| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: kein zugriff auf Windows FirewallWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.03.2013, 00:42
| #1 |
| |  kein zugriff auf Windows Firewall hallo erstmal mir ist gestern aufgefallen das ich garkein zugriff mehr auf meine firewall habe jedoch weis ich nicht wie lange schon nur in letzter zeit läuft mein rechner auch nicht mehr wie er laufen soll ist langsamer geworden google chrom macht manchmal auch probleme startet nicht oder ändert einfach die home seite des weiteren habe ich auch in letzter zeit sehr häufig bluescreens ( vermute laufwerk defeckt da die bluescreens meistens dann kommen wenn ich spiele starte die auf der platte sind ) aber am wichtigsten ist das ich meine firewall wieder verwenden kann also die windows eigenne habe provisorisch von comodo die firewall installiert da in letzter zeit häufiger mal bei mir viren gefunden wurden habe ich auch noch alle da in der quarantäne ! jetzt mal meine daten : Win 7 ultimate 64-Bit AMD FX(tm)-4100 Quad-Core CPU @ 3.60 GHz 6 GB ram AMD Radeon HD 6850 500 GB interne festplatte da ich musiker bin und fast die gesamte fesplatte mit projekten voll ist suche ich nach eine möglichkeit es wieder zum laufen zu bekommen wenn möglich ohne Format . hoffe ihr könnt mir helfen danke schon mal im vorraus OTL Code:
ATTFilter OTL logfile created on: 02.03.2013 22:55:20 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\NeYoo\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 6.00 Gb Total Physical Memory | 4.07 Gb Available Physical Memory | 67.84% Memory free 11.99 Gb Paging File | 9.28 Gb Available in Paging File | 77.40% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 221.62 Gb Total Space | 50.88 Gb Free Space | 22.96% Space Free | Partition Type: NTFS Drive D: | 244.04 Gb Total Space | 74.95 Gb Free Space | 30.71% Space Free | Partition Type: NTFS Drive E: | 7.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS Drive F: | 630.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive G: | 931.51 Gb Total Space | 261.98 Gb Free Space | 28.12% Space Free | Partition Type: NTFS Drive Z: | 100.00 Mb Total Space | 69.93 Mb Free Space | 69.93% Space Free | Partition Type: NTFS Computer Name: NEYOO-PC | User Name: NeYoo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.03.02 22:53:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\NeYoo\Desktop\OTL.exe PRC - [2013.03.01 01:39:20 | 002,074,768 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe PRC - [2013.02.12 16:39:47 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.02.12 16:39:40 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.02.12 16:39:40 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2013.01.20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\NeYoo\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013.01.19 07:00:52 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.12.19 08:01:24 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.11.26 13:21:38 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe PRC - [2012.10.23 10:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2011.05.24 22:48:24 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe PRC - [2010.03.20 14:08:30 | 001,671,168 | ---- | M] (Hama GmbH & Co KG) -- C:\Program Files (x86)\Hama\Common\RaUI.exe PRC - [2009.12.10 12:16:10 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Hama\Common\RaRegistry.exe PRC - [2007.04.11 18:00:00 | 000,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\V0470Mon.exe ========== Modules (No Company Name) ========== MOD - [2013.02.21 06:23:44 | 000,459,728 | ---- | M] () -- C:\Users\NeYoo\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll MOD - [2013.02.21 06:23:42 | 004,050,896 | ---- | M] () -- C:\Users\NeYoo\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll MOD - [2013.02.21 06:22:51 | 000,596,944 | ---- | M] () -- C:\Users\NeYoo\AppData\Local\Google\Chrome\Application\25.0.1364.97\libglesv2.dll MOD - [2013.02.21 06:22:50 | 000,124,368 | ---- | M] () -- C:\Users\NeYoo\AppData\Local\Google\Chrome\Application\25.0.1364.97\libegl.dll MOD - [2013.02.21 06:22:48 | 001,552,848 | ---- | M] () -- C:\Users\NeYoo\AppData\Local\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll MOD - [2012.10.10 12:23:16 | 002,068,504 | ---- | M] () -- c:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll MOD - [2009.12.10 12:16:08 | 000,918,816 | ---- | M] () -- C:\Program Files (x86)\Hama\Common\RaWLAPI.dll ========== Services (SafeList) ========== SRV:64bit: - [2012.12.19 20:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2012.12.19 15:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2012.09.20 18:29:27 | 000,581,120 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\atwtusb.exe -- (WTService) SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.03.01 01:39:20 | 002,074,768 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater) SRV - [2013.02.25 01:50:18 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.02.12 16:39:47 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.02.12 16:39:40 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.01.19 07:00:52 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.12.20 17:34:20 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.12.19 08:01:24 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe -- (CLPSLauncher) SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.12.10 17:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012.11.26 18:35:10 | 000,745,368 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2012.11.26 13:21:38 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe -- (GeekBuddyRSP) SRV - [2012.11.13 01:43:39 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai) SRV - [2012.11.09 11:20:06 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.11.08 00:37:39 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2012.10.23 17:04:18 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.23 10:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012.10.10 12:24:19 | 002,309,656 | ---- | M] () [Disabled | Stopped] -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager) SRV - [2012.10.01 07:42:34 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2012.07.08 23:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2012.05.01 13:33:44 | 000,185,856 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV - [2012.02.08 00:12:04 | 000,097,552 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV - [2011.11.22 09:59:30 | 000,018,432 | ---- | M] () [Disabled | Stopped] -- C:\Users\NeYoo\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe -- (StumbleUponUpdater) SRV - [2011.11.15 07:24:00 | 004,644,168 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc) SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009.12.10 12:16:10 | 000,212,256 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Hama\Common\RaRegistry64.exe -- (RalinkRegistryWriter64) SRV - [2009.12.10 12:16:10 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Hama\Common\RaRegistry.exe -- (RalinkRegistryWriter) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.02.04 00:38:36 | 000,095,896 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe -- (SandraAgentSrv) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.12.19 21:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.12.19 20:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.12.12 07:39:37 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.12.12 07:39:37 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.11.06 12:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2012.09.24 08:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.09.12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012.06.05 15:03:52 | 000,147,288 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2012.05.12 11:31:00 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter) DRV:64bit: - [2012.04.25 11:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.04.04 15:12:22 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012.03.01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.12.07 18:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2011.11.01 12:14:34 | 000,051,016 | ---- | M] (Yamaha Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ymidusbx64.sys -- (YMIDUSBW) DRV:64bit: - [2011.08.11 07:54:16 | 000,104,560 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2011.07.06 11:12:50 | 000,367,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger) DRV:64bit: - [2010.06.25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2010.02.24 15:06:00 | 000,726,816 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.10.30 06:02:12 | 000,460,352 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amonusbu.sys -- (INFRASONIC_AMON) DRV:64bit: - [2009.10.30 06:02:10 | 000,049,728 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amonusba.sys -- (INFRASONIC_AMON_AUDIO) DRV:64bit: - [2009.10.30 06:02:10 | 000,031,296 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amonusbm.sys -- (AMONMIDI) DRV:64bit: - [2009.09.16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) DRV:64bit: - [2009.08.26 06:15:10 | 000,007,552 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\walvhid.sys -- (vhidmini) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2009.03.08 12:16:14 | 000,007,680 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\moufiltr.sys -- (moufiltr) DRV:64bit: - [2007.04.20 18:00:00 | 000,182,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0470Vid.sys -- (VF0470Vid) DRV - [2012.12.04 09:41:28 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD) DRV - [2012.04.09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2) DRV - [2012.04.09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV - [2012.04.04 11:01:57 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2012.04.04 11:01:40 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012.03.06 01:41:05 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2012.02.08 00:12:02 | 000,161,432 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x64\sandra.sys -- (SANDRA) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://isearch.claro-search.com/?affID=114164&tt=120812_bandext_3312_5&babsrc=HP_iclro&mntrId=aae529ee0000000000007a7905b474a6 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6F E2 DB 69 12 12 CE 01 [binary data] IE - HKCU\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://isearch.claro-search.com/?q={searchTerms}&affID=114164&tt=120812_bandext_3312_5&babsrc=SP_iclro&mntrId=aae529ee0000000000007a7905b474a6 IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={EFFBD412-814C-4CE0-A22F-FE0EF1CB7E8C}&mid=b215c247f3dd47d0b78e6b02803fc47e-e0341580397ef8544338e553758d0089824482db&lang=de&ds=AVG&pr=fr&d=2012-06-24 08:33:36&v=12.2.5.32&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb143/?search={searchTerms}&loc=IB_DS&a=6PQwKjVU1b&i=26 IE - HKCU\..\SearchScopes\{D1E5D1F4-0621-41ca-A9BF-19E709576795}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH IE - HKCU\..\SearchScopes\{D94F5390-9998-4b28-8F81-33D6F80B6A19}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV IE - HKCU\..\SearchScopes\{EC3BF093-D135-4b2e-970E-8CE21DB8A73B}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 109.111.236.114:8080 ========== FireFox ========== FF - prefs.js..CT2319825.browser.search.defaultthis.engineName: true FF - prefs.js..browser.search.defaultenginename: "Claro Search" FF - prefs.js..browser.search.order.1: "Claro Search" FF - prefs.js..browser.search.selectedEngine: "Winload Customized Web Search" FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=13" FF - prefs.js..extensions.enabledAddons: {1fc895a6-2042-46ec-a61b-233165b4c218}:1.2.5 FF - prefs.js..extensions.enabledAddons: printpdf@pavlov.net:0.76 FF - prefs.js..extensions.enabledAddons: printPages2Pdf@reinhold.ripper:0.1.8.0 FF - prefs.js..extensions.enabledAddons: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.2.2 FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.80.2 FF - prefs.js..extensions.enabledAddons: software@loadtubes.com:1.01 FF - prefs.js..extensions.enabledAddons: {40c3cc16-7269-4b32-9531-17f2950fb06f}:10.13.40.15 FF - prefs.js..extensions.enabledAddons: {b64982b1-d112-42b5-b1e4-d3867c4533f8}:2.3.787.43 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=2&q=" FF - prefs.js..network.proxy.backup.ftp: "109.111.236.114" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.socks: "109.111.236.114" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "109.111.236.114" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "109.111.236.114" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.http: "109.111.236.114" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "109.111.236.114" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.socks_version: 4 FF - prefs.js..network.proxy.ssl: "109.111.236.114" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 0 FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Claro Search" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ncsoft.com/Plugin: C:\Program Files (x86)\plaync\NCPlugin\npncllm3.dll (NCSOFT Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\NeYoo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\NeYoo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\PROGRA~2\MOZILL~1\plugins\NpFv530.dll (1 mal 1 Software GmbH) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.05.08 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.05.08 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.06.03 11:24:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.26 14:48:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.26 14:31:27 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.10.11 10:25:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.26 14:48:47 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.26 14:31:27 | 000,000,000 | ---D | M] [2012.06.05 15:21:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NeYoo\AppData\Roaming\mozilla\Extensions [2012.09.07 12:19:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NeYoo\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions [2012.05.25 19:08:41 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\NeYoo\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions\ffxtlbr@babylon.com [2012.09.07 12:19:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NeYoo\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions\staged [2012.12.06 18:18:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NeYoo\AppData\Roaming\mozilla\Firefox\Profiles\mp64elhd.default\extensions [2012.11.28 04:36:20 | 000,000,000 | ---D | M] (Winload) -- C:\Users\NeYoo\AppData\Roaming\mozilla\Firefox\Profiles\mp64elhd.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} [2012.11.28 04:36:22 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\NeYoo\AppData\Roaming\mozilla\Firefox\Profiles\mp64elhd.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2012.11.28 04:36:08 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\NeYoo\AppData\Roaming\mozilla\Firefox\Profiles\mp64elhd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012.10.23 17:33:26 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\NeYoo\AppData\Roaming\mozilla\Firefox\Profiles\mp64elhd.default\extensions\battlefieldplay4free@ea.com [2012.06.17 14:46:10 | 000,000,000 | ---D | M] (Print pages to PDF) -- C:\Users\NeYoo\AppData\Roaming\mozilla\Firefox\Profiles\mp64elhd.default\extensions\printPages2Pdf@reinhold.ripper [2012.09.10 16:45:33 | 000,000,000 | ---D | M] (loadtbs) -- C:\Users\NeYoo\AppData\Roaming\mozilla\Firefox\Profiles\mp64elhd.default\extensions\software@loadtubes.com [2012.06.28 17:30:11 | 000,000,000 | ---D | M] (StumbleUpon) -- C:\Users\NeYoo\AppData\Roaming\mozilla\Firefox\Profiles\mp64elhd.default\extensions\toolbar@stumbleupon.com [2012.05.10 23:58:53 | 000,086,818 | ---- | M] () (No name found) -- C:\Users\NeYoo\AppData\Roaming\mozilla\firefox\profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi [2012.06.17 14:28:16 | 000,009,644 | ---- | M] () (No name found) -- C:\Users\NeYoo\AppData\Roaming\mozilla\firefox\profiles\mp64elhd.default\extensions\printpdf@pavlov.net.xpi [2012.06.16 05:13:41 | 000,003,084 | ---- | M] () (No name found) -- C:\Users\NeYoo\AppData\Roaming\mozilla\firefox\profiles\mp64elhd.default\extensions\{1fc895a6-2042-46ec-a61b-233165b4c218}.xpi [2012.11.28 04:36:02 | 001,268,546 | ---- | M] () (No name found) -- C:\Users\NeYoo\AppData\Roaming\mozilla\firefox\profiles\mp64elhd.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012.11.28 04:36:02 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\NeYoo\AppData\Roaming\mozilla\firefox\profiles\mp64elhd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.08.14 01:21:12 | 000,002,224 | ---- | M] () -- C:\Users\NeYoo\AppData\Roaming\mozilla\firefox\profiles\mp64elhd.default\searchplugins\BabylonMngr.xml [2012.10.21 12:08:01 | 000,000,907 | ---- | M] () -- C:\Users\NeYoo\AppData\Roaming\mozilla\firefox\profiles\mp64elhd.default\searchplugins\conduit.xml [2012.08.14 01:20:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.08.14 01:20:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\ffxtlbr@babylon.com [2012.10.11 10:25:43 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.3.787.43\{16CDFF19-861D-48E3-A751-D99A27784753}\FIREFOXEXTENSION [2012.10.23 17:04:19 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.09.23 13:43:02 | 001,623,552 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll [2012.09.07 12:19:19 | 000,378,880 | ---- | M] (InfiniAd GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll [2012.04.21 02:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.30 17:55:32 | 000,003,769 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012.08.14 01:20:44 | 000,006,546 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012.04.21 02:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.04.21 02:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.04.21 02:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.04.21 02:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.04.21 02:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\NeYoo\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\NeYoo\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\NeYoo\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\NeYoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dll CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\NeYoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngnjhfpfhadncgafgbneeljaginimmmk\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\NeYoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngnjhfpfhadncgafgbneeljaginimmmk\10.11.21.5_0\plugins/np-cwmp.dll CHR - plugin: Flatcast Viewer Plugin 5.3.0.784 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv530.dll CHR - plugin: LoadTubes Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\NeYoo\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - Extension: iMacros for Chrome = C:\Users\NeYoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\6.0.1_0\ CHR - Extension: Web Assistant = C:\Users\NeYoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\ CHR - Extension: AdBlock = C:\Users\NeYoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\NeYoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Battlefield Play4Free = C:\Users\NeYoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.80.5_0\ CHR - Extension: Bitdefender QuickScan = C:\Users\NeYoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\ CHR - Extension: Settings Protector = C:\Users\NeYoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ CHR - Extension: StumbleUpon = C:\Users\NeYoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg\3.97.1_0\ O1 HOSTS File: ([2012.10.27 06:28:29 | 000,003,295 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 3dns.adobe.com O1 - Hosts: 127.0.0.1 3dns-1.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-5.adobe.com O1 - Hosts: 127.0.0.1 hh-software.com O1 - Hosts: 127.0.0.1 www.hh-software.com O1 - Hosts: 127.0.0.1 activate.adobe.de O1 - Hosts: 31 more lines... O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll () O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll () O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (StumbleUpon) - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\NeYoo\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (loadtbs) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\NeYoo\AppData\Roaming\loadtbs\toolbar.dll (InfiniAd GmbH) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32B29DF0-2237-4370-9A29-37CEBB730E9B} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (loadtbs) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\NeYoo\AppData\Roaming\loadtbs\toolbar.dll (InfiniAd GmbH) O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [AtwtusbIcon] C:\Windows\SysNative\AtwtusbIcon.exe () O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4:64bit: - HKLM..\Run: [LifeChat] C:\Program Files\Microsoft LifeChat\LifeChat.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [V0470Mon.exe] C:\Windows\V0470Mon.exe (Creative Technology Ltd.) O4 - HKCU..\Run: [BitTorrent] C:\Users\NeYoo\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.) O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD) O4 - HKCU..\Run: [Spotify] C:\Users\NeYoo\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - Startup: C:\Users\NeYoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\NeYoo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\NeYoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ubisoft register.lnk = C:\Program Files (x86)\Ubi Soft\Register\schedule.exe (Ubi Soft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = c:\directory\CyberGate\Svchost\server.exe O8:64bit: - Extra context menu item: Client auf Monitor & öffnen1 - C:\Windows\web\AOpenClient.htm File not found O8:64bit: - Extra context menu item: Client auf Monitor & öffnen2 - C:\Windows\web\AOpenClient.htm File not found O8 - Extra context menu item: Client auf Monitor & öffnen1 - C:\Windows\web\AOpenClient.htm File not found O8 - Extra context menu item: Client auf Monitor & öffnen2 - C:\Windows\web\AOpenClient.htm File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.80.2.cab (Battlefield Play4Free Updater) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C6F948A-C311-43FF-9BA1-F8B02BA14B7F}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBEBB18-EDB3-4C76-B32A-85B0FFEBE884}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C21DE961-A8A0-4DB0-B390-EA20517279FA}: DhcpNameServer = 7.254.254.254 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\livecall - No CLSID value found O18 - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll () O20 - AppInit_DLLs: (c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - File not found O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.11.08 00:20:51 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ] O32 - AutoRun File - [2011.11.08 00:20:50 | 006,346,752 | R--- | M] () - E:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2011.11.08 00:20:51 | 000,000,057 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2003.10.21 12:05:21 | 000,000,000 | ---D | M] - F:\Autorun -- [ CDFS ] O32 - AutoRun File - [2002.11.12 16:39:16 | 000,258,048 | R--- | M] (Blue Byte Software, Inc.) - F:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [2002.01.29 10:43:23 | 000,000,096 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{1804196c-7e3d-11e1-8af3-50e549d5c0e0}\Shell - "" = AutoRun O33 - MountPoints2\{1804196c-7e3d-11e1-8af3-50e549d5c0e0}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2002.11.12 16:39:16 | 000,258,048 | R--- | M] (Blue Byte Software, Inc.) O33 - MountPoints2\{e808a923-653f-11e1-8385-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{e808a923-653f-11e1-8385-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.11.08 00:20:50 | 006,346,752 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.02 22:53:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\NeYoo\Desktop\OTL.exe [2013.03.02 20:30:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle [2013.03.02 20:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle [2013.03.02 20:30:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle [2013.03.02 19:40:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubi Soft [2013.03.02 19:40:49 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blue Byte [2013.03.02 18:46:25 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Roaming\BitTorrent [2013.03.02 09:29:10 | 000,047,368 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll [2013.02.28 12:38:14 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Local\Spotify [2013.02.28 12:37:59 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Roaming\Spotify [2013.02.26 14:24:27 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\Documents\Calibre Bibliothek [2013.02.26 14:24:24 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Roaming\calibre [2013.02.26 14:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Calibre2 [2013.02.26 14:23:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management [2013.02.26 14:19:09 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\Desktop\Ebooks - How to Draw Manga [2013.02.25 16:25:27 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\Desktop\collab grind on limit [2013.02.25 07:44:24 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Roaming\SYSTEMAX Software Development [2013.02.25 07:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\SYSTEMAX Software Development [2013.02.25 07:44:10 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\Desktop\PaintToolSAI [2013.02.23 21:07:18 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battle Realms [2013.02.23 20:39:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Liquid Entertainment [2013.02.23 05:44:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nordic Games [2013.02.23 05:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nordic Games [2013.02.21 20:25:02 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\.android [2013.02.21 20:22:34 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\Desktop\Android [2013.02.19 19:55:08 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Roaming\Canneverbe Limited [2013.02.19 19:55:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2013.02.19 19:55:00 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP [2013.02.19 08:27:14 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Local\Vitalwerks [2013.02.19 08:27:13 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC [2013.02.19 08:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\No-IP [2013.02.19 07:58:17 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\Desktop\hacker tools [2013.02.15 19:11:43 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\Desktop\Neuer Ordner [2013.02.15 17:06:18 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Roaming\fltk.org [2013.02.13 02:07:21 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Local\Nemex [2013.02.13 02:06:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nemex [2013.02.13 02:06:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Recorder Pro [2013.02.03 03:05:32 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\Documents\Neuer Ordner [2013.02.03 02:41:22 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\AppData\Local\AionSpot [2013.02.03 02:26:45 | 000,000,000 | ---D | C] -- C:\Users\NeYoo\Desktop\AionSpot v.0.7.8 ========== Files - Modified Within 30 Days ========== [2013.03.02 22:53:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\NeYoo\Desktop\OTL.exe [2013.03.02 22:53:14 | 000,000,168 | ---- | M] () -- C:\Users\NeYoo\defogger_reenable [2013.03.02 22:24:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4067457819-1396378754-2532475534-1000UA.job [2013.03.02 20:30:11 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk [2013.03.02 20:25:42 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.02 20:25:42 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.02 20:20:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.02 20:20:17 | 534,945,791 | -HS- | M] () -- C:\hiberfil.sys [2013.03.02 19:51:05 | 000,000,769 | ---- | M] () -- C:\Users\NeYoo\Desktop\S4 - Verknüpfung.lnk [2013.03.02 19:42:58 | 000,002,102 | ---- | M] () -- C:\Users\NeYoo\Desktop\Ubi Soft Product Registration.lnk [2013.03.02 19:42:58 | 000,001,480 | ---- | M] () -- C:\Users\NeYoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ubisoft register.lnk [2013.03.02 18:48:34 | 000,000,889 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2013.03.02 16:35:22 | 005,385,474 | ---- | M] () -- C:\Users\NeYoo\Desktop\beat 119 (Grindversion) Leasing 20 $ mastered.mp3 [2013.03.02 15:48:34 | 001,135,749 | ---- | M] () -- C:\Users\NeYoo\Desktop\beat 117 (Grindversion) Leasing 20 $.mp3 [2013.03.02 14:04:34 | 000,008,192 | ---- | M] () -- C:\Users\NeYoo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.03.02 13:24:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4067457819-1396378754-2532475534-1000Core.job [2013.03.02 09:51:15 | 000,081,851 | ---- | M] () -- C:\Users\NeYoo\Desktop\Grind on limit facebook.jpg [2013.03.02 09:29:10 | 000,056,072 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll [2013.03.02 09:29:10 | 000,047,368 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll [2013.03.02 09:29:07 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk [2013.02.28 12:38:14 | 000,001,805 | ---- | M] () -- C:\Users\NeYoo\Desktop\Spotify.lnk [2013.02.27 13:32:29 | 028,612,770 | ---- | M] () -- C:\Users\NeYoo\Desktop\Grind On Limit 27.02.2013.zip [2013.02.27 10:56:15 | 024,326,858 | ---- | M] () -- C:\Users\NeYoo\Desktop\collab grind on limit.zip [2013.02.27 08:53:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.26 14:31:28 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.02.26 14:23:42 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk [2013.02.25 10:28:36 | 001,470,464 | ---- | M] () -- C:\Users\NeYoo\Documents\manga 1.sai [2013.02.25 07:44:10 | 000,000,606 | ---- | M] () -- C:\Users\Public\Desktop\PaintTool SAI Ver.1.lnk [2013.02.25 07:43:51 | 002,339,714 | ---- | M] () -- C:\Users\NeYoo\Desktop\sai-1.1.0-ful-en.exe [2013.02.25 04:00:33 | 002,803,300 | ---- | M] () -- C:\Users\NeYoo\Desktop\beat 115 (Grindversion) Leasing 20 $.zip [2013.02.25 01:46:06 | 560,433,263 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.02.23 05:44:53 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\SpellForce 2 Gold Edition.lnk [2013.02.22 13:04:15 | 076,324,864 | ---- | M] () -- C:\Users\NeYoo\Desktop\android-x86-2.2-r2-asus_laptop.iso [2013.02.20 01:23:53 | 047,755,292 | ---- | M] () -- C:\Users\NeYoo\Desktop\GrindOnLimit.com SoundKit Vol.1.rar [2013.02.20 00:05:35 | 000,009,487 | ---- | M] () -- C:\Users\NeYoo\Desktop\GrindOnLimit Stab.fst [2013.02.19 19:55:01 | 000,001,742 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2013.02.19 10:33:58 | 001,615,924 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.02.19 10:33:58 | 000,697,912 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.02.19 10:33:58 | 000,652,990 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.02.19 10:33:58 | 000,148,608 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.02.19 10:33:58 | 000,121,392 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.19 10:10:07 | 000,002,224 | ---- | M] () -- C:\Windows\Sandboxie.ini [2013.02.15 19:27:21 | 000,021,191 | ---- | M] () -- C:\Users\NeYoo\Desktop\Neuer Ordner.rar [2013.02.15 16:57:24 | 000,000,126 | ---- | M] () -- C:\Windows\kaillera.ini [2013.02.14 23:54:07 | 000,000,253 | ---- | M] () -- C:\Windows\n02.ini [2013.02.14 22:33:40 | 002,702,040 | ---- | M] () -- C:\Users\NeYoo\Desktop\PSX_BIOS.rar [2013.02.14 20:32:14 | 000,637,061 | ---- | M] () -- C:\Users\NeYoo\Desktop\Super Nintendo.rar [2013.02.14 08:15:53 | 001,944,036 | ---- | M] () -- C:\Users\NeYoo\Desktop\bann.png [2013.02.10 15:07:56 | 000,000,905 | ---- | M] () -- C:\Users\NeYoo\Documents\aionmemo_eba0fcc7.dat [2013.02.07 17:35:42 | 000,000,695 | ---- | M] () -- C:\Users\Public\Desktop\Gameforge Live.lnk ========== Files Created - No Company Name ========== [2013.03.02 22:53:14 | 000,000,168 | ---- | C] () -- C:\Users\NeYoo\defogger_reenable [2013.03.02 20:30:11 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk [2013.03.02 19:51:05 | 000,000,769 | ---- | C] () -- C:\Users\NeYoo\Desktop\S4 - Verknüpfung.lnk [2013.03.02 19:41:18 | 000,002,102 | ---- | C] () -- C:\Users\NeYoo\Desktop\Ubi Soft Product Registration.lnk [2013.03.02 19:41:18 | 000,001,480 | ---- | C] () -- C:\Users\NeYoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ubisoft register.lnk [2013.03.02 19:40:59 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll [2013.03.02 19:40:59 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll [2013.03.02 19:40:59 | 000,035,840 | R--- | C] () -- C:\Windows\SysWow64\comdlg32.oca [2013.03.02 19:40:58 | 000,029,184 | R--- | C] () -- C:\Windows\SysWow64\MSINET.oca [2013.03.02 18:48:34 | 000,000,889 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2013.03.02 15:46:50 | 001,135,749 | ---- | C] () -- C:\Users\NeYoo\Desktop\beat 117 (Grindversion) Leasing 20 $.mp3 [2013.03.02 14:31:24 | 005,385,474 | ---- | C] () -- C:\Users\NeYoo\Desktop\beat 119 (Grindversion) Leasing 20 $ mastered.mp3 [2013.03.02 09:48:07 | 000,081,851 | ---- | C] () -- C:\Users\NeYoo\Desktop\Grind on limit facebook.jpg [2013.03.02 09:29:07 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk [2013.02.28 12:38:14 | 000,001,805 | ---- | C] () -- C:\Users\NeYoo\Desktop\Spotify.lnk [2013.02.28 12:38:14 | 000,001,791 | ---- | C] () -- C:\Users\NeYoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2013.02.27 13:03:11 | 028,612,770 | ---- | C] () -- C:\Users\NeYoo\Desktop\Grind On Limit 27.02.2013.zip [2013.02.27 10:47:30 | 024,326,858 | ---- | C] () -- C:\Users\NeYoo\Desktop\collab grind on limit.zip [2013.02.26 14:31:28 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.02.26 14:31:27 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.02.26 14:23:42 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk [2013.02.25 18:36:23 | 002,977,792 | ---- | C] () -- C:\Users\NeYoo\Desktop\Battle_Realms_F.exe [2013.02.25 10:28:36 | 001,470,464 | ---- | C] () -- C:\Users\NeYoo\Documents\manga 1.sai [2013.02.25 07:44:10 | 000,000,636 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PaintTool SAI Ver.1.lnk [2013.02.25 07:44:10 | 000,000,606 | ---- | C] () -- C:\Users\Public\Desktop\PaintTool SAI Ver.1.lnk [2013.02.25 07:43:40 | 002,339,714 | ---- | C] () -- C:\Users\NeYoo\Desktop\sai-1.1.0-ful-en.exe [2013.02.25 06:51:19 | 003,593,728 | ---- | C] () -- C:\Windows\SysNative\AtwtusbIcon.exe [2013.02.25 06:36:00 | 000,019,244 | ---- | C] () -- C:\Windows\SysNative\Default.ini [2013.02.25 06:35:29 | 011,871,744 | ---- | C] () -- C:\Windows\SysNative\Control Panel_Betteryless.exe [2013.02.25 06:34:44 | 000,012,172 | ---- | C] () -- C:\Windows\SysNative\aiptbl.ini [2013.02.25 04:00:31 | 002,803,300 | ---- | C] () -- C:\Users\NeYoo\Desktop\beat 115 (Grindversion) Leasing 20 $.zip [2013.02.23 05:44:53 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\SpellForce 2 Gold Edition.lnk [2013.02.22 13:03:28 | 076,324,864 | ---- | C] () -- C:\Users\NeYoo\Desktop\android-x86-2.2-r2-asus_laptop.iso [2013.02.20 01:04:20 | 047,755,292 | ---- | C] () -- C:\Users\NeYoo\Desktop\GrindOnLimit.com SoundKit Vol.1.rar [2013.02.20 00:05:35 | 000,009,487 | ---- | C] () -- C:\Users\NeYoo\Desktop\GrindOnLimit Stab.fst [2013.02.19 19:55:01 | 000,001,742 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2013.02.19 19:55:01 | 000,001,692 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2013.02.15 19:27:21 | 000,021,191 | ---- | C] () -- C:\Users\NeYoo\Desktop\Neuer Ordner.rar [2013.02.15 00:02:58 | 000,000,126 | ---- | C] () -- C:\Windows\kaillera.ini [2013.02.14 23:52:07 | 000,000,253 | ---- | C] () -- C:\Windows\n02.ini [2013.02.14 22:33:36 | 002,702,040 | ---- | C] () -- C:\Users\NeYoo\Desktop\PSX_BIOS.rar [2013.02.14 20:32:14 | 000,637,061 | ---- | C] () -- C:\Users\NeYoo\Desktop\Super Nintendo.rar [2013.02.14 08:15:53 | 001,944,036 | ---- | C] () -- C:\Users\NeYoo\Desktop\bann.png [2013.01.13 01:16:03 | 000,154,283 | -H-- | C] () -- C:\Users\NeYoo\AppData\Roaming\NeYoo-wchelper.dll [2012.12.26 17:47:20 | 000,000,545 | ---- | C] () -- C:\Users\NeYoo\AppData\Roaming\All CPU MeterV3_Settings.ini [2012.12.26 17:46:20 | 000,000,292 | ---- | C] () -- C:\Users\NeYoo\AppData\Roaming\GPU MeterV2_Settings.ini [2012.12.06 17:08:09 | 000,000,132 | ---- | C] () -- C:\Users\NeYoo\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012.12.06 10:05:59 | 000,001,456 | ---- | C] () -- C:\Users\NeYoo\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2012.10.24 02:28:12 | 000,007,609 | ---- | C] () -- C:\Users\NeYoo\AppData\Local\Resmon.ResmonCfg [2012.10.23 18:08:58 | 002,484,592 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_p4f.exe [2012.10.07 19:10:58 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll [2012.08.14 01:01:14 | 000,000,532 | ---- | C] () -- C:\Users\NeYoo\AppData\Roaming\All CPU MeterV2_Settings.ini [2012.08.13 23:19:38 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll [2012.08.13 23:19:38 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat [2012.08.08 22:22:07 | 000,027,520 | ---- | C] () -- C:\Users\NeYoo\AppData\Local\dt.dat [2012.08.03 14:16:45 | 000,000,055 | ---- | C] () -- C:\Windows\SQ.INI [2012.07.12 19:01:04 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe [2012.07.12 19:01:04 | 000,002,323 | ---- | C] () -- C:\Windows\unins000.dat [2012.06.28 17:53:36 | 000,008,192 | ---- | C] () -- C:\Users\NeYoo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.06.15 02:23:04 | 307,477,677 | ---- | C] () -- C:\Users\NeYoo\AppData\Roaming\.minecraft NeYoo.rar [2012.06.15 01:32:56 | 360,218,519 | ---- | C] () -- C:\Users\NeYoo\AppData\Roaming\.minecraft.rar [2012.05.27 17:19:18 | 000,002,224 | ---- | C] () -- C:\Windows\Sandboxie.ini [2012.05.04 05:17:00 | 000,008,229 | ---- | C] () -- C:\Windows\aiptbl.ini [2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.04.27 14:12:24 | 001,589,268 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.04.04 12:22:19 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys [2012.04.04 12:21:35 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg [2012.04.04 12:21:30 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe [2012.03.31 02:44:58 | 000,281,120 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.03.31 02:44:56 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.03.11 14:50:45 | 011,304,960 | ---- | C] () -- C:\Users\NeYoo\AppData\Roaming\Sandra.mdb [2012.03.03 16:17:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.03.03 16:08:45 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2012.03.03 16:01:05 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2012.02.15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.02.15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2005.04.25 22:51:59 | 000,000,817 | -H-- | C] () -- C:\Users\NeYoo\AppData\Roaming\NeYoolog.dat ========== ZeroAccess Check ========== [2011.11.17 08:14:10 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{5ead51f5-3a5b-3339-21b8-03c4cfbb7187}\@ [2011.11.17 08:14:10 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{5ead51f5-3a5b-3339-21b8-03c4cfbb7187}\L [2012.11.13 06:05:47 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{5ead51f5-3a5b-3339-21b8-03c4cfbb7187}\U [2012.08.14 00:38:16 | 000,002,048 | -HS- | M] () -- C:\Users\NeYoo\AppData\Local\{5ead51f5-3a5b-3339-21b8-03c4cfbb7187}\@ [2011.11.17 08:14:10 | 000,000,000 | -HSD | M] -- C:\Users\NeYoo\AppData\Local\{5ead51f5-3a5b-3339-21b8-03c4cfbb7187}\L [2011.11.17 08:14:10 | 000,000,000 | -HSD | M] -- C:\Users\NeYoo\AppData\Local\{5ead51f5-3a5b-3339-21b8-03c4cfbb7187}\U [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "ThreadingModel" = Both "" = C:\Users\NeYoo\AppData\Local\{5ead51f5-3a5b-3339-21b8-03c4cfbb7187}\n. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.11.20 23:42:11 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\.minecraft [2012.11.13 21:50:21 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\.Nitrous [2013.01.13 01:24:52 | 000,000,000 | -H-D | M] -- C:\Users\NeYoo\AppData\Roaming\AAE529EE [2012.10.30 12:11:37 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Audacity [2012.06.24 07:34:56 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\AVG2012 [2012.05.25 19:08:21 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Babylon [2013.03.02 21:03:19 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\BitTorrent [2013.02.26 14:25:24 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\calibre [2013.02.19 19:55:08 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Canneverbe Limited [2013.01.30 10:48:53 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1 [2012.09.07 12:19:31 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\convert [2012.04.26 08:41:22 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Cool Record Edit Pro [2013.02.06 19:55:34 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\DAEMON Tools Lite [2012.11.14 00:07:32 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\dclogs [2013.03.02 20:22:25 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Dropbox [2012.08.14 01:20:22 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\ExpressFiles [2012.06.14 19:13:50 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\FileZilla [2013.02.15 17:06:18 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\fltk.org [2012.12.15 19:31:19 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Flux [2012.04.26 08:42:13 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Free Sound Recorder [2013.02.06 19:59:46 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\ImgBurn [2012.05.08 10:21:29 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Iminent [2012.08.14 05:14:42 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\iZotope [2012.12.31 08:18:48 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Kongregate [2012.09.07 12:19:31 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\loadtbs [2012.05.10 01:21:39 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\LolClient [2012.06.17 15:30:09 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\MAXON [2012.05.02 23:55:02 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\MoreTerra [2012.05.13 19:18:11 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\MotioninJoy [2012.05.12 06:52:01 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Need for Speed World [2012.10.07 17:43:07 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Notepad++ [2012.06.22 06:01:08 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\OpenOffice.org [2012.06.04 06:50:54 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Origin [2012.12.20 21:55:48 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Play withSIX [2012.08.03 14:13:32 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Psicraft [2012.06.07 04:07:16 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\PunkBuster [2012.12.02 07:57:49 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\QuickScan [2012.08.24 00:27:52 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\six-zsync [2012.05.02 00:25:07 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Smith Micro [2012.05.30 16:08:40 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Splashtop [2013.03.02 22:46:24 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Spotify [2012.06.01 21:37:18 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Steinberg [2012.12.22 23:44:06 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\SynthFont [2013.02.25 07:44:24 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\SYSTEMAX Software Development [2012.10.24 01:38:30 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\TeamViewer [2013.03.02 22:50:42 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\TS3Client [2013.03.02 22:05:34 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Tunngle [2012.11.20 19:38:57 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Ubisoft [2013.03.02 18:53:55 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\uTorrent [2012.07.20 18:42:39 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\Windows Live Writer [2012.05.25 19:08:19 | 000,000,000 | ---D | M] -- C:\Users\NeYoo\AppData\Roaming\YourFileDownloader ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84 < End of report > Code:
ATTFilter OTL Extras logfile created on: 02.03.2013 22:55:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\NeYoo\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6.00 Gb Total Physical Memory | 4.07 Gb Available Physical Memory | 67.84% Memory free
11.99 Gb Paging File | 9.28 Gb Available in Paging File | 77.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.62 Gb Total Space | 50.88 Gb Free Space | 22.96% Space Free | Partition Type: NTFS
Drive D: | 244.04 Gb Total Space | 74.95 Gb Free Space | 30.71% Space Free | Partition Type: NTFS
Drive E: | 7.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 630.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 931.51 Gb Total Space | 261.98 Gb Free Space | 28.12% Space Free | Partition Type: NTFS
Drive Z: | 100.00 Mb Total Space | 69.93 Mb Free Space | 69.93% Space Free | Partition Type: NTFS
Computer Name: NEYOO-PC | User Name: NeYoo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0BC62162-0022-4C0A-97E8-5B7FD50D1B7C}" = Magic Bullet Looks 64-bit
"{110C673D-E8C1-44C6-85D3-4BD29513FC88}" = Native Instruments Acoustic Refractions
"{116C20CC-0843-1FC0-2AE8-BD3535911B36}" = AMD Drag and Drop Transcoding
"{14C1DD2C-D54E-464A-9588-C109E3E39EEF}" = Native Instruments Vintage Organs
"{18369253-E53F-4A47-818E-082DFB950872}" = Yamaha USB-MIDI Driver
"{199c6b63-fcb2-49f4-9859-ff78ddd0bb90}" = Native Instruments Scarbee Clavinet Pianet
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java(TM) 7 Update 3 (64-bit)
"{30CAD3B3-7EF6-4087-2A50-97EF66966776}" = ATI AVIVO64 Codecs
"{3145731D-C578-70ED-899F-7A670D2A6662}" = AMD Fuel
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy Gamepad tool 0.7.1001
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.430
"{35DE6B98-31C9-4A01-AB64-20A3C71BE1D0}" = Native Instruments Reflektor
"{36ccb7d4-42c7-473e-b293-72e41a8ec766}" = Native Instruments Berlin Concert Grand
"{371B17C3-9624-4583-A497-DF980313D851}" = Native Instruments Absynth 5
"{43E7798A-248E-4A3D-9969-FEA63543A462}" = Native Instruments Kontakt 4
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{45da1e94-82eb-4778-be0d-47c8d9e8451b}" = Native Instruments Scarbee Mark I
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}" = AMD Media Foundation Decoders
"{4EE61784-10C6-4B7C-A0B2-5BED17B05741}" = Oracle VM VirtualBox 4.1.18
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{52931732-892F-4D54-A84A-3EDE25F9BCA2}" = Native Instruments Komplete 7
"{5B841301-3649-4891-BC10-7A66820397C9}" = Native Instruments Reaktor Prism
"{5cd7e481-59d1-4961-a964-019f162b1f27}" = Native Instruments Scarbee A-200
"{5D03CB59-6F91-4097-922C-9DCA057D2A76}" = Native Instruments The Finger R2
"{5E03A267-415E-5383-FA8F-3CE4145663B9}" = AMD Catalyst Install Manager
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FC09265-8AAD-410D-B88D-EBAA41327056}" = Native Instruments Scarbee Funk Guitarist
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60BB45B2-E8E4-41C5-B69F-C6DC5D991DF5}" = Native Instruments Abbey Road 60s Drums
"{66A4349A-AA55-43E5-A781-62867A701A90}" = MacroKey Manager
"{6BED4DFE-C527-463E-B93A-6F6848B74DD0}" = Native Instruments Battery 3
"{6D14F459-DA76-42A5-982F-CDE6BC7D64B2}" = Trapcode Form
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89EE4A30-080F-2C95-6F78-C98D18FBD74D}" = AMD Accelerated Video Transcoding
"{8C04CE01-F7B8-4961-884B-6CE7EFFADCD4}" = Native Instruments Reaktor Spark R2
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5 DEU Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9be187da-7d1c-4e8b-8b66-6132ca7697d8}" = Native Instruments New York Concert Grand
"{9CF11D16-ECEB-90A5-A028-CA9E068D848B}" = ccc-utility64
"{A2585A63-ADD2-3F54-9819-125E680CC7E1}" = Microsoft .NET Framework 4.5 DEU Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{a63e8179-0381-4b59-8876-0755be48eb6a}" = Native Instruments Scarbee MM-Bass
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2552FA6-86E3-410D-84AD-265C2242D410}" = Native Instruments FM8
"{BD198331-FF8A-4DEB-9F30-A0AC56625A3B}" = Microsoft LifeChat
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2012.SP2
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9BCE8B9-2510-48D4-B93A-EA7BEA81D6E7}" = Native Instruments Traktors 12
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{d2df14a3-bd71-48a2-b43b-2c77babe8b88}" = ProjectSAM Symphobia 2
"{D597935A-5F0E-44F8-A028-A0EF9C647D95}" = Native Instruments Rammfire
"{d8650fdb-9422-4a07-9f57-585c06d9d760}" = Native Instruments Upright Piano
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{dc8b9571-8363-44c2-85e0-ea13ab89d032}" = Native Instruments Vienna Concert Grand
"{E489BCB7-D57D-4751-AAB6-589AF66E2F7F}" = Trapcode Particular
"{E62381A7-B1C1-4121-8262-84D38C77786C}" = COMODO Internet Security
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F182D4FD-A16E-4B3E-8495-AF3FC28CA6DC}" = Trapcode Form
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"{FF600C37-6328-4348-A67A-3F85D8039604}" = Native Instruments Kore Player
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"CCleaner" = CCleaner
"Creative VF0470" = Creative Live! Cam Notebook Driver (1.00.03.0000)
"MAXON8C02D5E0" = CINEMA 4D 12.016
"RmTablet" = Macro Key Manager
"Sandboxie" = Sandboxie 3.64 (64-bit)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"USB_AUDIO_DEusb-audio.deAMON" = AMON USB ASIO driver
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{017F8447-2A1D-0DDB-B5D7-CA2BFACE2886}" = CCC Help French
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{054E9A1C-3EA2-C657-E787-FD8DCF5C3D3B}" = CCC Help Czech
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0E892FBB-0060-44C9-9E8C-017855956193}" = DBO_CT_TW
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1DE2BD51-0300-772D-5E18-F337D95D5687}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{224E185A-DCC7-45C5-B04D-77E6CE82D83E}_is1" = tConfig version 0.27.1
"{224E8FEB-5C1F-077F-6FC5-602AC1AE644D}" = CCC Help Danish
"{232A756D-E4B4-4779-9232-DFF5374FC334}_is1" = Vyzex MPK49
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{275E9C49-C72F-D754-DEB7-77F10A9C00D8}" = CCC Help Japanese
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{30049739-BE95-6591-B504-E6D7057D49CC}" = CCC Help Spanish
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{310CC2FA-5EC5-48B6-BB31-5551B78449BA}" = Play withSIX
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 vibration driver version 0.100
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3F1EB155-F96E-EB7B-2EF2-7375490E0FA9}" = CCC Help English
"{3FCC9F13-F01B-4D81-8919-ED9D8DB457E5}" = calibre
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{423C4130-EBC3-410A-B3A0-37BBF9D607D5}" = T-RackS 3 Deluxe
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0427.1
"{48A404E2-0A25-4CEF-AB87-8626BD1B0F2C}" = Flux_StereoTool
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4B023D7B-9E67-795D-FB31-B5E1F6DCA451}" = CCC Help Italian
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{4DAC7A70-AD1B-0946-8756-0C7F70D08329}" = WiMP 2.1.3
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{55F6C486-8C75-2A72-DAFE-CE78A624C9F7}" = CCC Help Russian
"{5AF23993-7152-1620-E43F-1B4542FB4F84}" = CCC Help Thai
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5E6ACA2E-60D5-461C-8FD3-04BA9C174B27}_is1" = Mouse Recorder Pro 1.3
"{5F7807CA-B1F1-4CB1-A519-A205D894A37D}" = Intel(R) C++ Redistributables for Windows* on IA-64
"{61563672-84C4-47A2-A037-B4322C38FFCE}" = Manga Studio EX 4.0
"{63326924-3CAF-C858-3A8F-8598C87019D7}" = AMD VISION Engine Control Center
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63822E89-11AA-F8EC-D433-F72A85799EC0}" = CCC Help Greek
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{66361420-4905-AEB8-17AE-172FDD164A7E}" = CCC Help Polish
"{671BFBC4-81B0-49B0-958F-765670D7E10A}" = Knoll Light Factory Photo 32 bit
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6D41D942-A057-47EE-8492-CF1E1000B86B}" = SpellForce 2 Gold
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}" = PCMark 7
"{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}" = Catalyst Control Center InstallProxy
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play Version 1.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85CE9026-C02A-46B4-B08C-4C77CCCC54FF}" = Windows Live Family Safety
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{8773DD1C-5FB2-95B5-5A93-0EFEAC900A4D}" = CCC Help Norwegian
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8CCBB0BF-9CC1-1A65-BB93-56012A460EE6}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA761E6-CA51-4FF2-A552-D51638BF0595}" = Battle Realms
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.0 "Legend"
"{A03DF2C3-F14C-4819-A328-77FA66B811CF}" = GeekBuddy
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A0A3CE05-96CB-52E9-434E-074F3BB7807E}" = CCC Help Turkish
"{A48CE6DE-1E75-EBE2-8EF7-6E6EA51962AC}" = HydraVision
"{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}" = Adobe Dreamweaver CS6
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9C64319-932F-D02B-B14C-FFFC3EC49E77}" = CCC Help Chinese Standard
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}" = Nero Multimedia Suite 10 Essentials
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C09DB932-7619-7B56-30E3-C0454811D6D7}" = CCC Help Korean
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C22A4697-BD77-ACB1-744F-1FD0A0BFF798}" = CCC Help Swedish
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D4B457B2-260F-C561-CA87-703BD3B724CA}" = Catalyst Control Center Graphics Previews Common
"{D6CDB506-297D-AE70-0EF6-DE5185F961BE}" = CCC Help Chinese Traditional
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{E82097B9-A3B8-404A-9A92-AC16A8AC9576}" = Adobe After Effects CS5.5
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Hama Wireless LAN Adapter
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ECFD508E-68A2-91B2-46DD-1D03D783D94B}" = Catalyst Control Center Localization All
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EDE361D5-35A5-DA7D-3462-C3DABD24029B}" = CCC Help Hungarian
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E7DD6A-AE2D-D706-BEB3-937F76CA6AE9}" = CCC Help Finnish
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F56F54DD-BCB2-1221-2CB7-E983A5CF9D15}" = CCC Help Dutch
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"apEQ" = apEQ 1.3.0
"Ares" = Ares 2.1.8
"ASIO4ALL" = ASIO4ALL
"aTube Catcher" = aTube Catcher
"Audacity_is1" = Audacity 2.0.2
"Avira AntiVir Desktop" = Avira Free Antivirus
"BattlEye for OA" = BattlEye for OA Uninstall
"BitTorrent" = BitTorrent
"Blue Byte Game Channel" = Blue Byte Game Channel
"CCleaner Professional v3.17.1689 Full" = CCleaner Professional v3.17.1689 Full
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1" = WiMP 2.1.3
"Comodo Dragon" = Comodo Dragon
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"DMO" = GDMO
"Edirol HQ Orchestral VSTi v1.03" = Edirol HQ Orchestral VSTi v1.03
"eLicenser Control" = eLicenser Control
"EVE" = [translation missing: EVERemoveOnly]
"FL Studio 10" = FL Studio 10
"Flatcast Viewer 5.3_is1" = Flatcast Viewer Plugin 5.3.0.784
"Fraps" = Fraps (remove only)
"Game Booster_is1" = Game Booster
"GameSpy Arcade" = GameSpy Arcade
"HaaliMkx" = Haali Media Splitter
"IL Download Manager" = IL Download Manager
"ImgBurn" = ImgBurn
"InstallShield_{0BC62162-0022-4C0A-97E8-5B7FD50D1B7C}" = Magic Bullet Looks 64-bit
"InstallShield_{18369253-E53F-4A47-818E-082DFB950872}" = Yamaha USB-MIDI Driver
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0427.1
"InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}" = MacroKey Manager
"InstallShield_{671BFBC4-81B0-49B0-958F-765670D7E10A}" = Knoll Light Factory Photo 32 bit
"InstallShield_{6D14F459-DA76-42A5-982F-CDE6BC7D64B2}" = Trapcode Form
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"InstallShield_{E489BCB7-D57D-4751-AAB6-589AF66E2F7F}" = Trapcode Particular
"InstallShield_{F182D4FD-A16E-4B3E-8495-AF3FC28CA6DC}" = Trapcode Form
"loadtbs-3.0" = loadtbs-3.0
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Abbey Road 60s Drums" = Native Instruments Abbey Road 60s Drums
"Native Instruments Absynth 5" = Native Instruments Absynth 5
"Native Instruments Acoustic Refractions" = Native Instruments Acoustic Refractions
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Berlin Concert Grand" = Native Instruments Berlin Concert Grand
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Komplete 7" = Native Instruments Komplete 7
"Native Instruments Kontakt 4" = Native Instruments Kontakt 4
"Native Instruments Kore Player" = Native Instruments Kore Player
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments New York Concert Grand" = Native Instruments New York Concert Grand
"Native Instruments Rammfire" = Native Instruments Rammfire
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Reaktor Prism" = Native Instruments Reaktor Prism
"Native Instruments Reaktor Spark R2" = Native Instruments Reaktor Spark R2
"Native Instruments Reflektor" = Native Instruments Reflektor
"Native Instruments Scarbee A-200" = Native Instruments Scarbee A-200
"Native Instruments Scarbee Clavinet Pianet" = Native Instruments Scarbee Clavinet Pianet
"Native Instruments Scarbee Funk Guitarist" = Native Instruments Scarbee Funk Guitarist
"Native Instruments Scarbee Mark I" = Native Instruments Scarbee Mark I
"Native Instruments Scarbee MM-Bass" = Native Instruments Scarbee MM-Bass
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments The Finger R2" = Native Instruments The Finger R2
"Native Instruments Traktors 12" = Native Instruments Traktors 12
"Native Instruments Upright Piano" = Native Instruments Upright Piano
"Native Instruments Vienna Concert Grand" = Native Instruments Vienna Concert Grand
"Native Instruments Vintage Organs" = Native Instruments Vintage Organs
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"NCLauncher_GameForge" = NC Launcher (GameForge)
"NCLauncher_plaync" = NCLauncher (plaync)
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"ntfslink_is1" = NTFS Link 2.1
"PaintToolSAI" = PaintTool SAI Ver.1
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"Pianissimo" = Pianissimo
"PremiumSoft Navicat for MySQL_is1" = PremiumSoft Navicat 10.1 for MySQL
"ProjectSAM Symphobia 2" = ProjectSAM Symphobia 2
"PunkBusterSvc" = PunkBuster Services
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"Rob Papen Albino 3" = Rob Papen Albino 3
"S3" = Die Siedler III Gold Edition
"S4Uninst" = Die Siedler IV
"SpellForce" = SpellForce
"Steam App 105600" = Terraria
"Steam App 113400" = APB Reloaded
"Steam App 205930" = Hitman: Sniper Challenge
"Steam App 219540" = ARMA 2: Operation Arrowhead Beta
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 6860" = Hitman: Blood Money
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steinberg Hypersonic VSTi DXi_is1" = Steinberg Hypersonic VSTi DXi v2.0
"SubBoomBass_is1" = Rob Papen SubBoomBass 1.0.5 64Bits
"SysInfo" = Creative-Systeminformationen
"TeamViewer 7" = TeamViewer 7
"Terraria Game Launcher GUI_is1" = Terraria Game Launcher GUI version 1.2.2
"Tone2 Firebird VSTi v1.2.1" = Tone2 Firebird VSTi v1.2.1
"Tone2 Gladiator VSTi_is1" = Tone2 Gladiator VSTi v2.2
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"Viena" = Viena
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"d8be6c3f847d7d92" = Ghost Recon Online
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.02.2013 13:31:20 | Computer Name = NeYoo-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Battle_Realms_F.exe, Version: 0.0.0.0,
Zeitstempel: 0x3d6e4eb1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002dfe4 ID des fehlerhaften
Prozesses: 0x1a08 Startzeit der fehlerhaften Anwendung: 0x01ce137debe900a2 Pfad der
fehlerhaften Anwendung: D:\Spiele\Battle Realms\Battle Realms\Battle_Realms_F.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 2ab60384-7f71-11e2-beb6-cd7a8df51762
Error - 25.02.2013 13:33:30 | Computer Name = NeYoo-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Battle_Realms_F.exe, Version: 0.0.0.0,
Zeitstempel: 0x3d6e4eb1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002dfe4 ID des fehlerhaften
Prozesses: 0xe0c Startzeit der fehlerhaften Anwendung: 0x01ce137e37a9be66 Pfad der
fehlerhaften Anwendung: D:\Spiele\Battle Realms\Battle Realms\Battle_Realms_F.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 78197aea-7f71-11e2-beb6-cd7a8df51762
Error - 25.02.2013 13:35:00 | Computer Name = NeYoo-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Battle_Realms_F.exe, Version: 0.0.0.0,
Zeitstempel: 0x3d6e4eb1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002dfe4 ID des fehlerhaften
Prozesses: 0x13c4 Startzeit der fehlerhaften Anwendung: 0x01ce137e6d2c579b Pfad der
fehlerhaften Anwendung: D:\Spiele\Battle Realms\Battle Realms\Battle_Realms_F.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: adb568dd-7f71-11e2-beb6-cd7a8df51762
Error - 26.02.2013 03:02:41 | Computer Name = NeYoo-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Gw2.exe, Version: 1.0.0.1, Zeitstempel:
0x512552ed Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0xc355c4ba ID des fehlerhaften Prozesses:
0x1b3c Startzeit der fehlerhaften Anwendung: 0x01ce133b36831b9a Pfad der fehlerhaften
Anwendung: D:\Spiele\Gildwars 2\Beta download\Gw2.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 82709911-7fe2-11e2-beb6-cd7a8df51762
Error - 26.02.2013 06:19:35 | Computer Name = NeYoo-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Gw2.exe, Version: 1.0.0.1, Zeitstempel:
0x512552ed Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x753ec9f1 ID des fehlerhaften Prozesses:
0x193c Startzeit der fehlerhaften Anwendung: 0x01ce13f6ca840f1a Pfad der fehlerhaften
Anwendung: D:\Spiele\Gildwars 2\Beta download\Gw2.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 041b556e-7ffe-11e2-beb6-cd7a8df51762
Error - 26.02.2013 08:19:43 | Computer Name = NeYoo-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Gw2.exe, Version: 1.0.0.1, Zeitstempel:
0x512552ed Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x4a659d1d ID des fehlerhaften Prozesses:
0x1930 Startzeit der fehlerhaften Anwendung: 0x01ce140e1756bf29 Pfad der fehlerhaften
Anwendung: D:\Spiele\Gildwars 2\Beta download\Gw2.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: cc78269b-800e-11e2-beb6-cd7a8df51762
Error - 26.02.2013 13:10:46 | Computer Name = NeYoo-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Battle_Realms_F.exe, Version: 0.0.0.0,
Zeitstempel: 0x3d6e4eb1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002dfe4 ID des fehlerhaften
Prozesses: 0xc40 Startzeit der fehlerhaften Anwendung: 0x01ce1444329aff5e Pfad der
fehlerhaften Anwendung: D:\Spiele\Battle Realms\Battle Realms\Battle_Realms_F.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 7512a16f-8037-11e2-beb6-cd7a8df51762
Error - 28.02.2013 13:11:05 | Computer Name = NeYoo-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Battle_Realms_F.exe, Version: 0.0.0.0,
Zeitstempel: 0x3d6e4eb1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002dfe4 ID des fehlerhaften
Prozesses: 0x1138 Startzeit der fehlerhaften Anwendung: 0x01ce15d68f7cbba6 Pfad der
fehlerhaften Anwendung: D:\Spiele\Battle Realms\Battle Realms\Battle_Realms_F.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: d5a84bd8-81c9-11e2-8fdc-8eaa7e95fb18
Error - 02.03.2013 12:05:13 | Computer Name = NeYoo-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Gw2Minion_Launcher.exe, Version:
0.0.0.0, Zeitstempel: 0x50f2fb2d Name des fehlerhaften Moduls: MSVCR100.dll, Version:
10.0.40219.325, Zeitstempel: 0x4df2be1e Ausnahmecode: 0x40000015 Fehleroffset: 0x0008d6fd
ID
des fehlerhaften Prozesses: 0x1db8 Startzeit der fehlerhaften Anwendung: 0x01ce175fab349058
Pfad
der fehlerhaften Anwendung: D:\Spiele\Gildwars 2\Beta download\GW2Minion\Gw2Minion_Launcher.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\MSVCR100.dll Berichtskennung: f69ed322-8352-11e2-861c-ac2402383e1f
Error - 02.03.2013 12:06:45 | Computer Name = NeYoo-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Gw2Minion_Launcher.exe, Version:
0.0.0.0, Zeitstempel: 0x50f2fb2d Name des fehlerhaften Moduls: MSVCR100.dll, Version:
10.0.40219.325, Zeitstempel: 0x4df2be1e Ausnahmecode: 0x40000015 Fehleroffset: 0x0008d6fd
ID
des fehlerhaften Prozesses: 0x18a8 Startzeit der fehlerhaften Anwendung: 0x01ce175fc515b2da
Pfad
der fehlerhaften Anwendung: D:\Spiele\Gildwars 2\Beta download\GW2Minion\Gw2Minion_Launcher.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\MSVCR100.dll Berichtskennung: 2d6d0402-8353-11e2-861c-ac2402383e1f
Error - 02.03.2013 17:05:37 | Computer Name = NeYoo-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Tunngle.exe, Version: 4.4.3.1, Zeitstempel:
0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16850,
Zeitstempel: 0x4e211485 Ausnahmecode: 0x0eedfade Fehleroffset: 0x0000b9bc ID des fehlerhaften
Prozesses: 0x18ec Startzeit der fehlerhaften Anwendung: 0x01ce17878f108288 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Tunngle\Tunngle.exe Pfad des fehlerhaften
Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: ede259e4-837c-11e2-95be-bc30863db86e
[ System Events ]
Error - 02.03.2013 17:35:42 | Computer Name = NeYoo-Pc | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.03.2013 17:37:43 | Computer Name = NeYoo-Pc | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.03.2013 17:39:44 | Computer Name = NeYoo-Pc | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.03.2013 17:42:35 | Computer Name = NeYoo-Pc | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.03.2013 17:44:02 | Computer Name = NeYoo-Pc | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.03.2013 17:47:50 | Computer Name = NeYoo-Pc | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.03.2013 17:48:56 | Computer Name = NeYoo-Pc | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.03.2013 17:50:27 | Computer Name = NeYoo-Pc | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.03.2013 17:52:29 | Computer Name = NeYoo-Pc | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 02.03.2013 17:56:06 | Computer Name = NeYoo-Pc | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
< End of report >
Geändert von NeYoo (03.03.2013 um 00:48 Uhr) |
|
03.03.2013, 12:53
| #2 | |
| /// TB-Ausbilder  | kein zugriff auf Windows FirewallZitat:
Supportstopp  Lesestoff:Cracks und Keygens Den Kopierschutz von Software zu umgehen ist nach geltendem Recht illegal. Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert. Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle nicht weiter bereinigen, da wir ein solches Vorgehen nicht unterstützen. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen. Unsere Hilfe beschränkt sich daher nur auf das Neuaufsetzen und Absichern deines Systems. Fragen dazu beantworten wir dir aber weiterhin gerne und zwar in unserem Forum.
__________________ |
|
| Themen zu kein zugriff auf Windows Firewall |
| adobe after effects, antivir, avira, bho, browser, browser manager, cubase, error, festplatte, firefox, flash player, format, google, helper, home, install.exe, jdownloader, logfile, mozilla, msvcrt, nexus, no-ip, ntdll.dll, object, plug-in, realtek, rundll, scan, security, server, spark, svchost, teamspeak, viren, virtualbox, visual studio, windows |
Linear-Darstellung
