B1703B}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe | "{18E1B345-BC0C-403F-AFA4-89C7B1466C55}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\unins000.exe | "{1979644A-F39C-430C-8A1B-A97B06BFF055}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe | "{19B378A9-670C-4C81-9DEB-30C037EF464F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | "{1B34BBDA-0CB3-4D8A-ABDF-B084FFDCB755}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\blackprophecy.exe | "{1BB32477-D47F-44C7-947D-EB7565EE14FB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{1D3009C9-C361-47C7-B27D-EE05E4A53BD2}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\unins000.exe | "{212850CD-F5A7-41BA-97F8-52FB1A588FCC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{2228188C-F553-4378-8F0F-DC613390E708}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe | "{25027E02-6B3C-4081-8991-6F1EF0C457A7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{269634CA-5FCB-419C-A8E4-828B06019594}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{28D587DB-2506-443A-BBDC-B88155319406}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{2A8E1E28-B7E4-4C92-85C9-461CF8C0C143}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe | "{2F1FCD9F-48D8-4F43-B55C-2F1A6C2661E1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{31C6941D-D684-44A7-9F57-6AD0C809E75A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | "{35B531F2-BC99-422D-ADC5-B8FB03B24CC5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{375B15D0-41C1-408D-B4F9-758E77AA5D43}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{37E91763-B598-487F-B9F0-181B6FF36130}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{38118137-0148-4462-9186-5D3E1AA2B8CB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe | "{386BAEAB-726F-4C10-B055-53B2D6500A50}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\champions online\champions online.exe | "{39C501BF-56BC-4333-9CCA-5E3E6817D207}" = protocol=17 | dir=in | app=c:\sg interactive\project blackout\pblackout.exe | "{3DA3F967-B671-4BCA-B110-477C6A7B4157}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{3E432F52-38E0-4B72-ABF1-0115DB2F9699}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{3FFE9D4F-3392-47EF-A142-96247A59B6EF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{42E4B585-D9BA-4A8A-A9C8-68B8CBD0B9E7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{47838A69-2345-473F-A498-233C5BBCBC90}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{47D54E56-86F9-4EAD-A820-3D164CAAE98B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{4A19C264-DA4E-4E17-920A-E7F024155ACF}" = protocol=6 | dir=in | app=c:\users\dragotheowner\appdata\local\temp\7zipsfx.000\cf_downloader.exe | "{4A5F46D3-14B4-4E9C-9C0F-EFAB066BD0DA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe | "{4BC4AE4B-F4AF-4182-9D07-34F4B812A1FC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight\torchlight.exe | "{4E477D29-F8E4-4CB6-9646-0EEA058D8570}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "{50269FEE-E251-422E-990D-9C8C2D0BC070}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{50BA7E46-1CCB-4C46-A1ED-5530FF9FBC2F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{53AF14E9-0E56-4236-9BC3-2680197FC46E}" = protocol=17 | dir=in | app=c:\users\dragotheowner\appdata\local\temp\7zipsfx.000\cf_downloader.exe | "{56118E1B-1707-4C6B-9F1C-B9D87E3F01BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{578D02CF-8F67-4078-888D-049697284B65}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{5ABBEFCA-873E-42FC-9734-8D3D17449D86}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{5CE25829-9AD2-4BEC-8FBD-1A13866D67C9}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe | "{5F204958-DE04-429C-A194-17171A852697}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{5F42B82E-2457-4A59-B7D4-CA499118C9EB}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "{611AE355-AB00-4800-8237-BF15A732C6C0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{65C04AB1-77B0-4450-8871-DFE1D69FEB85}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{65E3CEF6-5D74-4D09-B3AA-BC6C462B16FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "{6B95A064-D37C-4D96-94A5-EF34B66EB296}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe | "{6D9D03E2-FE8B-4857-BE6A-F93D06D737DE}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "{6F40AEAD-3B11-43AF-90A6-E5D52A68D74E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{7001DD2D-885D-4B97-85BB-5860DE0D0534}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | "{72E9B77D-B45A-40DA-8592-08B90626FD10}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{7451D09C-2607-4B5E-8305-D0C99F74BA34}" = protocol=6 | dir=in | app=c:\sg interactive\project blackout\pblackout.exe | "{76DDFDD1-CE8C-4CB9-81B7-7EADD6A8BCF8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "{771D97A4-A3E1-4656-898B-B16D5C1941DD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{77D302BB-10F1-4D4F-9F39-B789CC8111C0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{7A99CBCD-D03B-4733-8A14-AFDDB4BCB37F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{7ADF3F88-05AA-4C74-8EE6-F60193D244BF}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo ag\levelr\levelr.bin | "{7AE932DF-4D5C-4B9E-A5A4-0DB78D5B0BA3}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe | "{7BBC028F-5BCC-4E3B-B631-97A0D651C201}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{7BC29F74-58A1-41C0-8A04-1106BB7F493B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{7D6ECC47-AA8E-4684-90B0-F0ACE44718FC}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{80E6E6AE-710D-41C9-A2D4-76EF1EB7114A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{81546F30-A726-4E86-B02C-FCD30ED60B01}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{86FC0222-078E-4E86-9661-397B971E1D3C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{887C4FC5-55C5-4C86-8F5D-54AB7AED549D}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe | "{8A2FA4F1-11E1-464A-AFD0-12CDEE8200FF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{8ACA0FD1-B660-45CD-BFE3-4F3245BFA62A}" = protocol=17 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe | "{8C094B4A-B988-4466-9438-69D8EBB3A92E}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe | "{8DC50D0C-026C-4F9D-9E07-5CE3B41214A8}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | "{8E2F68CA-7DF6-49D3-8F5E-54BA481DC226}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\launcher.exe | "{8E674E93-CA84-48FD-9CC2-6C55DE14A7D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{90835441-C0CC-4AFD-8084-D105591E4AA6}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe | "{90AFAA01-FB74-41F9-AC1F-71FCE8D5A878}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\patcher.exe | "{90E68EDA-D43C-4080-834C-2FB0E0E01CD3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{9117B0E4-449E-45F5-BCAB-BC15D7E668F3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{926A469E-A2BE-4768-A171-9C649F52E8FB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{93D7426C-8074-4AB4-919B-119526643A1E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{9447F102-3EA8-49BA-8CA3-40D547D03A86}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{9569C423-C427-4BDE-8D28-17AC5CF841B6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{97007113-34E7-4E9A-A379-7757A0612FAA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe | "{9991DDB1-ADA1-4750-879E-901F04A158E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe | "{99B2038C-D48B-4A9E-A738-3B3791D795A4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{A0948FAE-DD04-4CE0-9736-2EFB29A2D092}" = dir=in | app=c:\users\dragotheowner\appdata\local\microsoft\skydrive\skydrive.exe | "{A4EC7DF9-625F-4E33-A957-31A2ABD257D9}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "{A57F993F-399E-4CFD-822E-9E3D94F7512B}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "{A6E5506A-0AB1-4976-9752-86DEC663102E}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe | "{A8A73E39-BC40-4CD0-A904-43268260F84A}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe | "{A8A9FFD7-A6CC-4CB8-B76A-53BB6F4F26C0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{A8C15AE0-C326-4BDF-B303-53E598F06F91}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{A93BCD96-45EF-485F-A7C0-8C059BC270A8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{AB7766F1-A342-4A1D-87B7-3347F98E6EF3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{AC100769-9639-4F7C-B2F2-ED4215ED0E13}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{AD9DB33A-EF66-427D-8963-FB3805EEAD1A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\champions online\champions online.exe | "{AE51108E-229D-43CC-8D4B-1471F789ABA8}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\launcher.exe | "{AEE28279-0455-493D-98C7-EE1F6460364A}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{AFC378ED-1588-4CFA-BEC0-6EFA7BAC10C7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{B01C77B2-BB28-4891-90A3-842F37080FB6}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{B0952B52-2808-44E5-A50D-194CD517B3E0}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe | "{B31702A3-0D0A-47EA-99D8-D681717BC9F5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{B31AAC5A-4A9D-4C35-8C9E-92AD6359364C}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\blackprophecy.exe | "{B44871FC-FBD6-4CAA-959F-01C20762968E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{B4B901B3-C0DD-43F0-B3D2-6B9D82EED711}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe | "{B4D65D28-9D1A-44E5-832E-F7D0D88C5A33}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{B5AD7A36-FEC1-4605-8732-40B1EBB89F89}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{B6FC5A9C-6A13-4BCA-A1ED-7F8FC20607AE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{B74DA5F7-2A1C-4EF5-BA62-E1EA063DBDCF}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B8E47AC9-788F-4F03-99B5-6F3C6AA6F5F7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{B9F157C8-A855-43ED-895F-D5C7E40306A1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{BCFCEE52-DA16-4D02-A68D-8AB37164B346}" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe | "{BF95C140-9C7C-4DA5-83C8-4B5C55FF5497}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe | "{C093242E-69BB-471E-A1DA-8E1CB003E599}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{C70C616A-32B0-4411-AB22-B12950EE9A9B}" = protocol=6 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe | "{C7C6E21D-DD5A-4453-BBD8-F874633028F2}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe | "{C99643F2-931E-4157-ADFF-26DDA4B068A5}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{CC408758-ABED-4992-B563-CDCB6F87E6C8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{CEDA62C3-7102-48C6-873E-1ABCF4F05E2B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{D3D3711C-F111-44F0-ABD8-FA63BB3660C9}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | "{D44F520A-E566-4B9F-A2C1-9D00EF131F1B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{D7C69C4D-CD13-48BB-A9C5-43D09E9EF31C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe | "{D82587CC-75C6-4AF0-B127-924E7496C1FC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{DD5AE7F5-4F4F-4C90-A5D6-27C759D16F1C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{DE7168DF-E3E7-4C55-9E59-A8975582E319}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{DEE4B43F-74AF-4947-8E98-C7ACFC2EBA56}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{DFA8B9FA-6B9D-42DD-A196-854A7BE725C7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{E3C36F52-3247-4763-A478-8B44BB5622E1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight\torchlight.exe | "{E69D6554-9089-42F2-B069-B4FE04C622F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{E75D29AB-B590-4EBB-BD98-70B67DAB2FB3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{E7B9D362-BC44-428C-A55A-3745066844C1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{E7DD46D0-E2EC-4F32-AA61-4B4572162F68}" = protocol=6 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe | "{E81E2328-791D-4C29-84CE-8252ACB4CA29}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{EAE60D8F-C3DA-42BB-9B76-295272D97152}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{EC36AE3A-A9EC-456C-B868-913761E5221C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{EDEC32A1-516E-48F5-8B8D-64517132A43A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\bin\sdklauncher.exe | "{EED52A35-1A47-4957-B8A5-49D175151C9E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{EF9A9F26-D145-4A85-9A44-6D3D981EA64E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{F028D3C8-09D7-46E4-BBB6-3473E0E043BB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{F3E8D68C-F24A-44B2-907E-948A22ABC6C9}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe | "{F45FB0DC-7F87-4D5F-86A4-21B1ABED54CF}" = protocol=17 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe | "{F562A49E-B5F1-4CF3-9081-5C6F5DABB7AE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe | "{F7AD0A82-2CCE-454D-89E8-6063280AE5BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{F8EB05F5-B17A-4E74-8E8F-AE91EE259116}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{F9EED0B2-1236-4D9F-9826-12D6DDDAF6BB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe | "{FA88F5AD-B633-4181-B5EB-F13DDA7AAE8D}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\patcher.exe | "{FB741097-F530-4F4C-8C98-A1C566DF494E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{FE4F050B-2762-486A-9F73-7F9369F6B46C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "TCP Query User{012E340D-D271-40AD-B4C4-78902A2346BE}C:\program files (x86)\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2.bin | "TCP Query User{0F3D28FA-76DA-48B4-B6AD-75052532B24F}C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "TCP Query User{17762F96-17CD-45D8-990A-153B298EEE1E}C:\program files (x86)\mijagi-mt2\mijagi-mt2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mijagi-mt2\mijagi-mt2.exe | "TCP Query User{277ADAAD-1208-49E6-B009-4C1B77C18EC6}C:\program files (x86)\mijagi-mt2\mijagi-mt2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mijagi-mt2\mijagi-mt2.exe | "TCP Query User{31B3BAED-C195-414F-A823-CD95424A2A61}C:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe" = protocol=6 | dir=in | app=c:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe | "TCP Query User{3CD1EA82-809E-4D8D-B8DF-AB6883D181EB}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=6 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin | "TCP Query User{3F5909A6-8D44-40CB-A7E1-7DE3F36139F5}C:\program files (x86)\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | "TCP Query User{40D1789D-E91A-4C0A-B9B2-6EFBD58B4F35}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "TCP Query User{438152DE-175D-4A8F-9156-A747C4718D0B}C:\program files (x86)\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2.bin | "TCP Query User{64DEC689-83CA-400C-AF71-38AB43A5F2A5}C:\users\dragotheowner\desktop\alle ordner und spiele\legendmt2\xmetin2.exe" = protocol=6 | dir=in | app=c:\users\dragotheowner\desktop\alle ordner und spiele\legendmt2\xmetin2.exe | "TCP Query User{67FCF5FB-38C1-4200-8E13-D207752F1741}C:\program files (x86)\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | "TCP Query User{6ADECFC1-5F57-4F7E-B927-39A9FC6E5289}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "TCP Query User{968BD33B-73DC-46CD-B5D2-79E26AD46573}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "TCP Query User{B9C6F79D-95A1-433C-92F4-BC4B7DB9C8DD}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "TCP Query User{E8296704-B78A-4E2F-8D14-E452E720DE77}C:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe" = protocol=6 | dir=in | app=c:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe | "UDP Query User{0F40CA87-0B39-4D09-8A96-3ABD4539CDD1}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=17 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin | "UDP Query User{145D4C43-DE47-4490-A7DE-2DF76C857DC7}C:\program files (x86)\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | "UDP Query User{164956AA-3A93-494C-BBF5-0543C9E55BCA}C:\program files (x86)\mijagi-mt2\mijagi-mt2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mijagi-mt2\mijagi-mt2.exe | "UDP Query User{1F5F4A7D-E9AF-43EA-819A-CCF4FBCA43BA}C:\program files (x86)\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2.bin | "UDP Query User{27827D02-F1C6-489F-9578-FC9809FC63D8}C:\users\dragotheowner\desktop\alle ordner und spiele\legendmt2\xmetin2.exe" = protocol=17 | dir=in | app=c:\users\dragotheowner\desktop\alle ordner und spiele\legendmt2\xmetin2.exe | "UDP Query User{36D2424D-7F63-40F2-921C-F87FEEBBEFBC}C:\program files (x86)\mijagi-mt2\mijagi-mt2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mijagi-mt2\mijagi-mt2.exe | "UDP Query User{5703781B-A11C-47CB-B518-A07AEB80574B}C:\program files (x86)\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2.bin | "UDP Query User{786D6472-C291-476F-A64C-791F9FA7F44C}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "UDP Query User{98F20467-8879-4784-A6B2-2DCA527AAF49}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "UDP Query User{A6BD85F2-400A-4957-9773-6F5D47A32783}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "UDP Query User{BA607340-4325-459D-AECC-FF5863909A27}C:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe" = protocol=17 | dir=in | app=c:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe | "UDP Query User{BE285D4B-CB2E-4CAD-A559-7B864AB28C58}C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "UDP Query User{C9816D7F-031C-44EF-A22B-E503BFDA70E5}C:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe" = protocol=17 | dir=in | app=c:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe | "UDP Query User{D96632EE-D07F-4BB2-99A8-215C69EC05D0}C:\program files (x86)\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{053B3DA8-91B5-4682-A130-715412A1A253}" = Paint.NET v3.5.4 "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes "{4BA33BE3-20CF-4972-BD67-B44CEFA52DCB}" = Windows Live MIME IFilter "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 304.79 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 304.79 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 304.79 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 304.79 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{C8B10C8E-46F0-4C9A-A688-78B8A2F720BD}" = Windows Live Family Safety "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{D01E478E-05BE-46BC-AF96-DD40EABA1F6A}" = System Requirements Lab CYRI (64-bit) "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64 "EPSON SX130 Series" = EPSON SX130 Series Printer Uninstall "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform "{10D9B15C-0F89-41EF-838C-B97802AB54E9}" = Lagsters "{10EAC7D9-7ED4-425E-8054-643452147D13}" = MyScript Notes Basic Edition "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 29 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7 "{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform "{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater "{2FAFE37E-D796-47B8-BA8F-D09819B12DF6}" = Windows Live Essentials "{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX "{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012 "{3513E6E0-A5B5-4ED9-A28A-D9D962DBABB4}" = Scramby "{44E89CCA-BB20-4EA6-80EB-4126E886F83D}" = Windows Live Mail "{46BE6D86-7BEF-4DAB-B3E6-7B932D3872F3}_is1" = Dragonica Version TEST "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4 "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE "{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions "{511A5609-446A-11D5-9FA6-0060087051D5}" = T-DSL Treiber "{556F2137-B772-43BB-9A45-E0275234DD16}" = Free Notes & Office Ink "{5672382F-8A9B-4890-B79A-414997360F2D}" = IObit Toolbar v6.3 "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{618F39BD-9720-47CF-A89C-108AB41B1493}" = Windows Live UX Platform Language Pack "{62813F65-4D78-43AF-A53C-DFAFA122E065}" = Windows Live Messenger "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support "{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{7F682A00-6497-4551-A2A6-063AE667D1CF}" = Movie Maker "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84BEAA30-1AF1-450B-9DD7-AD38B84004BA}" = Windows Live Messenger "{884DF67C-F47D-4B09-B474-C3B7D51CA52A}" = Windows Live Family Safety "{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}" = Epson Event Manager "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2 "{A5D8B1C2-4B2E-42F1-ADB4-D0308A4F5C6F}" = Windows Live Writer "{A929A7EA-4DFB-48F9-AAF6-C880DF64FB73}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch "{B19E03EA-067C-412F-A81E-271720E601AB}" = Fotogalerie "{B240DC53-E923-48ED-AA5D-5830D2773A97}" = S4 League_EU "{B27FA0A3-D80F-41A9-8BAD-C5F2D859AB22}" = Photo Common "{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B89EE842-D398-4EAC-A3DF-47280B285DD9}" = Windows Live Mail "{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform "{C3592426-531E-4110-911D-BFECE2CE284C}" = osu! "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver "{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE) "{D07643A3-CE41-4286-8C78-EB9C83E76DDB}" = PunkBuster für Battlefield Vietnam "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D555C389-F793-443A-B012-A3D70590CF3D}" = Windows Live Writer Resources "{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0DA672E-15DB-4413-BE2D-887DD1513607}" = Windows Live Writer "{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}" = Belkin 54Mbps Wireless Network Adapter "{FECB76C1-1C1D-4A84-8D47-5754C74B5A5E}" = Junk Mail filter update "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Advanced SystemCare 5_is1" = Advanced SystemCare 5 "Akamai" = Akamai NetSession Interface Service "Avira AntiVir Desktop" = Avira Free Antivirus "CCleaner" = CCleaner "DivX Setup.divx.com" = DivX-Setup "EPSON Scanner" = EPSON Scan "EPSON SX130 Series Useg" = Benutzerhandbuch EPSON SX130 Series "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2 "Free Download Manager_is1" = Free Download Manager 3.0 "Free Studio_is1" = Free Studio version "Free YouTube Download_is1" = Free YouTube Download 2.8 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2 "Game Booster_is1" = Game Booster 3 "InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version "Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Notepad++" = Notepad++ "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OnlineControl_is1" = OnlineControl 1.2 "SpeedFan" = SpeedFan (remove only) "Steam App 10180" = Call of Duty: Modern Warfare 2 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "Steam App 1250" = Killing Floor "Steam App 200710" = Torchlight II "Steam App 240" = Counter-Strike: Source "Steam App 41500" = Torchlight "Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer "Steam App 550" = Left 4 Dead 2 "Steam App 570" = Dota 2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeamViewer 7" = TeamViewer 7 "TuneUp Utilities 2012" = TuneUp Utilities 2012 "Uninstall_is1" = Uninstall "WinGimp-2.0_is1" = GIMP 2.6.11 "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "Google Chrome" = Google Chrome "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player "SkyDriveSetup.exe" = Microsoft SkyDrive ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 28.07.2011 23:17:44 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe". Die abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 29.07.2011 06:53:33 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe". Die abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 29.07.2011 08:49:20 | Computer Name = xAnTiViiRuSx | Source = BugSplat | ID = 1 Description = Error - 29.07.2011 20:51:59 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe". Die abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 29.07.2011 21:36:10 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe". Die abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 29.07.2011 21:36:10 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe". Die abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 29.07.2011 21:38:10 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe". Die abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 30.07.2011 10:11:38 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe". Die abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 30.07.2011 19:00:00 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe". Die abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 31.07.2011 06:10:29 | Computer Name = xAnTiViiRuSx | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . [ Media Center Events ] Error - 10.11.2010 12:38:40 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0 Description = 17:38:38 - Fehler beim Herstellen der Internetverbindung. 17:38:38 - Serververbindung konnte nicht hergestellt werden.. Error - 10.11.2010 13:39:08 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0 Description = 18:39:08 - Fehler beim Herstellen der Internetverbindung. 18:39:08 - Serververbindung konnte nicht hergestellt werden.. Error - 10.11.2010 13:39:38 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0 Description = 18:39:37 - Fehler beim Herstellen der Internetverbindung. 18:39:37 - Serververbindung konnte nicht hergestellt werden.. Error - 10.11.2010 14:40:08 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0 Description = 19:40:08 - Fehler beim Herstellen der Internetverbindung. 19:40:08 - Serververbindung konnte nicht hergestellt werden.. Error - 10.11.2010 14:40:38 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0 Description = 19:40:37 - Fehler beim Herstellen der Internetverbindung. 19:40:37 - Serververbindung konnte nicht hergestellt werden.. Error - 12.11.2010 04:38:55 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0 Description = 09:38:54 - Fehler beim Herstellen der Internetverbindung. 09:38:55 - Serververbindung konnte nicht hergestellt werden.. Error - 12.11.2010 04:39:28 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0 Description = 09:39:24 - Fehler beim Herstellen der Internetverbindung. 09:39:24 - Serververbindung konnte nicht hergestellt werden.. Error - 19.11.2010 14:18:02 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0 Description = 19:18:01 - Fehler beim Herstellen der Internetverbindung. 19:18:02 - Serververbindung konnte nicht hergestellt werden.. Error - 19.11.2010 14:18:36 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0 Description = 19:18:31 - Fehler beim Herstellen der Internetverbindung. 19:18:31 - Serververbindung konnte nicht hergestellt werden.. Error - 19.11.2010 15:19:04 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0 Description = 20:19:04 - Fehler beim Herstellen der Internetverbindung. 20:19:04 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 13.10.2012 11:46:07 | Computer Name = Noel | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Update-Service-Installer-Service" wurde mit folgendem Fehler beendet: %%2 Error - 13.10.2012 11:46:13 | Computer Name = Noel | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error - 13.10.2012 11:46:14 | Computer Name = Noel | Source = Service Control Manager | ID = 7000 Description = Der Dienst "SBSD Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 13.10.2012 11:46:31 | Computer Name = Noel | Source = Service Control Manager | ID = 7023 Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%2 Error - 13.10.2012 11:46:34 | Computer Name = Noel | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error - 13.10.2012 11:46:34 | Computer Name = Noel | Source = Service Control Manager | ID = 7023 Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%2 Error - 13.10.2012 11:49:24 | Computer Name = Noel | Source = Service Control Manager | ID = 7038 Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error - 13.10.2012 11:49:24 | Computer Name = Noel | Source = Service Control Manager | ID = 7000 Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error - 13.10.2012 12:14:21 | Computer Name = Noel | Source = Disk | ID = 262151 Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0. Error - 13.10.2012 12:14:24 | Computer Name = Noel | Source = Disk | ID = 262151 Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0. < End of report > |
![]() | #20 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Keine Rückmeldung und Freeze Nein ![]() Das ist ein neues OTL-Log aber nicht das Fixlog ![]()
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #21 |
![]() ![]() | ![]() Keine Rückmeldung und Freeze Ich finde das Log nicht mehr x.x Wie kann man das wieder finden? ![]() |
![]() | #22 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Keine Rückmeldung und Freeze Schau bitte in C:\_OTL nach
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #23 |
![]() ![]() | ![]() Keine Rückmeldung und Freeze Okay das ist es bestimmt auch nicht oder? Teil 1 : Code:
ATTFilter Error: Unable to interpret <OTL logfile created on: 13.10.2012 18:12:32 - Run 1> in the current context! Error: Unable to interpret <OTL by OldTimer - Version Folder = C:\Users\MaxMustermann\Desktop> in the current context! Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context! Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context! Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <3,75 Gb Total Physical Memory | 2,63 Gb Available Physical Memory | 70,14% Memory free> in the current context! Error: Unable to interpret <7,50 Gb Paging File | 6,14 Gb Available in Paging File | 81,89% Paging File free> in the current context! Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context! Error: Unable to interpret <Drive C: | 465,66 Gb Total Space | 317,86 Gb Free Space | 68,26% Space Free | Partition Type: NTFS> in the current context! Error: Unable to interpret <Unable to calculate disk information.> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <Computer Name: MaxMustermann | User Name: MaxMustermann | Logged in as Administrator.> in the current context! Error: Unable to interpret <Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans> in the current context! Error: Unable to interpret <Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <PRC - [2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MaxMustermann\Desktop\OTL.exe> in the current context! Error: Unable to interpret <PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe> in the current context! Error: Unable to interpret <PRC - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe> in the current context! Error: Unable to interpret <PRC - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe> in the current context! Error: Unable to interpret <PRC - [2012.07.18 18:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe> in the current context! Error: Unable to interpret <PRC - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe> in the current context! Error: Unable to interpret <PRC - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe> in the current context! Error: Unable to interpret <PRC - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe> in the current context! Error: Unable to interpret <PRC - [2005.07.22 09:22:22 | 000,126,976 | ---- | M] (T-Com Bereich Endgeräte) -- C:\Program Files (x86)\OnlineControl\ocontrol.exe> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Services (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <SRV:64bit: - [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)> in the current context! Error: Unable to interpret <SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Update-Service-Installer-Service)> in the current context! Error: Unable to interpret <SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Dnscache)> in the current context! Error: Unable to interpret <SRV - [2012.10.09 03:51:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)> in the current context! Error: Unable to interpret <SRV - [2012.10.05 01:28:45 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)> in the current context! Error: Unable to interpret <SRV - [2012.08.30 21:36:30 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)> in the current context! Error: Unable to interpret <SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)> in the current context! Error: Unable to interpret <SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)> in the current context! Error: Unable to interpret <SRV - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)> in the current context! Error: Unable to interpret <SRV - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)> in the current context! Error: Unable to interpret <SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)> in the current context! Error: Unable to interpret <SRV - [2012.07.14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)> in the current context! Error: Unable to interpret <SRV - [2012.06.29 05:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)> in the current context! Error: Unable to interpret <SRV - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)> in the current context! Error: Unable to interpret <SRV - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)> in the current context! Error: Unable to interpret <SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)> in the current context! Error: Unable to interpret <SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)> in the current context! Error: Unable to interpret <SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)> in the current context! Error: Unable to interpret <SRV - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)> in the current context! Error: Unable to interpret <SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)> in the current context! Error: Unable to interpret <SRV - [2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)> in the current context! Error: Unable to interpret <SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)> in the current context! Error: Unable to interpret <SRV - [2009.11.12 19:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)> in the current context! Error: Unable to interpret <SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)> in the current context! Error: Unable to interpret <SRV - [2008.02.15 13:08:56 | 000,675,840 | ---- | M] (RapidSolution Software AG) [Disabled | Stopped] -- C:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe -- (ScrambyServer)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)> in the current context! Error: Unable to interpret <DRV:64bit: - [2012.07.28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)> in the current context! Error: Unable to interpret <DRV:64bit: - [2012.07.18 18:04:42 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)> in the current context! Error: Unable to interpret <DRV:64bit: - [2012.07.18 18:04:42 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)> in the current context! Error: Unable to interpret <DRV:64bit: - [2012.07.18 18:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)> in the current context! Error: Unable to interpret <DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)> in the current context! Error: Unable to interpret <DRV:64bit: - [2012.05.21 15:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)> in the current context! Error: Unable to interpret <DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)> in the current context! Error: Unable to interpret <DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)> in the current context! Error: Unable to interpret <DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)> in the current context! Error: Unable to interpret <DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)> in the current context! Error: Unable to interpret <DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)> in the current context! Error: Unable to interpret <DRV:64bit: - [2010.11.20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)> in the current context! Error: Unable to interpret <DRV:64bit: - [2010.09.26 20:32:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)> in the current context! Error: Unable to interpret <DRV:64bit: - [2010.08.12 13:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)> in the current context! Error: Unable to interpret <DRV:64bit: - [2010.07.01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)> in the current context! Error: Unable to interpret <DRV:64bit: - [2010.02.14 17:06:19 | 000,575,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)> in the current context! Error: Unable to interpret <DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)> in the current context! Error: Unable to interpret <DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)> in the current context! Error: Unable to interpret <DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)> in the current context! Error: Unable to interpret <DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)> in the current context! Error: Unable to interpret <DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)> in the current context! Error: Unable to interpret <DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)> in the current context! Error: Unable to interpret <DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)> in the current context! Error: Unable to interpret <DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)> in the current context! Error: Unable to interpret <DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)> in the current context! Error: Unable to interpret <DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)> in the current context! Error: Unable to interpret <DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)> in the current context! Error: Unable to interpret <DRV:64bit: - [2008.11.11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)> in the current context! Error: Unable to interpret <DRV:64bit: - [2008.11.11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)> in the current context! Error: Unable to interpret <DRV:64bit: - [2008.11.11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)> in the current context! Error: Unable to interpret <DRV:64bit: - [2007.08.08 08:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scramby_out.sys -- (scramby_out)> in the current context! Error: Unable to interpret <DRV:64bit: - [2006.12.05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)> in the current context! Error: Unable to interpret <DRV - [2011.12.12 19:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)> in the current context! Error: Unable to interpret <DRV - [2010.11.01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)> in the current context! Error: Unable to interpret <DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)> in the current context! Error: Unable to interpret <DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Internet Explorer ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes,DefaultScope = > in the current context! Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank> in the current context! Error: Unable to interpret <IE - HKLM\..\URLSearchHook: - No CLSID value found> in the current context! Error: Unable to interpret <IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found> in the current context! Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = > in the current context! Error: Unable to interpret <IE - HKLM\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp> in the current context! Error: Unable to interpret <IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE> in the current context! Error: Unable to interpret <IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01 [binary data]> in the current context! Error: Unable to interpret <IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found> in the current context! Error: Unable to interpret <IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found> in the current context! Error: Unable to interpret <IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = > in the current context! Error: Unable to interpret <IE - HKU\.DEFAULT\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}> in the current context! Error: Unable to interpret <IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01 [binary data]> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = > in the current context! Error: Unable to interpret <IE - HKU\S-1-5-18\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = > in the current context! Error: Unable to interpret <IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes,DefaultScope = > in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{5E4D3DCE-F4DD-433C-A690-3EF511A532F2}: "URL" = hxxp://www.google.de/search?q={searchTerms}> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{9ECAE799-1810-47F9-AA0D-74B6C39860CF}: "URL" = hxxp://www.ricardo.ch/search/search.asp?txtSearch={searchTerms}&Catg=1&InTitleAndDesc=1> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{EE232B47-5DB3-4AA9-87BD-51DD6FA63286}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== FireFox ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "Yahoo"> in the current context! Error: Unable to interpret <FF - prefs.js..browser.search.selectedEngine: "Yahoo"> in the current context! Error: Unable to interpret <FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p="> in the current context! Error: Unable to interpret <FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=685749"> in the current context! Error: Unable to interpret <FF - user.js - File not found> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)> in the current context! Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DragoTheOwner\AppData\Local\Google\Update\\npGoogleUpdate3.dll (Google Inc.)> in the current context! Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DragoTheOwner\AppData\Local\Google\Update\\npGoogleUpdate3.dll (Google Inc.)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 04:57:40 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.01 12:37:43 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\DragoTheOwner\AppData\Roaming\IDM\idmmzcc3> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2012.07.22 04:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Extensions> in the current context! Error: Unable to interpret <[2012.10.12 18:11:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions> in the current context! Error: Unable to interpret <[2012.09.17 19:22:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}> in the current context! Error: Unable to interpret <[2012.09.18 17:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions> in the current context! Error: Unable to interpret <[2011.07.17 20:51:18 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}> in the current context! Error: Unable to interpret <[2011.05.09 17:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\ffxtlbr@babylon.com> in the current context! Error: Unable to interpret <[2012.08.07 18:04:54 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi> in the current context! Error: Unable to interpret <[2012.10.12 18:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions> in the current context! Error: Unable to interpret <[2012.08.24 22:46:49 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}> in the current context! Error: Unable to interpret <[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll> in the current context! Error: Unable to interpret <[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context! Error: Unable to interpret <[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml> in the current context! Error: Unable to interpret <[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml> in the current context! Error: Unable to interpret <[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context! Error: Unable to interpret <[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context! Error: Unable to interpret <[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Chrome ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <CHR - default_search_provider: Conduit (Enabled)> in the current context! Error: Unable to interpret <CHR - default_search_provider: search_url = hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050> in the current context! Error: Unable to interpret <CHR - default_search_provider: suggest_url = > in the current context! Error: Unable to interpret <CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll> in the current context! Error: Unable to interpret <CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll> in the current context! Error: Unable to interpret <CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer> in the current context! Error: Unable to interpret <CHR - plugin: Native Client (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll> in the current context! Error: Unable to interpret <CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll> in the current context! Error: Unable to interpret <CHR - plugin: Free Studio (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\\np_dvs_plugin.dll> in the current context! Error: Unable to interpret <CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\\plugins/ConduitChromeApiPlugin.dll> in the current context! Error: Unable to interpret <CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\\plugins/np-cwmp.dll> in the current context! Error: Unable to interpret <CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll> in the current context! Error: Unable to interpret <CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll> in the current context! Error: Unable to interpret <CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll> in the current context! Error: Unable to interpret <CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll> in the current context! Error: Unable to interpret <CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll> in the current context! Error: Unable to interpret <CHR - plugin: Java Deployment Toolkit (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll> in the current context! Error: Unable to interpret <CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll> in the current context! Error: Unable to interpret <CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll> in the current context! Error: Unable to interpret <CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll> in the current context! Error: Unable to interpret <CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll> in the current context! Error: Unable to interpret <CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll> in the current context! Error: Unable to interpret <CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <O1 HOSTS File: ([2012.08.07 19:07:25 | 000,444,231 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context! Error: Unable to interpret <O1 - Hosts: hxxp://legendmt2.eu/ l2testauthd.lineage2.com> in the current context! Error: Unable to interpret <O1 - Hosts: hxxp://legendmt2.eu/ l2authd.lineage2.com> in the current context! Error: Unable to interpret <O1 - Hosts: www.007guard.com> in the current context! Error: Unable to interpret <O1 - Hosts: 007guard.com> in the current context! Error: Unable to interpret <O1 - Hosts: 008i.com> in the current context! Error: Unable to interpret <O1 - Hosts: www.008k.com> in the current context! Error: Unable to interpret <O1 - Hosts: 008k.com> in the current context! Error: Unable to interpret <O1 - Hosts: www.00hq.com> in the current context! Error: Unable to interpret <O1 - Hosts: 00hq.com> in the current context! Error: Unable to interpret <O1 - Hosts: 010402.com> in the current context! Error: Unable to interpret <O1 - Hosts: www.032439.com> in the current context! Error: Unable to interpret <O1 - Hosts: 032439.com> in the current context! Error: Unable to interpret <O1 - Hosts: www.0scan.com> in the current context! Error: Unable to interpret <O1 - Hosts: 0scan.com> in the current context! Error: Unable to interpret <O1 - Hosts: www.1000gratisproben.com> in the current context! Error: Unable to interpret <O1 - Hosts: 1000gratisproben.com> in the current context! Error: Unable to interpret <O1 - Hosts: 1001namen.com> in the current context! Error: Unable to interpret <O1 - Hosts: www.1001namen.com> in the current context! Error: Unable to interpret <O1 - Hosts: 100888290cs.com> in the current context! Error: Unable to interpret <O1 - Hosts: www.100888290cs.com> in the current context! Error: Unable to interpret <O1 - Hosts: www.100sexlinks.com> in the current context! Error: Unable to interpret <O1 - Hosts: 100sexlinks.com> in the current context! Error: Unable to interpret <O1 - Hosts: www.10sek.com> in the current context! Error: Unable to interpret <O1 - Hosts: 10sek.com> in the current context! Error: Unable to interpret <O1 - Hosts: www.1-2005-search.com> in the current context! Error: Unable to interpret <O1 - Hosts: 15246 more lines...> in the current context! Error: Unable to interpret <O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)> in the current context! Error: Unable to interpret <O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)> in the current context! Error: Unable to interpret <O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)> in the current context! Error: Unable to interpret <O2 - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found.> in the current context! Error: Unable to interpret <O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)> in the current context! Error: Unable to interpret <O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)> in the current context! Error: Unable to interpret <O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.> in the current context! Error: Unable to interpret <O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()> in the current context! Error: Unable to interpret <O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)> in the current context! Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)> in the current context! Error: Unable to interpret <O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)> in the current context! Error: Unable to interpret <O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.> in the current context! Error: Unable to interpret <O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.> in the current context! Error: Unable to interpret <O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.> in the current context! Error: Unable to interpret <O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [] File not found> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)> in the current context! Error: Unable to interpret <O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)> in the current context! Error: Unable to interpret <O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context! Error: Unable to interpret <O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context! Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1> in the current context! Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1> in the current context! Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0> in the current context! Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3> in the current context! Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0> in the current context! Error: Unable to interpret <O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145> in the current context! Error: Unable to interpret <O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145> in the current context! Error: Unable to interpret <O7 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145> in the current context! Error: Unable to interpret <O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()> in the current context! Error: Unable to interpret <O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()> in the current context! Error: Unable to interpret <O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()> in the current context! Error: Unable to interpret <O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()> in the current context! Error: Unable to interpret <O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context! Error: Unable to interpret <O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()> in the current context! Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)> in the current context! Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context! Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)> in the current context! Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)> in the current context! Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\system32\d3dywzbtg.dll File not found> in the current context! Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context! Error: Unable to interpret <O1364bit: - gopher Prefix: missing> in the current context! Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context! Error: Unable to interpret <O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri64_4.4.26.0.cab (SysInfo Class)> in the current context! Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.7.2)> in the current context! Error: Unable to interpret <O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)> in the current context! Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer => in the current context! Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47dda526-fe72-4f24-ae70-b0681e2df27d}: DhcpNameServer => in the current context! Error: Unable to interpret <O18:64bit: - Protocol\Handler\livecall - No CLSID value found> in the current context! Error: Unable to interpret <O18:64bit: - Protocol\Handler\msnim - No CLSID value found> in the current context! Error: Unable to interpret <O18:64bit: - Protocol\Handler\skype4com - No CLSID value found> in the current context! Error: Unable to interpret <O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found> in the current context! Error: Unable to interpret <O18:64bit: - Protocol\Handler\wlpg - No CLSID value found> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)> in the current context! Error: Unable to interpret <O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context! Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context! Error: Unable to interpret <O27:64bit: - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)> in the current context! Error: Unable to interpret <O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software)> in the current context! Error: Unable to interpret <O27:64bit: - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)> in the current context! Error: Unable to interpret <O27 - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)> in the current context! Error: Unable to interpret <O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software)> in the current context! Error: Unable to interpret <O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)> in the current context! Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context! Error: Unable to interpret <O33 - MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Seite1.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\E\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Startme.exe> in the current context! Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context! Error: Unable to interpret <O35:64bit: - HKLM\..comfile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O35:64bit: - HKLM\..exefile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*> in the current context! Error: Unable to interpret <O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context! Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context! Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context! Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)> in the current context! Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)> in the current context! Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk - - File not found> in the current context! Error: Unable to interpret <MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk - - File not found> in the current context! Error: Unable to interpret <MsConfig:64bit - StartUpReg: BabylonToolbar - hkey= - key= - File not found> in the current context! Error: Unable to interpret <MsConfig:64bit - StartUpReg: Free Download Manager - hkey= - key= - C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)> in the current context! Error: Unable to interpret <MsConfig:64bit - StartUpReg: HBLiteSA - hkey= - key= - File not found> in the current context! Error: Unable to interpret <MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= - File not found> in the current context! Error: Unable to interpret <MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <MsConfig:64bit - StartUpReg: Windows Game Service - hkey= - key= - File not found> in the current context! Error: Unable to interpret <MsConfig:64bit - State: "bootini" - Reg Error: Key error.> in the current context! Error: Unable to interpret <MsConfig:64bit - State: "startup" - Reg Error: Key error.> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <SafeBootMin:64bit: AppMgmt - Service> in the current context! Error: Unable to interpret <SafeBootMin:64bit: Base - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin:64bit: Boot Bus Extender - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin:64bit: Boot file system - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin:64bit: File system - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin:64bit: Filter - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin:64bit: HelpSvc - Service> in the current context! Error: Unable to interpret <SafeBootMin:64bit: PCI Configuration - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin:64bit: PNP Filter - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin:64bit: Primary disk - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin:64bit: sacsvr - Service> in the current context! Error: Unable to interpret <SafeBootMin:64bit: SCSI Class - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin:64bit: System Bus Extender - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin:64bit: vmms - Service> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices> in the current context! Error: Unable to interpret <SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices> in the current context! Error: Unable to interpret <SafeBootMin: AppMgmt - Service> in the current context! Error: Unable to interpret <SafeBootMin: Base - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin: Boot Bus Extender - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin: Boot file system - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin: File system - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin: Filter - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin: HelpSvc - Service> in the current context! Error: Unable to interpret <SafeBootMin: PCI Configuration - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin: PNP Filter - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin: Primary disk - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin: sacsvr - Service> in the current context! Error: Unable to interpret <SafeBootMin: SCSI Class - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin: System Bus Extender - Driver Group> in the current context! Error: Unable to interpret <SafeBootMin: vmms - Service> in the current context! Error: Unable to interpret <SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers> in the current context! Error: Unable to interpret <SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive> in the current context! Error: Unable to interpret <SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive> in the current context! Error: Unable to interpret <SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller> in the current context! Error: Unable to interpret <SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc> in the current context! Error: Unable to interpret <SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard> in the current context! Error: Unable to interpret <SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse> in the current context! Error: Unable to interpret <SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters> in the current context! Error: Unable to interpret <SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter> in the current context! Error: Unable to interpret <SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System> in the current context! Error: Unable to interpret <SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive> in the current context! Error: Unable to interpret <SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy> in the current context! Error: Unable to interpret <SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers> in the current context! Error: Unable to interpret <SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume> in the current context! Error: Unable to interpret <SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices> in the current context! Error: Unable to interpret <SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices> in the current context! Error: Unable to interpret <SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <SafeBootNet:64bit: AppMgmt - Service> in the current context! Error: Unable to interpret <SafeBootNet:64bit: Base - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: Boot Bus Extender - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: Boot file system - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: DnsCache - C:\Windows\SysNative\svchost.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <SafeBootNet:64bit: File system - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: Filter - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: HelpSvc - Service> in the current context! Error: Unable to interpret <SafeBootNet:64bit: Messenger - Service> in the current context! Error: Unable to interpret <SafeBootNet:64bit: NDIS Wrapper - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: NetBIOSGroup - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: NetDDEGroup - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: Network - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: NetworkProvider - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: PCI Configuration - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: PNP Filter - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: PNP_TDI - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: Primary disk - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: rdsessmgr - Service> in the current context! Error: Unable to interpret <SafeBootNet:64bit: sacsvr - Service> in the current context! Error: Unable to interpret <SafeBootNet:64bit: SCSI Class - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: Streams Drivers - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: System Bus Extender - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: TDI - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet:64bit: vmms - Service> in the current context! Error: Unable to interpret <SafeBootNet:64bit: WudfUsbccidDriver - Driver> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices> in the current context! Error: Unable to interpret <SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices> in the current context! Error: Unable to interpret <SafeBootNet: AppMgmt - Service> in the current context! Error: Unable to interpret <SafeBootNet: Base - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: Boot Bus Extender - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: Boot file system - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: File system - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: Filter - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: HelpSvc - Service> in the current context! Error: Unable to interpret <SafeBootNet: Messenger - Service> in the current context! Error: Unable to interpret <SafeBootNet: NDIS Wrapper - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: NetBIOSGroup - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: NetDDEGroup - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: Network - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: NetworkProvider - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: PCI Configuration - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: PNP Filter - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: PNP_TDI - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: Primary disk - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: rdsessmgr - Service> in the current context! Error: Unable to interpret <SafeBootNet: sacsvr - Service> in the current context! Error: Unable to interpret <SafeBootNet: SCSI Class - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: Streams Drivers - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: System Bus Extender - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: TDI - Driver Group> in the current context! Error: Unable to interpret <SafeBootNet: vmms - Service> in the current context! Error: Unable to interpret <SafeBootNet: WudfUsbccidDriver - Driver> in the current context! Error: Unable to interpret <SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System> in the current context! Error: Unable to interpret <SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive> in the current context! Error: Unable to interpret <SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers> in the current context! Error: Unable to interpret <SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy> in the current context! Error: Unable to interpret <SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers> in the current context! Error: Unable to interpret <SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume> in the current context! Error: Unable to interpret <SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices> in the current context! Error: Unable to interpret <SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices> in the current context! Error: Unable to interpret <SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices> in the current context! Error: Unable to interpret < > in the current context! |
![]() | #24 |
![]() ![]() | ![]() Keine Rückmeldung und Freeze Teil 2 : Code:
ATTFilter Error: Unable to interpret <ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0> in the current context! Error: Unable to interpret <ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> in the current context! Error: Unable to interpret <ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack> in the current context! Error: Unable to interpret <ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> in the current context! Error: Unable to interpret <ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx> in the current context! Error: Unable to interpret <ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help> in the current context! Error: Unable to interpret <ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6> in the current context! Error: Unable to interpret <ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools> in the current context! Error: Unable to interpret <ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements> in the current context! Error: Unable to interpret <ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player> in the current context! Error: Unable to interpret <ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access> in the current context! Error: Unable to interpret <ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7> in the current context! Error: Unable to interpret <ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll> in the current context! Error: Unable to interpret <ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings> in the current context! Error: Unable to interpret <ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install> in the current context! Error: Unable to interpret <ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding> in the current context! Error: Unable to interpret <ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts> in the current context! Error: Unable to interpret <ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help> in the current context! Error: Unable to interpret <ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface> in the current context! Error: Unable to interpret <ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework> in the current context! Error: Unable to interpret <ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework> in the current context! Error: Unable to interpret <ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP> in the current context! Error: Unable to interpret <ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig> in the current context! Error: Unable to interpret <ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> in the current context! Error: Unable to interpret <ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)> in the current context! Error: Unable to interpret <ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0> in the current context! Error: Unable to interpret <ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework> in the current context! Error: Unable to interpret <ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> in the current context! Error: Unable to interpret <ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack> in the current context! Error: Unable to interpret <ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> in the current context! Error: Unable to interpret <ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx> in the current context! Error: Unable to interpret <ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help> in the current context! Error: Unable to interpret <ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6> in the current context! Error: Unable to interpret <ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools> in the current context! Error: Unable to interpret <ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements> in the current context! Error: Unable to interpret <ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player> in the current context! Error: Unable to interpret <ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access> in the current context! Error: Unable to interpret <ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7> in the current context! Error: Unable to interpret <ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework> in the current context! Error: Unable to interpret <ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll> in the current context! Error: Unable to interpret <ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings> in the current context! Error: Unable to interpret <ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install> in the current context! Error: Unable to interpret <ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding> in the current context! Error: Unable to interpret <ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts> in the current context! Error: Unable to interpret <ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player> in the current context! Error: Unable to interpret <ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help> in the current context! Error: Unable to interpret <ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface> in the current context! Error: Unable to interpret <ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework> in the current context! Error: Unable to interpret <ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP> in the current context! Error: Unable to interpret <ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig> in the current context! Error: Unable to interpret <ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)> in the current context! Error: Unable to interpret <Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)> in the current context! Error: Unable to interpret <Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()> in the current context! Error: Unable to interpret <Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)> in the current context! Error: Unable to interpret <Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)> in the current context! Error: Unable to interpret <Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)> in the current context! Error: Unable to interpret <Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <CREATERESTOREPOINT> in the current context! Error: Unable to interpret <Restore point Set: OTL Restore Point> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2012.10.13 18:03:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe> in the current context! Error: Unable to interpret <[2012.10.12 22:59:07 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Shizuka3-Client-2012-v3> in the current context! Error: Unable to interpret <[2012.10.10 18:29:00 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\CRE> in the current context! Error: Unable to interpret <[2012.10.09 15:21:06 | 000,024,960 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe> in the current context! Error: Unable to interpret <[2012.10.09 15:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Toolbar> in the current context! Error: Unable to interpret <[2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit> in the current context! Error: Unable to interpret <[2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5> in the current context! Error: Unable to interpret <[2012.09.23 21:16:38 | 000,000,000 | ---D | C] -- C:\Windows\de> in the current context! Error: Unable to interpret <[2012.09.23 21:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive> in the current context! Error: Unable to interpret <[2012.09.23 21:07:37 | 000,000,000 | R--D | C] -- C:\Users\DragoTheOwner\SkyDrive> in the current context! Error: Unable to interpret <[2012.09.23 21:07:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive> in the current context! Error: Unable to interpret <[2012.09.23 17:44:28 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple Computer> in the current context! Error: Unable to interpret <[2012.09.23 17:44:27 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer> in the current context! Error: Unable to interpret <[2012.09.23 17:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes> in the current context! Error: Unable to interpret <[2012.09.23 17:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod> in the current context! Error: Unable to interpret <[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes> in the current context! Error: Unable to interpret <[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes> in the current context! Error: Unable to interpret <[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer> in the current context! Error: Unable to interpret <[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69> in the current context! Error: Unable to interpret <[2012.09.23 17:41:50 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple> in the current context! Error: Unable to interpret <[2012.09.23 17:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update> in the current context! Error: Unable to interpret <[2012.09.23 17:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple> in the current context! Error: Unable to interpret <[2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour> in the current context! Error: Unable to interpret <[2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour> in the current context! Error: Unable to interpret <[2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple> in the current context! Error: Unable to interpret <[2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple> in the current context! Error: Unable to interpret <[2012.09.18 17:54:25 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes> in the current context! Error: Unable to interpret <[2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware> in the current context! Error: Unable to interpret <[2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context! Error: Unable to interpret <[2012.09.18 17:54:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys> in the current context! Error: Unable to interpret <[2012.09.18 17:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware> in the current context! Error: Unable to interpret <[2012.09.18 17:31:19 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Drum & Bass und DubStep> in the current context! Error: Unable to interpret <[2012.09.15 22:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3> in the current context! Error: Unable to interpret <[2012.09.15 22:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit> in the current context! Error: Unable to interpret <[2012.09.15 22:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit> in the current context! Error: Unable to interpret <[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context! Error: Unable to interpret <[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context! Error: Unable to interpret <[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2012.10.13 18:13:01 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job> in the current context! Error: Unable to interpret <[2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe> in the current context! Error: Unable to interpret <[2012.10.13 17:54:27 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0> in the current context! Error: Unable to interpret <[2012.10.13 17:54:27 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0> in the current context! Error: Unable to interpret <[2012.10.13 17:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job> in the current context! Error: Unable to interpret <[2012.10.13 17:46:05 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl> in the current context! Error: Unable to interpret <[2012.10.13 17:46:03 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job> in the current context! Error: Unable to interpret <[2012.10.13 17:45:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context! Error: Unable to interpret <[2012.10.13 15:13:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job> in the current context! Error: Unable to interpret <[2012.10.12 23:34:29 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI> in the current context! Error: Unable to interpret <[2012.10.12 23:34:29 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat> in the current context! Error: Unable to interpret <[2012.10.12 23:34:29 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat> in the current context! Error: Unable to interpret <[2012.10.12 23:34:29 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat> in the current context! Error: Unable to interpret <[2012.10.12 23:34:29 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat> in the current context! Error: Unable to interpret <[2012.10.12 23:00:14 | 000,000,707 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk> in the current context! Error: Unable to interpret <[2012.10.12 16:05:43 | 000,284,749 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg> in the current context! Error: Unable to interpret <[2012.10.12 15:52:22 | 000,538,327 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe> in the current context! Error: Unable to interpret <[2012.10.11 20:38:17 | 000,577,076 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5466_kimmundo_leblanc_league_of_legends.png> in the current context! Error: Unable to interpret <[2012.10.11 18:07:17 | 000,263,365 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\615911_538994196117062_708083328_o.jpg> in the current context! Error: Unable to interpret <[2012.10.11 01:18:36 | 000,002,523 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Google Chrome.lnk> in the current context! Error: Unable to interpret <[2012.10.10 18:46:08 | 046,796,570 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Entdecke die Schönen Seiten im Leben.mp4> in the current context! Error: Unable to interpret <[2012.10.10 18:29:09 | 000,000,009 | ---- | M] () -- C:\END> in the current context! Error: Unable to interpret <[2012.10.10 15:34:18 | 000,212,245 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg> in the current context! Error: Unable to interpret <[2012.10.09 15:10:14 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk> in the current context! Error: Unable to interpret <[2012.10.08 18:36:38 | 003,256,058 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a> in the current context! Error: Unable to interpret <[2012.10.08 11:35:33 | 000,009,216 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context! Error: Unable to interpret <[2012.10.07 18:43:08 | 000,000,220 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url> in the current context! Error: Unable to interpret <[2012.09.29 23:42:11 | 000,000,219 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url> in the current context! Error: Unable to interpret <[2012.09.29 22:59:13 | 000,001,243 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk> in the current context! Error: Unable to interpret <[2012.09.26 04:32:38 | 000,029,114 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\Folder.jpg> in the current context! Error: Unable to interpret <[2012.09.26 04:32:38 | 000,006,205 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\AlbumArtSmall.jpg> in the current context! Error: Unable to interpret <[2012.09.26 04:25:54 | 000,433,908 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg> in the current context! Error: Unable to interpret <[2012.09.26 03:20:32 | 057,228,076 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Ich kann nicht ohne dich...mp4> in the current context! Error: Unable to interpret <[2012.09.23 21:23:02 | 000,349,777 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg> in the current context! Error: Unable to interpret <[2012.09.23 21:15:54 | 000,001,305 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk> in the current context! Error: Unable to interpret <[2012.09.23 17:44:17 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk> in the current context! Error: Unable to interpret <[2012.09.20 19:36:36 | 000,000,222 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url> in the current context! Error: Unable to interpret <[2012.09.19 21:25:16 | 002,311,218 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov> in the current context! Error: Unable to interpret <[2012.09.18 17:54:10 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk> in the current context! Error: Unable to interpret <[2012.09.18 17:37:47 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img> in the current context! Error: Unable to interpret <[2012.09.18 05:57:42 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img.bak> in the current context! Error: Unable to interpret <[2012.09.17 09:41:33 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context! Error: Unable to interpret <[2012.09.15 22:25:16 | 000,001,186 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk> in the current context! Error: Unable to interpret <[2012.09.15 22:25:16 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk> in the current context! Error: Unable to interpret <[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context! Error: Unable to interpret <[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context! Error: Unable to interpret <[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2012.10.12 23:00:14 | 000,000,707 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk> in the current context! Error: Unable to interpret <[2012.10.12 16:05:41 | 000,284,749 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg> in the current context! Error: Unable to interpret <[2012.10.12 15:52:20 | 000,538,327 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe> in the current context! Error: Unable to interpret <[2012.10.11 20:38:16 | 000,577,076 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5466_kimmundo_leblanc_league_of_legends.png> in the current context! Error: Unable to interpret <[2012.10.11 18:07:17 | 000,263,365 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\615911_538994196117062_708083328_o.jpg> in the current context! Error: Unable to interpret <[2012.10.10 18:43:10 | 046,796,570 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Entdecke die Schönen Seiten im Leben.mp4> in the current context! Error: Unable to interpret <[2012.10.10 18:29:07 | 000,000,009 | ---- | C] () -- C:\END> in the current context! Error: Unable to interpret <[2012.10.10 15:34:18 | 000,212,245 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg> in the current context! Error: Unable to interpret <[2012.10.09 15:10:14 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk> in the current context! Error: Unable to interpret <[2012.10.08 18:36:35 | 003,256,058 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a> in the current context! Error: Unable to interpret <[2012.10.07 18:43:08 | 000,000,220 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url> in the current context! Error: Unable to interpret <[2012.09.29 23:42:11 | 000,000,219 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url> in the current context! Error: Unable to interpret <[2012.09.26 04:26:54 | 000,433,908 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg> in the current context! Error: Unable to interpret <[2012.09.26 03:13:15 | 057,228,076 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Ich kann nicht ohne dich...mp4> in the current context! Error: Unable to interpret <[2012.09.24 05:01:33 | 000,000,617 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\League of Legends spielen .lnk> in the current context! Error: Unable to interpret <[2012.09.23 21:23:08 | 000,349,777 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg> in the current context! Error: Unable to interpret <[2012.09.23 21:15:54 | 000,001,305 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk> in the current context! Error: Unable to interpret <[2012.09.23 21:15:42 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk> in the current context! Error: Unable to interpret <[2012.09.23 21:14:59 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk> in the current context! Error: Unable to interpret <[2012.09.23 21:07:35 | 000,002,200 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk> in the current context! Error: Unable to interpret <[2012.09.23 17:44:17 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk> in the current context! Error: Unable to interpret <[2012.09.23 17:41:47 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk> in the current context! Error: Unable to interpret <[2012.09.20 19:36:36 | 000,000,222 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url> in the current context! Error: Unable to interpret <[2012.09.19 21:23:33 | 002,311,218 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov> in the current context! Error: Unable to interpret <[2012.09.18 17:54:10 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk> in the current context! Error: Unable to interpret <[2012.09.17 19:22:41 | 000,001,243 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk> in the current context! Error: Unable to interpret <[2012.09.15 22:25:16 | 000,001,186 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk> in the current context! Error: Unable to interpret <[2012.09.15 22:25:16 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk> in the current context! Error: Unable to interpret <[2012.09.07 06:01:03 | 000,008,976 | ---- | C] () -- C:\Users\DragoTheOwner\.recently-used.xbel> in the current context! Error: Unable to interpret <[2012.07.27 14:11:05 | 000,003,551 | ---- | C] () -- C:\Windows\wininit.ini> in the current context! Error: Unable to interpret <[2012.07.23 00:33:25 | 000,009,216 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context! Error: Unable to interpret <[2012.06.28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe> in the current context! Error: Unable to interpret <[2012.05.01 21:50:14 | 922,460,208 | ---- | C] () -- C:\Users\DragoTheOwner\War_Rock_10182011_G1_Xfire.exe> in the current context! Error: Unable to interpret <[2012.03.21 18:54:48 | 000,000,000 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\{30DEB4EF-7BA3-4C31-B2F1-2D0414B6C43D}> in the current context! Error: Unable to interpret <[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat> in the current context! Error: Unable to interpret <[2011.09.25 01:58:18 | 000,282,472 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe> in the current context! Error: Unable to interpret <[2011.09.25 01:58:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe> in the current context! Error: Unable to interpret <[2011.05.24 18:06:10 | 000,150,184 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat> in the current context! Error: Unable to interpret <[2011.04.18 23:30:47 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI> in the current context! Error: Unable to interpret <[2011.03.10 16:58:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat> in the current context! Error: Unable to interpret <[2010.11.22 12:00:06 | 004,269,056 | ---- | C] () -- C:\Windows\SysWow64\system.dll> in the current context! Error: Unable to interpret <[2010.11.16 15:33:06 | 000,021,220 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\UserTile.png> in the current context! Error: Unable to interpret <[2010.03.01 20:09:42 | 000,007,606 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\Resmon.ResmonCfg> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== ZeroAccess Check ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64> in the current context! Error: Unable to interpret <"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Apartment> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]> in the current context! Error: Unable to interpret <"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Apartment> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64> in the current context! Error: Unable to interpret <"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Free> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]> in the current context! Error: Unable to interpret <"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Free> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64> in the current context! Error: Unable to interpret <"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Both> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== LOP Check ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2012.09.10 03:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft> in the current context! Error: Unable to interpret <[2011.12.17 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics> in the current context! Error: Unable to interpret <[2011.05.22 11:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux> in the current context! Error: Unable to interpret <[2010.01.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener> in the current context! Error: Unable to interpret <[2011.02.10 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache> in the current context! Error: Unable to interpret <[2012.06.15 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations> in the current context! Error: Unable to interpret <[2012.07.06 17:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB> in the current context! Error: Unable to interpret <[2012.10.10 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft> in the current context! Error: Unable to interpret <[2012.09.17 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers> in the current context! Error: Unable to interpret <[2010.01.27 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner> in the current context! Error: Unable to interpret <[2012.05.17 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson> in the current context! Error: Unable to interpret <[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen> in the current context! Error: Unable to interpret <[2011.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader> in the current context! Error: Unable to interpret <[2012.10.09 15:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager> in the current context! Error: Unable to interpret <[2010.06.10 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo> in the current context! Error: Unable to interpret <[2012.09.07 06:01:03 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0> in the current context! Error: Unable to interpret <[2011.06.18 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios> in the current context! Error: Unable to interpret <[2011.11.03 11:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ> in the current context! Error: Unable to interpret <[2011.01.15 00:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM> in the current context! Error: Unable to interpret <[2012.10.09 15:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit> in the current context! Error: Unable to interpret <[2010.07.15 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics> in the current context! Error: Unable to interpret <[2010.08.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient> in the current context! Error: Unable to interpret <[2012.05.24 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2> in the current context! Error: Unable to interpret <[2010.10.11 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX> in the current context! Error: Unable to interpret <[2011.10.30 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut> in the current context! Error: Unable to interpret <[2011.04.03 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World> in the current context! Error: Unable to interpret <[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF> in the current context! Error: Unable to interpret <[2011.07.10 21:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++> in the current context! Error: Unable to interpret <[2012.06.15 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org> in the current context! Error: Unable to interpret <[2010.06.27 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape> in the current context! Error: Unable to interpret <[2012.07.03 20:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games> in the current context! Error: Unable to interpret <[2011.10.08 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee> in the current context! Error: Unable to interpret <[2011.05.14 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot> in the current context! Error: Unable to interpret <[2012.07.20 02:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater> in the current context! Error: Unable to interpret <[2012.06.28 20:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync> in the current context! Error: Unable to interpret <[2010.12.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat> in the current context! Error: Unable to interpret <[2012.08.07 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer> in the current context! Error: Unable to interpret <[2011.05.10 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds> in the current context! Error: Unable to interpret <[2012.09.17 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client> in the current context! Error: Unable to interpret <[2012.04.20 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software> in the current context! Error: Unable to interpret <[2012.09.18 17:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue> in the current context! Error: Unable to interpret <[2011.10.15 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Purity Check ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Custom Scans ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << %ALLUSERSPROFILE%\Application Data\*. >> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << %ALLUSERSPROFILE%\Application Data\*.exe /s >> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << %APPDATA%\*. >> in the current context! Error: Unable to interpret <[2012.09.10 03:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft> in the current context! Error: Unable to interpret <[2012.06.15 10:44:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Adobe> in the current context! Error: Unable to interpret <[2012.09.23 17:45:20 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer> in the current context! Error: Unable to interpret <[2010.10.08 21:44:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ArcSoft> in the current context! Error: Unable to interpret <[2011.12.17 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics> in the current context! Error: Unable to interpret <[2011.05.22 11:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux> in the current context! Error: Unable to interpret <[2012.07.27 15:44:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Avira> in the current context! Error: Unable to interpret <[2011.01.08 00:17:15 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\AVS4YOU> in the current context! Error: Unable to interpret <[2010.01.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener> in the current context! Error: Unable to interpret <[2011.01.08 17:15:16 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DivX> in the current context! Error: Unable to interpret <[2011.02.10 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache> in the current context! Error: Unable to interpret <[2012.06.15 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations> in the current context! Error: Unable to interpret <[2012.07.06 17:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB> in the current context! Error: Unable to interpret <[2012.10.10 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft> in the current context! Error: Unable to interpret <[2012.09.17 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers> in the current context! Error: Unable to interpret <[2010.01.27 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner> in the current context! Error: Unable to interpret <[2012.05.17 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson> in the current context! Error: Unable to interpret <[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen> in the current context! Error: Unable to interpret <[2011.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader> in the current context! Error: Unable to interpret <[2012.10.09 15:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager> in the current context! Error: Unable to interpret <[2010.06.10 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo> in the current context! Error: Unable to interpret <[2012.09.07 06:01:03 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0> in the current context! Error: Unable to interpret <[2010.09.18 16:21:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hamachi> in the current context! Error: Unable to interpret <[2011.06.18 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios> in the current context! Error: Unable to interpret <[2011.11.03 11:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ> in the current context! Error: Unable to interpret <[2010.01.27 16:55:55 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Identities> in the current context! Error: Unable to interpret <[2011.01.15 00:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM> in the current context! Error: Unable to interpret <[2010.02.14 17:06:21 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\InstallShield> in the current context! Error: Unable to interpret <[2012.10.09 15:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit> in the current context! Error: Unable to interpret <[2010.07.15 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics> in the current context! Error: Unable to interpret <[2010.08.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient> in the current context! Error: Unable to interpret <[2012.05.24 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2> in the current context! Error: Unable to interpret <[2010.01.27 20:28:38 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia> in the current context! Error: Unable to interpret <[2010.10.11 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX> in the current context! Error: Unable to interpret <[2012.09.18 17:54:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes> in the current context! Error: Unable to interpret <[2009.07.14 20:18:18 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Media Center Programs> in the current context! Error: Unable to interpret <[2012.09.30 01:10:48 | 000,000,000 | --SD | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft> in the current context! Error: Unable to interpret <[2012.07.22 04:58:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Mozilla> in the current context! Error: Unable to interpret <[2011.10.30 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut> in the current context! Error: Unable to interpret <[2011.04.03 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World> in the current context! Error: Unable to interpret <[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF> in the current context! Error: Unable to interpret <[2011.07.10 21:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++> in the current context! Error: Unable to interpret <[2012.04.22 15:31:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\NVIDIA> in the current context! Error: Unable to interpret <[2012.06.15 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org> in the current context! Error: Unable to interpret <[2010.06.27 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape> in the current context! Error: Unable to interpret <[2012.07.03 20:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games> in the current context! Error: Unable to interpret <[2011.10.08 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee> in the current context! Error: Unable to interpret <[2011.05.14 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot> in the current context! Error: Unable to interpret <[2012.07.20 02:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater> in the current context! Error: Unable to interpret <[2012.06.28 20:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync> in the current context! Error: Unable to interpret <[2012.10.13 18:12:37 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Skype> in the current context! Error: Unable to interpret <[2011.07.24 00:03:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\skypePM> in the current context! Error: Unable to interpret <[2010.12.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat> in the current context! Error: Unable to interpret <[2010.08.10 13:36:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\teamspeak2> in the current context! Error: Unable to interpret <[2012.08.07 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer> in the current context! Error: Unable to interpret <[2011.05.10 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds> in the current context! Error: Unable to interpret <[2012.09.17 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client> in the current context! Error: Unable to interpret <[2012.04.20 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software> in the current context! Error: Unable to interpret <[2012.09.18 17:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue> in the current context! Error: Unable to interpret <[2011.10.15 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer> in the current context! Error: Unable to interpret <[2010.01.27 17:09:32 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\WinRAR> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << %APPDATA%\*.exe /s >> in the current context! Error: Unable to interpret <[2011.01.29 17:45:25 | 079,043,646 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe7> in the current context! Error: Unable to interpret <[2011.01.29 17:45:25 | 087,148,709 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe5> in the current context! Error: Unable to interpret <[2011.01.29 17:45:25 | 074,667,317 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe6> in the current context! Error: Unable to interpret <[2011.01.29 17:45:25 | 079,551,845 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe4> in the current context! Error: Unable to interpret <[2011.01.29 17:45:25 | 068,507,997 | ---- | M] (Igor Pavlov) -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe> in the current context! Error: Unable to interpret <[2011.01.29 17:45:25 | 064,054,648 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe1> in the current context! Error: Unable to interpret <[2011.01.29 17:45:25 | 075,811,492 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe2> in the current context! Error: Unable to interpret <[2011.01.29 17:45:25 | 074,545,348 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe3> in the current context! Error: Unable to interpret <[2010.11.27 04:01:28 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe> in the current context! Error: Unable to interpret <[2012.04.12 13:33:48 | 008,738,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe> in the current context! Error: Unable to interpret <[2011.01.16 16:07:29 | 000,348,160 | ---- | M] (Octoshape ApS) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << %SYSTEMDRIVE%\*.exe >> in the current context! Error: Unable to interpret <[2008.04.11 08:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << MD5 for: AGP440.SYS >> in the current context! Error: Unable to interpret <[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys> in the current context! Error: Unable to interpret <[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys> in the current context! Error: Unable to interpret <[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << MD5 for: ATAPI.SYS >> in the current context! Error: Unable to interpret <[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys> in the current context! Error: Unable to interpret <[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys> in the current context! Error: Unable to interpret <[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << MD5 for: CNGAUDIT.DLL >> in the current context! Error: Unable to interpret <[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll> in the current context! Error: Unable to interpret <[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll> in the current context! Error: Unable to interpret <[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll> in the current context! Error: Unable to interpret <[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << MD5 for: IASTORV.SYS >> in the current context! Error: Unable to interpret <[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys> in the current context! Error: Unable to interpret <[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys> in the current context! Error: Unable to interpret <[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys> in the current context! Error: Unable to interpret <[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys> in the current context! Error: Unable to interpret <[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys> in the current context! Error: Unable to interpret <[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << MD5 for: NETLOGON.DLL >> in the current context! Error: Unable to interpret <[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll> in the current context! Error: Unable to interpret <[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll> in the current context! Error: Unable to interpret <[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll> in the current context! Error: Unable to interpret <[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << MD5 for: NVSTOR.SYS >> in the current context! Error: Unable to interpret <[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys> in the current context! Error: Unable to interpret <[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys> in the current context! Error: Unable to interpret <[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys> in the current context! Error: Unable to interpret <[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys> in the current context! Error: Unable to interpret <[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys> in the current context! Error: Unable to interpret <[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << MD5 for: SCECLI.DLL >> in the current context! Error: Unable to interpret <[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll> in the current context! Error: Unable to interpret <[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll> in the current context! Error: Unable to interpret <[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll> in the current context! Error: Unable to interpret <[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << MD5 for: USER32.DLL >> in the current context! Error: Unable to interpret <[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll> in the current context! Error: Unable to interpret <[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll> in the current context! Error: Unable to interpret <[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll> in the current context! Error: Unable to interpret <[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << MD5 for: USERINIT.EXE >> in the current context! Error: Unable to interpret <[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe> in the current context! Error: Unable to interpret <[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe> in the current context! Error: Unable to interpret <[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe> in the current context! Error: Unable to interpret <[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << MD5 for: WININIT.EXE >> in the current context! Error: Unable to interpret <[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe> in the current context! Error: Unable to interpret <[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe> in the current context! Error: Unable to interpret <[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe> in the current context! Error: Unable to interpret <[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << MD5 for: WINLOGON.EXE >> in the current context! Error: Unable to interpret <[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe> in the current context! Error: Unable to interpret <[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe> in the current context! Error: Unable to interpret <[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << MD5 for: WS2IFSL.SYS >> in the current context! Error: Unable to interpret <[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys> in the current context! Error: Unable to interpret <[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << %systemroot%\system32\drivers\*.sys /lockedfiles >> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << %systemroot%\System32\config\*.sav >> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << %systemroot%\*. /mp /s >> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << %systemroot%\system32\*.dll /lockedfiles >> in the current context! Error: Unable to interpret <[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << >> in the current context! Error: Unable to interpret <[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT> in the current context! Error: Unable to interpret <[2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT> in the current context! Error: Unable to interpret <[2010.06.28 21:36:59 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job> in the current context! Error: Unable to interpret <[2011.10.15 12:41:45 | 000,000,198 | ---- | C] () -- C:\Windows\Tasks\{CD7D28A7-F48B-41CE-B478-5A4BFF4BF3EB}.job> in the current context! Error: Unable to interpret <[2012.03.27 17:33:15 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core1cd0c2eed37e280.job> in the current context! Error: Unable to interpret <[2012.04.24 13:09:42 | 000,000,240 | ---- | C] () -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012.job> in the current context! Error: Unable to interpret <[2012.05.23 18:15:41 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job> in the current context! Error: Unable to interpret <[2012.06.09 16:06:09 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job> in the current context! Error: Unable to interpret <[2012.07.13 03:14:16 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job> in the current context! Error: Unable to interpret <[2012.07.26 17:34:42 | 000,001,152 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Alternate Data Streams ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1> in the current context! Error: Unable to interpret << End of report >> in the current context! OTL by OldTimer - Version log created on 10132012_214142 |
![]() | #25 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Keine Rückmeldung und Freeze Der Fix wurde falsch ausgeführt! Bitte nur den Text aus meiner CODE-Box und nichts anderes da einfügen Du hast ein OTL-Log selbst da eingefügt und dann versucht zu fixen, das ergibt hinten und vorne keinen Sinn - bitte die Anleitungen genauer lesen und sorgfältiger arbeiten
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #26 |
![]() ![]() | ![]() Keine Rückmeldung und Freeze ich habe alles aus deiner Box genommen.. nun gut soll ich nochmal die sachen aus deiner box nehmen und neu fixen? |
![]() | #27 | ||
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Keine Rückmeldung und FreezeZitat:
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #28 |
![]() ![]() | ![]() Keine Rückmeldung und Freeze Alles klar tut mir leid ich weiß auch nicht was falsch mit mir war.. Ich Poste es gleich ins Forum So hier ist es nun. Code:
ATTFilter All processes killed ========== OTL ========== Registry key HKEY_USERS\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found. Use Chrome's Settings page to remove the default_search_provider items. File C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\\plugins/ConduitChromeApiPlugin.dll not found. File C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\\plugins/np-cwmp.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}\ not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}\ not found. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27d7b987-0b4e-11df-85da-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27d7b987-0b4e-11df-85da-806e6f6e6963}\ not found. File D:\Seite1.exe not found. ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully. ========== FILES ========== C:\install.exe moved successfully. < ipconfig /flushdns /c > Windows-IP-Konfiguration Der DNS-Aufl”sungscache konnte nicht geleert werden: Beim Ausfhren der Funktion ist ein Fehler aufgetreten. C:\Users\DragoTheOwner\Desktop\cmd.bat deleted successfully. C:\Users\DragoTheOwner\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: AppData User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56502 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: MaxMustermann ->Temp folder emptied: 37370514 bytes ->Temporary Internet Files folder emptied: 33026133 bytes ->Java cache emptied: 27935419 bytes ->FireFox cache emptied: 59873134 bytes ->Google Chrome cache emptied: 459937026 bytes ->Flash cache emptied: 9869620 bytes User: MaxMustermann User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56502 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 406457 bytes %systemroot%\System32 .tmp files removed: 10568269 bytes %systemroot%\System32 (64bit) .tmp files removed: 1291776 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 140 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36149587 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 645,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version log created on 10152012_161333 Files\Folders moved on Reboot... C:\Users\DragoTheOwner\AppData\Local\Temp\AdobeARM.log moved successfully. C:\Users\DragoTheOwner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... |
![]() | #29 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Keine Rückmeldung und Freeze Mach bitte einen neuen OTL-CustomScan, da dein Rechner mit dem mediyes infiziert ist, braucht der eine etwas besondere Behandlung - Log wie immer in CODE-Tags posten Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
ATTFilter HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\Windows\CurrentVersion\Telephony\Providers HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com %SystemRoot%\system32\*.tsp %SystemRoot%\system32\*.tsp /64 C:\Windows\system32\*.dll /360 C:\Windows\SysNative\*.dll /360 C:\Windows\SysWOW64\*.dll /360
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #30 |
![]() ![]() | ![]() Keine Rückmeldung und Freeze Das ist der Report : Code:
ATTFilter OTL logfile created on: 16.10.2012 13:28:41 - Run 2 OTL by OldTimer - Version Folder = C:\Users\DragoTheOwner\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,75 Gb Total Physical Memory | 2,76 Gb Available Physical Memory | 73,66% Memory free 7,50 Gb Paging File | 6,24 Gb Available in Paging File | 83,25% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 319,52 Gb Free Space | 68,62% Space Free | Partition Type: NTFS Unable to calculate disk information. Drive E: | 3,67 Gb Total Space | 2,31 Gb Free Space | 62,96% Space Free | Partition Type: FAT32 Drive H: | 16,92 Mb Total Space | 1,50 Mb Free Space | 8,87% Space Free | Partition Type: FAT Drive I: | 24,86 Mb Total Space | 24,84 Mb Free Space | 99,94% Space Free | Partition Type: FAT Computer Name: NOEL | User Name: DragoTheOwner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.07.18 18:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe PRC - [2005.07.22 09:22:22 | 000,126,976 | ---- | M] (T-Com Bereich Endgeräte) -- C:\Program Files (x86)\OnlineControl\ocontrol.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Update-Service-Installer-Service) SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Dnscache) SRV - [2012.10.09 03:51:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.10.05 01:28:45 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.08.30 21:36:30 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll -- (Akamai) SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2012.07.14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.06.29 05:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5) SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.11.12 19:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.02.15 13:08:56 | 000,675,840 | ---- | M] (RapidSolution Software AG) [Disabled | Stopped] -- C:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe -- (ScrambyServer) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.07.28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012.07.18 18:04:42 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.07.18 18:04:42 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.07.18 18:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.05.21 15:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) DRV:64bit: - [2010.09.26 20:32:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2010.08.12 13:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET) DRV:64bit: - [2010.07.01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc) DRV:64bit: - [2010.02.14 17:06:19 | 000,575,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2008.11.11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem) DRV:64bit: - [2008.11.11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag) DRV:64bit: - [2008.11.11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus) DRV:64bit: - [2007.08.08 08:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scramby_out.sys -- (scramby_out) DRV:64bit: - [2006.12.05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207) DRV - [2011.12.12 19:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2010.11.01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01 [binary data] IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01 [binary data] IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.) IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{5E4D3DCE-F4DD-433C-A690-3EF511A532F2}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{9ECAE799-1810-47F9-AA0D-74B6C39860CF}: "URL" = hxxp://www.ricardo.ch/search/search.asp?txtSearch={searchTerms}&Catg=1&InTitleAndDesc=1 IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{EE232B47-5DB3-4AA9-87BD-51DD6FA63286}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms} IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms} IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p=" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=685749" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DragoTheOwner\AppData\Local\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DragoTheOwner\AppData\Local\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 04:57:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.01 12:37:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\DragoTheOwner\AppData\Roaming\IDM\idmmzcc3 [2012.07.22 04:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Extensions [2012.10.12 18:11:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions [2012.09.17 19:22:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.09.18 17:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions [2011.07.17 20:51:18 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.05.09 17:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\ffxtlbr@babylon.com [2012.08.07 18:04:54 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.10.12 18:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.08.24 22:46:49 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Conduit (Enabled) CHR - default_search_provider: search_url = hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050 CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Free Studio (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\\np_dvs_plugin.dll CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\\plugins/ConduitChromeApiPlugin.dll CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\\plugins/np-cwmp.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll O1 HOSTS File: ([2012.10.15 16:16:11 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found. O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit) O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\system32\d3dywzbtg.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri64_4.4.26.0.cab (SysInfo Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.7.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47dda526-fe72-4f24-ae70-b0681e2df27d}: DhcpNameServer = O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27:64bit: - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software) O27:64bit: - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software) O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.10.16 10:34:36 | 000,000,084 | ---- | M] () - H:\AUTORUN.INF -- [ FAT ] O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.10.16 01:06:39 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Pickup Bot [2012.10.16 01:06:29 | 004,094,578 | ---- | C] (Igor Pavlov) -- C:\Users\DragoTheOwner\Desktop\Tools by Unpublished.exe [2012.10.14 18:36:11 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Switchbot [2012.10.13 21:41:42 | 000,000,000 | ---D | C] -- C:\_OTL [2012.10.13 18:03:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe [2012.10.12 22:59:07 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Shizuka3-Client-2012-v3 [2012.10.10 18:29:00 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\CRE [2012.10.09 15:21:06 | 000,024,960 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe [2012.10.09 15:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Toolbar [2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit [2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5 [2012.09.23 21:16:38 | 000,000,000 | ---D | C] -- C:\Windows\de [2012.09.23 21:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive [2012.09.23 21:07:37 | 000,000,000 | R--D | C] -- C:\Users\DragoTheOwner\SkyDrive [2012.09.23 21:07:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive [2012.09.23 17:44:28 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple Computer [2012.09.23 17:44:27 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer [2012.09.23 17:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.09.23 17:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2012.09.23 17:41:50 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple [2012.09.23 17:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012.09.23 17:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012.09.18 17:54:25 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes [2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.18 17:54:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.18 17:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.09.18 17:31:19 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Drum & Bass und DubStep ========== Files - Modified Within 30 Days ========== [2012.10.16 13:13:01 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job [2012.10.16 12:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.16 10:36:36 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.16 10:36:36 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.16 10:36:36 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.16 10:36:36 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.16 10:36:36 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.16 10:10:44 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.16 10:10:44 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.16 10:03:44 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics [2012.10.16 10:03:27 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2012.10.16 10:03:26 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job [2012.10.16 10:03:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.16 01:05:43 | 004,094,578 | ---- | M] (Igor Pavlov) -- C:\Users\DragoTheOwner\Desktop\Tools by Unpublished.exe [2012.10.15 16:16:11 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2012.10.15 15:13:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job [2012.10.15 10:03:07 | 000,375,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.10.14 15:02:59 | 000,157,850 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\asdasd.jpg [2012.10.14 15:02:59 | 000,002,117 | ---- | M] () -- C:\Users\DragoTheOwner\.recently-used.xbel [2012.10.14 14:57:01 | 000,204,828 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Blood-Lord-Vladimir-Skin.jpg [2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe [2012.10.12 23:00:14 | 000,000,707 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk [2012.10.12 16:05:43 | 000,284,749 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg [2012.10.12 15:52:22 | 000,538,327 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe [2012.10.11 01:18:36 | 000,002,523 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Google Chrome.lnk [2012.10.10 18:29:09 | 000,000,009 | ---- | M] () -- C:\END [2012.10.10 15:34:18 | 000,212,245 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg [2012.10.09 15:10:14 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk [2012.10.08 18:36:38 | 003,256,058 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a [2012.10.08 11:35:33 | 000,009,216 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.10.07 18:43:08 | 000,000,220 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url [2012.09.29 23:42:11 | 000,000,219 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url [2012.09.29 22:59:13 | 000,001,243 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk [2012.09.26 04:32:38 | 000,029,114 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\Folder.jpg [2012.09.26 04:32:38 | 000,006,205 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\AlbumArtSmall.jpg [2012.09.26 04:25:54 | 000,433,908 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg [2012.09.23 21:23:02 | 000,349,777 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg [2012.09.23 21:15:54 | 000,001,305 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk [2012.09.23 17:44:17 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.09.20 19:36:36 | 000,000,222 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url [2012.09.19 21:25:16 | 002,311,218 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov [2012.09.18 17:54:10 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.18 17:37:47 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img [2012.09.18 05:57:42 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img.bak [2012.09.17 09:41:33 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ========== Files Created - No Company Name ========== [2012.10.14 15:02:59 | 000,002,117 | ---- | C] () -- C:\Users\DragoTheOwner\.recently-used.xbel [2012.10.14 15:02:58 | 000,157,850 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\asdasd.jpg [2012.10.14 14:57:00 | 000,204,828 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Blood-Lord-Vladimir-Skin.jpg [2012.10.12 23:00:14 | 000,000,707 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk [2012.10.12 16:05:41 | 000,284,749 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg [2012.10.12 15:52:20 | 000,538,327 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe [2012.10.10 18:29:07 | 000,000,009 | ---- | C] () -- C:\END [2012.10.10 15:34:18 | 000,212,245 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg [2012.10.09 15:10:14 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk [2012.10.08 18:36:35 | 003,256,058 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a [2012.10.07 18:43:08 | 000,000,220 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url [2012.09.29 23:42:11 | 000,000,219 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url [2012.09.26 04:26:54 | 000,433,908 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg [2012.09.24 05:01:33 | 000,000,617 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\League of Legends spielen .lnk [2012.09.23 21:23:08 | 000,349,777 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg [2012.09.23 21:15:54 | 000,001,305 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk [2012.09.23 21:15:42 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [2012.09.23 21:14:59 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2012.09.23 21:07:35 | 000,002,200 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk [2012.09.23 17:44:17 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.09.23 17:41:47 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012.09.20 19:36:36 | 000,000,222 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url [2012.09.19 21:23:33 | 002,311,218 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov [2012.09.18 17:54:10 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.17 19:22:41 | 000,001,243 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk [2012.07.27 14:11:05 | 000,003,551 | ---- | C] () -- C:\Windows\wininit.ini [2012.07.23 00:33:25 | 000,009,216 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.06.28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.05.01 21:50:14 | 922,460,208 | ---- | C] () -- C:\Users\DragoTheOwner\War_Rock_10182011_G1_Xfire.exe [2012.03.21 18:54:48 | 000,000,000 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\{30DEB4EF-7BA3-4C31-B2F1-2D0414B6C43D} [2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.09.25 01:58:18 | 000,282,472 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.09.25 01:58:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.05.24 18:06:10 | 000,150,184 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.04.18 23:30:47 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.03.10 16:58:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.11.22 12:00:06 | 004,269,056 | ---- | C] () -- C:\Windows\SysWow64\system.dll [2010.11.16 15:33:06 | 000,021,220 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\UserTile.png [2010.03.01 20:09:42 | 000,007,606 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\Resmon.ResmonCfg ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.09.10 03:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft [2011.12.17 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics [2011.05.22 11:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux [2010.01.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener [2011.02.10 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache [2012.06.15 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations [2012.07.06 17:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB [2012.10.10 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft [2012.09.17 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers [2010.01.27 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner [2012.05.17 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson [2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen [2011.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader [2012.10.09 15:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager [2010.06.10 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo [2012.10.14 15:02:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0 [2011.06.18 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios [2011.11.03 11:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ [2011.01.15 00:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM [2012.10.09 15:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit [2010.07.15 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics [2010.08.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient [2012.05.24 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2 [2010.10.11 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX [2011.10.30 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut [2011.04.03 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World [2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF [2011.07.10 21:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++ [2012.06.15 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org [2010.06.27 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape [2012.07.03 20:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games [2011.10.08 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee [2011.05.14 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot [2012.07.20 02:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater [2012.06.28 20:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync [2010.12.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat [2012.08.07 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer [2011.05.10 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds [2012.09.17 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client [2012.04.20 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software [2012.09.18 17:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue [2011.10.15 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer ========== Purity Check ========== ========== Custom Scans ========== < HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers > "ProviderID0" = 1 "ProviderID1" = 2 "ProviderID2" = 3 "ProviderID3" = 4 "NextProviderID" = 5 "ProviderFileName0" = unimdm.tsp -- [2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) "ProviderFileName1" = kmddsp.tsp -- [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) "ProviderFileName2" = ndptsp.tsp -- [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) "ProviderFileName3" = hidphone.tsp -- [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) "NumProviders" = 4 < HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\Windows\CurrentVersion\Telephony\Providers > "ProviderID0" = 1 "ProviderID1" = 2 "ProviderID2" = 3 "ProviderID3" = 4 "NextProviderID" = 5 "ProviderFileName0" = unimdm.tsp -- [2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) "ProviderFileName1" = kmddsp.tsp -- [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) "ProviderFileName2" = ndptsp.tsp -- [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) "ProviderFileName3" = hidphone.tsp -- [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) "NumProviders" = 4 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters > "ServiceDll" = %SystemRoot%\System32\wkssvc.dll "ServiceDllUnloadOnStop" = 1 "EnablePlainTextPassword" = 0 "EnableSecuritySignature" = 1 "RequireSecuritySignature" = 0 "OtherDomains" = [binary data] < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S > "DisplayName" = @%SystemRoot%\System32\dnsapi.dll,-101 "Group" = TDI "ImagePath" = %SystemRoot%\system32\svchost.exe -k NetworkService -- [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) "Description" = @%SystemRoot%\System32\dnsapi.dll,-102 "ObjectName" = NT AUTHORITY\NetworkService "ErrorControl" = 1 "Start" = 2 "Type" = 32 "DependOnService" = Tdxnsi [binary data] "ServiceSidType" = 1 "RequiredPrivileges" = SeChangeNotifyPrivilegeSeCreateGlobalPrivilege [binary data] "FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 C0 D4 01 00 01 00 00 00 E0 93 04 00 00 00 00 00 00 00 00 00 [binary data] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Security] "Security" = 01 00 14 80 F8 00 00 00 04 01 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 C8 00 08 00 00 00 00 02 18 00 9D 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 21 02 00 00 00 02 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 02 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 02 14 00 8D 00 02 00 01 01 00 00 00 00 00 05 14 00 00 00 00 02 14 00 8D 00 02 00 01 01 00 00 00 00 00 05 13 00 00 00 00 02 18 00 CD 00 02 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 02 28 00 CD 01 02 00 01 06 00 00 00 00 00 05 50 00 00 00 04 C9 44 AF 94 D9 D3 E5 2B E1 B7 1C 17 84 87 13 6E 1A FA 65 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 [Binary data over 200 bytes] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\TriggerInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\TriggerInfo\0] "Type" = 4 "Action" = 1 "GUID" = 07 9E 56 B7 21 84 E0 4E AD 10 86 91 5A FD AD 09 [binary data] "Data0" = 5355UDP [binary data] "DataType0" = 2 < HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost > "netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes] "LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes] "LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes] "LocalServiceNoNetwork" = PLA [binary data] -- [2010.11.20 14:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation) "rpcss" = RpcSs [binary data] "LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data] "LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data] "DcomLaunch" = PowerPlugPlayDcomLaunch [binary data] "NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes] "imgsvc" = StiSvc [binary data] "wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) "Akamai" = Akamai [binary data] "Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data] "Update-Service" = Update-Service [binary data] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc] < HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost > "netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes] "LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes] "LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes] "LocalServiceNoNetwork" = PLA [binary data] -- [2010.11.20 14:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation) "rpcss" = RpcSs [binary data] "LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data] "LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data] "DcomLaunch" = PowerPlugPlayDcomLaunch [binary data] "NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes] "imgsvc" = StiSvc [binary data] "wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) "Akamai" = Akamai [binary data] "Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data] "Update-Service" = Update-Service [binary data] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalService] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\netsvcs] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkService] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\termsvcs] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\wcssvc] < HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com > < %SystemRoot%\system32\*.tsp > [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp < %SystemRoot%\system32\*.tsp /64 > [2009.07.14 03:38:54 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hidphone.tsp [2009.07.14 03:38:54 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp [2009.07.14 03:38:54 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ndptsp.tsp [2009.07.14 03:38:54 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\remotesp.tsp [2010.11.20 15:24:24 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp < C:\Windows\system32\*.dll /360 > [2012.03.29 15:44:23 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\admparse.dll [2012.07.26 19:08:06 | 000,153,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\atl110.dll [2012.05.29 13:09:50 | 000,021,344 | ---- | M] (TuneUp Software) -- C:\Windows\system32\authuitu.dll [2012.07.04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browcli.dll [2012.06.06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cdosys.dll [2012.04.24 06:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypt32.dll [2012.04.24 06:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptnet.dll [2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsvc.dll [2012.08.02 18:57:20 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll [2012.10.01 12:37:53 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\deployJava1.dll [2012.03.03 07:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll [2012.03.29 15:44:27 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll [2012.03.29 15:44:27 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll [2012.08.21 13:01:20 | 000,106,928 | ---- | M] (GEAR Software Inc.) -- C:\Windows\system32\GEARAspi.dll [2012.03.29 15:44:26 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll [2012.03.29 15:44:30 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll [2012.03.29 15:44:30 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakeng.dll [2012.03.29 15:44:23 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieaksie.dll [2012.03.29 15:44:23 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakui.dll [2012.03.29 15:44:26 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll [2012.03.29 15:44:26 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll [2012.10.09 15:25:33 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll [2012.03.29 15:44:30 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll [2012.03.29 15:44:26 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll [2012.10.09 15:25:32 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll [2012.03.29 15:44:26 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll [2012.03.29 15:44:29 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll [2012.10.09 15:25:33 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll [2012.03.01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll [2012.03.29 15:44:23 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll [2012.03.29 15:44:26 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll [2011.11.11 10:04:05 | 000,208,208 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\system32\install1.dll [2012.10.09 15:25:33 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll [2012.10.09 15:25:33 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll [2012.10.09 15:25:33 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll [2012.03.29 15:44:26 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll [2012.07.17 14:49:00 | 000,209,648 | ---- | M] (Microsoft Corp.) -- C:\Windows\system32\LIVESSP.DLL [2012.04.18 11:29:20 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msclmd.dll [2012.10.09 15:25:33 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll [2012.03.29 15:44:30 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll [2012.10.09 15:25:33 | 012,319,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll [2012.10.09 15:25:33 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll [2012.03.29 15:44:29 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll [2012.04.07 13:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msi.dll [2012.03.29 15:44:33 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll [2012.03.29 15:44:31 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll [2012.07.26 19:08:06 | 000,534,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp110.dll [2012.07.26 19:08:06 | 000,862,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr110.dll [2011.12.16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcrt.dll [2012.06.06 07:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll [2012.06.06 07:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll [2012.06.02 06:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll [2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi32.dll [2012.10.01 12:37:53 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\npDeployJava1.dll [2011.11.17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntdll.dll [2012.01.04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntshrui.dll [2012.06.29 05:37:00 | 002,422,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvapi.dll [2012.06.29 05:37:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcompiler.dll [2012.06.29 05:37:00 | 007,699,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuda.dll [2012.06.29 05:37:00 | 001,865,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuvenc.dll [2012.06.29 05:37:00 | 002,573,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuvid.dll [2012.06.29 05:37:00 | 015,290,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvd3dum.dll [2012.06.29 05:37:00 | 019,828,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvoglv32.dll [2012.06.29 05:37:00 | 012,388,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvwgf2um.dll [2012.03.29 15:44:23 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll [2012.06.29 05:37:00 | 000,052,584 | ---- | M] (Khronos Group) -- C:\Windows\system32\OpenCL.dll [2011.11.19 16:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\packager.dll [2012.03.29 15:44:25 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll [2012.10.09 15:23:35 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qdvd.dll [2011.10.26 06:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\quartz.dll [2012.02.17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpcore.dll [2012.06.02 06:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll [2012.06.02 06:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secur32.dll [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll [2012.07.28 03:09:02 | 000,057,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sirenacm.dll [2012.05.05 09:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srclient.dll [2012.06.02 06:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sspicli.dll [2011.11.05 06:26:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll [2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\system32\UpdSvc.dll [2012.10.09 15:25:32 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll [2012.10.09 15:25:32 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) -- C:\Windows\system32\uxtuneup.dll [2012.10.09 15:25:33 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll [2012.07.26 19:08:06 | 000,251,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vccorlib110.dll [2012.07.26 19:08:06 | 000,115,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vcomp110.dll [2012.03.29 15:44:25 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll [2011.11.17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webio.dll [2012.02.11 07:43:49 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32spl.dll [2012.10.01 12:37:53 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\WindowsAccessBridge-32.dll [2012.10.09 15:25:33 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll [2012.03.01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wintrust.dll [2012.03.01 07:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmi.dll [2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010.06.28 21:36:59 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2011.10.15 12:41:45 | 000,000,198 | ---- | C] () -- C:\Windows\Tasks\{CD7D28A7-F48B-41CE-B478-5A4BFF4BF3EB}.job [2012.03.27 17:33:15 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core1cd0c2eed37e280.job [2012.04.24 13:09:42 | 000,000,240 | ---- | C] () -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012.job [2012.05.23 18:15:41 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012.06.09 16:06:09 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job [2012.07.13 03:14:16 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job [2012.07.26 17:34:42 | 000,001,152 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job < C:\Windows\SysNative\*.dll /360 > [2012.03.29 15:44:14 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012.07.26 15:22:10 | 000,177,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\atl110.dll [2012.05.29 13:09:50 | 000,025,952 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2012.07.05 00:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012.07.05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browser.dll [2012.06.06 08:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012.04.24 07:37:36 | 001,462,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.04.24 07:37:37 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsvc.dll [2011.10.26 07:21:20 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2012.08.02 19:58:52 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2012.03.03 08:35:38 | 001,544,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012.03.29 15:44:09 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012.03.29 15:44:09 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012.08.21 13:01:20 | 000,125,872 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2012.03.29 15:44:07 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012.03.29 15:44:13 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012.03.29 15:44:13 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012.03.29 15:44:14 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012.03.29 15:44:14 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012.03.29 15:44:07 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012.03.29 15:44:07 | 000,403,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll [2012.10.09 15:25:33 | 010,925,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll [2012.03.29 15:44:13 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012.03.29 15:44:07 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012.10.09 15:25:32 | 002,144,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll [2012.03.29 15:44:07 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012.03.29 15:44:12 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012.10.09 15:25:33 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.03.01 08:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012.03.29 15:44:13 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012.03.29 15:44:05 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012.10.09 15:25:33 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.10.09 15:25:33 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.10.09 15:25:32 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll [2012.03.29 15:44:06 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012.07.17 15:14:44 | 000,253,184 | ---- | M] (Microsoft Corp.) -- C:\Windows\SysNative\LIVESSP.DLL [2012.05.14 07:26:34 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2011.11.17 08:35:19 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.04.18 11:29:20 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll [2012.10.09 15:25:33 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.03.29 15:44:13 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll [2012.10.09 15:25:33 | 017,810,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll [2012.10.09 15:25:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.03.29 15:44:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012.04.07 14:31:40 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012.03.29 15:44:21 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012.03.29 15:44:19 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012.07.26 15:22:10 | 000,661,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp110.dll [2012.07.26 15:22:10 | 000,828,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr110.dll [2011.12.16 10:46:06 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012.06.06 08:06:16 | 001,881,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3.dll [2012.06.06 08:06:16 | 002,004,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6.dll [2012.06.02 07:44:21 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.07.05 00:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2011.11.17 08:41:18 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012.01.04 12:44:20 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012.06.29 05:37:00 | 002,723,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2012.05.21 15:10:54 | 000,072,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapo64v.dll [2012.06.29 05:37:00 | 025,256,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012.06.29 01:55:46 | 006,193,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2012.06.29 05:37:00 | 009,164,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012.06.29 05:37:00 | 002,216,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012.06.29 05:37:00 | 002,744,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012.06.29 05:37:00 | 018,228,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012.06.29 05:37:00 | 001,758,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2012.06.29 05:37:00 | 001,472,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll [2012.05.15 12:48:00 | 001,468,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll [2012.05.21 09:34:41 | 001,468,264 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll [2012.05.21 15:10:56 | 000,031,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2012.06.29 01:55:40 | 000,118,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2012.06.29 05:37:00 | 026,226,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012.06.29 01:55:39 | 000,063,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2012.06.29 01:55:57 | 003,266,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2012.06.29 01:55:40 | 002,557,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2012.06.29 05:37:00 | 014,806,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2012.03.29 15:44:15 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012.06.29 05:37:00 | 000,060,776 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011.11.19 16:58:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012.03.29 15:44:14 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012.05.01 07:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\profsvc.dll [2012.10.09 15:23:35 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2011.10.26 07:25:16 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012.02.17 08:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012.04.26 07:41:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012.04.26 07:41:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012.06.02 07:45:31 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\schannel.dll [2011.11.17 08:35:25 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shell32.dll [2012.05.05 10:36:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2011.11.17 08:35:26 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2011.11.17 08:35:26 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2011.11.05 07:32:50 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tzres.dll [2012.10.09 15:25:32 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.10.09 15:25:32 | 001,346,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll [2012.07.09 13:42:56 | 004,547,984 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2012.10.09 15:25:33 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.07.26 15:22:10 | 000,354,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vccorlib110.dll [2012.07.26 15:22:10 | 000,124,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vcomp110.dll [2012.03.29 15:44:06 | 000,249,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webcheck.dll [2011.11.17 08:35:28 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.02.11 08:43:47 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012.10.09 15:25:33 | 001,392,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2012.03.01 08:38:27 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012.03.01 08:28:47 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmi.dll [2012.06.03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012.06.03 00:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll [2012.06.03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.06.03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012.06.03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012.06.03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012.06.02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll < C:\Windows\SysWOW64\*.dll /360 > [2012.03.29 15:44:23 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\admparse.dll [2012.07.26 19:08:06 | 000,153,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl110.dll [2012.05.29 13:09:50 | 000,021,344 | ---- | M] (TuneUp Software) -- C:\Windows\SysWOW64\authuitu.dll [2012.07.04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\browcli.dll [2012.06.06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cdosys.dll [2012.04.24 06:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll [2012.04.24 06:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll [2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsvc.dll [2012.08.02 18:57:20 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10level9.dll [2012.10.01 12:37:53 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWOW64\deployJava1.dll [2012.03.03 07:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll [2012.03.29 15:44:27 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll [2012.03.29 15:44:27 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll [2012.08.21 13:01:20 | 000,106,928 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysWOW64\GEARAspi.dll [2012.03.29 15:44:26 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icardie.dll [2012.03.29 15:44:30 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IEAdvpack.dll [2012.03.29 15:44:30 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieakeng.dll [2012.03.29 15:44:23 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieaksie.dll [2012.03.29 15:44:23 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieakui.dll [2012.03.29 15:44:26 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll [2012.03.29 15:44:26 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iedkcs32.dll [2012.10.09 15:25:33 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll [2012.03.29 15:44:30 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iepeers.dll [2012.03.29 15:44:26 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iernonce.dll [2012.10.09 15:25:32 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll [2012.03.29 15:44:26 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iesetup.dll [2012.03.29 15:44:29 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iesysprep.dll [2012.10.09 15:25:33 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll [2012.03.01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll [2012.03.29 15:44:23 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll [2012.03.29 15:44:26 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\inseng.dll [2011.11.11 10:04:05 | 000,208,208 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\SysWOW64\install1.dll [2012.10.09 15:25:33 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll [2012.10.09 15:25:33 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll [2012.10.09 15:25:33 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll [2012.03.29 15:44:26 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\licmgr10.dll [2012.07.17 14:49:00 | 000,209,648 | ---- | M] (Microsoft Corp.) -- C:\Windows\SysWOW64\LIVESSP.DLL [2012.04.18 11:29:20 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msclmd.dll [2012.10.09 15:25:33 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msfeeds.dll [2012.03.29 15:44:30 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msfeedsbs.dll [2012.10.09 15:25:33 | 012,319,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll [2012.10.09 15:25:33 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmled.dll [2012.03.29 15:44:29 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmler.dll [2012.04.07 13:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll [2012.03.29 15:44:33 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll [2012.03.29 15:44:31 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msrating.dll [2012.07.26 19:08:06 | 000,534,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp110.dll [2012.07.26 19:08:06 | 000,862,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr110.dll [2011.12.16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll [2012.06.06 07:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll [2012.06.06 07:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll [2012.06.02 06:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll [2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll [2012.10.01 12:37:53 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWOW64\npDeployJava1.dll [2011.11.17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll [2012.01.04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll [2012.06.29 05:37:00 | 002,422,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll [2012.06.29 05:37:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcompiler.dll [2012.06.29 05:37:00 | 007,699,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuda.dll [2012.06.29 05:37:00 | 001,865,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuvenc.dll [2012.06.29 05:37:00 | 002,573,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuvid.dll [2012.06.29 05:37:00 | 015,290,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll [2012.06.29 05:37:00 | 019,828,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvoglv32.dll [2012.06.29 05:37:00 | 012,388,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll [2012.03.29 15:44:23 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\occache.dll [2012.06.29 05:37:00 | 000,052,584 | ---- | M] (Khronos Group) -- C:\Windows\SysWOW64\OpenCL.dll [2011.11.19 16:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\packager.dll [2012.03.29 15:44:25 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pngfilt.dll [2012.10.09 15:23:35 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qdvd.dll [2011.10.26 06:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\quartz.dll [2012.02.17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rdpcore.dll [2012.06.02 06:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll [2012.06.02 06:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll [2012.07.28 03:09:02 | 000,057,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sirenacm.dll [2012.05.05 09:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll [2012.06.02 06:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll [2011.11.05 06:26:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tzres.dll [2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\SysWOW64\UpdSvc.dll [2012.10.09 15:25:32 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\url.dll [2012.10.09 15:25:32 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) -- C:\Windows\SysWOW64\uxtuneup.dll [2012.10.09 15:25:33 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll [2012.07.26 19:08:06 | 000,251,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vccorlib110.dll [2012.07.26 19:08:06 | 000,115,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vcomp110.dll [2012.03.29 15:44:25 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webcheck.dll [2011.11.17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll [2012.02.11 07:43:49 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\win32spl.dll [2012.10.01 12:37:53 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll [2012.10.09 15:25:33 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll [2012.03.01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll [2012.03.01 07:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmi.dll < End of report > |
![]() |
Themen zu Keine Rückmeldung und Freeze |
administrator, agent, anti-malware, autostart, dateien, desktop, explorer, firefox, forum, freeze, friert, gelöscht, install.exe, internet, keine rückmeldung, lösung, malwarebytes, microsoft, ordner, preferences, programm, rückmeldung, scan, seite, seiten, sekunden, software, user agent |