Zurück   Trojaner-Board > Web/PC > Netzwerk und Hardware
Windows 7 - PC friert unregelmäßig ein

Windows 7 - PC friert unregelmäßig ein


Netzwerk und Hardware: Windows 7 - PC friert unregelmäßig ein

Windows 7 Hilfe zu Motherboards, CPUs, Lüfter, Raid-Controller, Digitalkameras, Treiber usw. Bitte alle relevanten Angaben zur Hardware machen. Welche Hardware habe ich? Themen zum Trojaner Entfernen oder Viren Beseitigung bitte in den Bereinigungsforen des Trojaner-Boards posten.

Antwort
Alt 02.05.2013, 16:58   #1
Core70
 
Windows 7 - PC friert unregelmäßig ein - Standard

Windows 7 - PC friert unregelmäßig ein


Hallo,

da ich seit Monaten jetzt ein Problem damit habe habe ich mich endlich dazu entschieden mal wo anders Hilfe zu holen, die ich hier hoffentlich auch bekomme. Ich habe ein Win7 Rechner, 64bit mit einem etwas älteren Dualcore Prozessor, der Rest sollte glaube ich irrelevant sein. Jedenfalls friert der PC in unregelmäßigen Abständen für ein paar Sekunden ein (2-3 Sekunden jedes Mal, wo auch z.B. die Musik anfängt zu ruckeln) und komischerweise meine Internetverbindung für diesen Zeitraum gekappt wird. Im Anhang ist ein Screenshot wo dies auch in einem Fehlerbericht zu sehen ist, den man unter Start, Computer -> Rechtsklick -> Verwalten findet. In diesem System Protokoll sind mittlerweile mehr als 73.000!! dieser Meldungen. Im Task-Manager ist kein Task dafür verantwortlich da diese alle in diesem Zeitraum keine auffällige Auslastung haben, bzw. normal bleiben. Wenn ich mir die Prozessor Temperatur ansehe, steigt diese lediglich um 2-3 Grad jedes Mal und normalisiert sich dann wieder.

Wenn ich es nicht besser wüsste würde ich sagen, dass ein neuer Prozessor her muss?

Danke im Vorraus!

lg, Gary
Angehängte Grafiken
Dateityp: jpg problem1.jpg (144,2 KB, 321x aufgerufen)

Alt 02.05.2013, 18:17   #2
Core70
 
Windows 7 - PC friert unregelmäßig ein - Standard

Windows 7 - PC friert unregelmäßig ein


Hier sind einige Logs aus verschiedenen Programmen, und bei einem fiel mir auch etwas sehr verdächtiges auf:


Code:
ATTFilter
Farbar Service Scanner Version: 14-04-2013
Ran by Gary (administrator) on 02-05-2013 at 18:17:37
Running from "C:\Users\Gary\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache: "%SystemRoot%\System32\poua4ksfr.dll".


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
Code:
ATTFilter
DLL im Lanmanworkstation Schlüssel: %SystemRoot%\System32\wkssvc.dll
Geladene DLL: C:\Windows\System32\wkssvc.dll
Signatur der DLL: Microsoft Windows
Rückgabe der Signaturermittlung: Der Vorgang wurde erfolgreich beendet.
MD5 der DLL: 851A1382EED3E3A7476DB004F4EE3E1A

DLL im Dnscache Schlüssel: %SystemRoot%\System32\poua4ksfr.dll
Geladene DLL: C:\Windows\System32\poua4ksfr.dll
Signatur der DLL: 
Rückgabe der Signaturermittlung: Das System kann die angegebene Datei nicht finden.
MD5 der DLL: 


Die im Dnscache Schlüssel angegebene DLL konnte nicht gefunden werden!
Auf ihrem Rechner wurde eine Datei gefunden, die auf eine Infektion mit einem 
Mediyes Trojaner hindeuten könnte!
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 02.05.2013 18:17:08 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Gary\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00001007 | Country: Luxemburg | Language: DEL | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 3,12 Gb Available Physical Memory | 51,93% Memory free
12,00 Gb Paging File | 8,66 Gb Available in Paging File | 72,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 140,08 Gb Free Space | 30,08% Space Free | Partition Type: NTFS
 
Computer Name: GARY-PC | User Name: Gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.05.02 18:14:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
PRC - [2013.03.28 05:08:58 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.28 05:08:49 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.28 05:08:49 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.02.16 21:32:34 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013.02.09 19:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.09.10 16:58:16 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012.08.29 14:00:12 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012.08.27 21:32:54 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012.08.13 12:11:44 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 12:11:44 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2011.11.11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011.07.11 23:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.05.02 16:37:53 | 000,204,800 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\winamp.lng
MOD - [2013.05.02 16:37:53 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\winampa.lng
MOD - [2013.05.02 16:37:52 | 000,155,648 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\vis_milk2.lng
MOD - [2013.05.02 16:37:52 | 000,088,064 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\vis_avs.lng
MOD - [2013.05.02 16:37:52 | 000,039,424 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_wifi.lng
MOD - [2013.05.02 16:37:52 | 000,007,680 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\vis_nsfs.lng
MOD - [2013.05.02 16:37:52 | 000,006,144 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\tagz.lng
MOD - [2013.05.02 16:37:51 | 000,056,320 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_local.lng
MOD - [2013.05.02 16:37:51 | 000,047,104 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_pmp.lng
MOD - [2013.05.02 16:37:51 | 000,036,864 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_ipod.lng
MOD - [2013.05.02 16:37:51 | 000,036,352 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ombrowser.lng
MOD - [2013.05.02 16:37:51 | 000,034,816 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_plg.lng
MOD - [2013.05.02 16:37:51 | 000,020,480 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_android.lng
MOD - [2013.05.02 16:37:51 | 000,016,384 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\out_ds.lng
MOD - [2013.05.02 16:37:51 | 000,014,848 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_wire.lng
MOD - [2013.05.02 16:37:51 | 000,014,336 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_online.lng
MOD - [2013.05.02 16:37:51 | 000,012,800 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_playlists.lng
MOD - [2013.05.02 16:37:51 | 000,011,776 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_usb.lng
MOD - [2013.05.02 16:37:51 | 000,008,192 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_transcode.lng
MOD - [2013.05.02 16:37:51 | 000,007,680 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\out_wave.lng
MOD - [2013.05.02 16:37:51 | 000,006,144 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\out_disk.lng
MOD - [2013.05.02 16:37:51 | 000,005,120 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_rg.lng
MOD - [2013.05.02 16:37:51 | 000,004,608 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_activesync.lng
MOD - [2013.05.02 16:37:51 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_p4s.lng
MOD - [2013.05.02 16:37:51 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_orb.lng
MOD - [2013.05.02 16:37:51 | 000,003,584 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_njb.lng
MOD - [2013.05.02 16:37:51 | 000,003,584 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_nowplaying.lng
MOD - [2013.05.02 16:37:51 | 000,003,072 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\playlist.lng
MOD - [2013.05.02 16:37:50 | 000,047,616 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_disc.lng
MOD - [2013.05.02 16:37:50 | 000,023,040 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_mp3.lng
MOD - [2013.05.02 16:37:50 | 000,020,480 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_midi.lng
MOD - [2013.05.02 16:37:50 | 000,018,944 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_mod.lng
MOD - [2013.05.02 16:37:50 | 000,015,360 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_wm.lng
MOD - [2013.05.02 16:37:50 | 000,014,336 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_cdda.lng
MOD - [2013.05.02 16:37:50 | 000,011,776 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_nsv.lng
MOD - [2013.05.02 16:37:50 | 000,011,776 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_skinmanager.lng
MOD - [2013.05.02 16:37:50 | 000,011,264 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_vorbis.lng
MOD - [2013.05.02 16:37:50 | 000,010,752 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_undo.lng
MOD - [2013.05.02 16:37:50 | 000,010,240 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_timerestore.lng
MOD - [2013.05.02 16:37:50 | 000,009,728 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_downloads.lng
MOD - [2013.05.02 16:37:50 | 000,009,216 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_nopro.lng
MOD - [2013.05.02 16:37:50 | 000,008,704 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_history.lng
MOD - [2013.05.02 16:37:50 | 000,008,704 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_devices.lng
MOD - [2013.05.02 16:37:50 | 000,008,192 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_tray.lng
MOD - [2013.05.02 16:37:50 | 000,007,168 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_orgler.lng
MOD - [2013.05.02 16:37:50 | 000,006,656 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_autotag.lng
MOD - [2013.05.02 16:37:50 | 000,006,656 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_wav.lng
MOD - [2013.05.02 16:37:50 | 000,006,656 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_dshow.lng
MOD - [2013.05.02 16:37:50 | 000,005,632 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_wave.lng
MOD - [2013.05.02 16:37:50 | 000,005,632 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_flac.lng
MOD - [2013.05.02 16:37:50 | 000,005,120 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_impex.lng
MOD - [2013.05.02 16:37:50 | 000,005,120 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_bookmarks.lng
MOD - [2013.05.02 16:37:50 | 000,005,120 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_mp4.lng
MOD - [2013.05.02 16:37:50 | 000,005,120 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_avi.lng
MOD - [2013.05.02 16:37:50 | 000,004,608 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_enqplay.lng
MOD - [2013.05.02 16:37:50 | 000,004,608 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_wv.lng
MOD - [2013.05.02 16:37:50 | 000,004,608 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_mkv.lng
MOD - [2013.05.02 16:37:50 | 000,003,584 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_addons.lng
MOD - [2013.05.02 16:37:50 | 000,003,584 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_swf.lng
MOD - [2013.05.02 16:37:50 | 000,003,584 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_linein.lng
MOD - [2013.05.02 16:37:50 | 000,003,584 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_flv.lng
MOD - [2013.05.02 16:37:49 | 000,069,120 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\burnlib.lng
MOD - [2013.05.02 16:37:49 | 000,041,984 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_jumpex.lng
MOD - [2013.05.02 16:37:49 | 000,023,552 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_classicart.lng
MOD - [2013.05.02 16:37:49 | 000,023,040 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_ff.lng
MOD - [2013.05.02 16:37:49 | 000,021,504 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_ml.lng
MOD - [2013.05.02 16:37:49 | 000,013,824 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\dsp_sps.lng
MOD - [2013.05.02 16:37:49 | 000,011,264 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_hotkeys.lng
MOD - [2013.05.02 16:37:49 | 000,010,752 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\auth.lng
MOD - [2013.05.02 16:37:49 | 000,007,168 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_crasher.lng
MOD - [2013.05.02 16:37:49 | 000,006,656 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\enc_fhgaac.lng
MOD - [2013.05.02 16:37:49 | 000,006,144 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\enc_wma.lng
MOD - [2013.05.02 16:37:49 | 000,005,632 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\enc_lame.lng
MOD - [2013.05.02 16:37:49 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_find_on_disk.lng
MOD - [2013.05.02 16:37:49 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\enc_wav.lng
MOD - [2013.05.02 16:37:49 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\enc_vorbis.lng
MOD - [2013.05.02 16:37:49 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\enc_flac.lng
MOD - [2012.08.10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.11.11 14:08:18 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
MOD - [2011.11.11 14:08:18 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
MOD - [2011.11.11 14:08:18 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
MOD - [2011.11.11 14:08:18 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
MOD - [2011.11.11 14:08:06 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.09.07 04:15:34 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s
MOD - [2011.09.07 04:15:34 | 000,174,080 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\auth.w5s
MOD - [2011.09.07 04:15:34 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s
MOD - [2011.09.07 04:15:34 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s
MOD - [2011.09.07 04:15:34 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s
MOD - [2011.09.07 04:15:34 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s
MOD - [2011.09.07 04:15:34 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll
MOD - [2011.09.07 04:15:34 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll
MOD - [2011.09.07 04:15:34 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\devices.w5s
MOD - [2011.09.07 04:15:34 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\timer.w5s
MOD - [2011.09.07 04:15:34 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s
MOD - [2011.09.07 04:15:34 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s
MOD - [2011.09.07 04:15:34 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s
MOD - [2011.09.07 04:15:34 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s
MOD - [2011.09.07 04:15:34 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s
MOD - [2011.09.07 04:15:34 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s
MOD - [2011.09.07 04:15:34 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\filereader.w5s
MOD - [2011.09.07 04:15:34 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s
MOD - [2011.09.07 04:15:33 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll
MOD - [2011.09.07 04:15:33 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll
MOD - [2011.09.07 04:15:33 | 000,113,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll
MOD - [2011.09.07 04:15:33 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll
MOD - [2011.09.07 04:15:33 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll
MOD - [2011.09.07 04:15:33 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
MOD - [2011.09.07 04:15:33 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
MOD - [2011.09.07 04:15:33 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
MOD - [2011.09.07 04:15:33 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
MOD - [2011.09.07 04:15:33 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll
MOD - [2011.09.07 04:15:33 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
MOD - [2011.09.07 04:15:32 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
MOD - [2011.09.07 04:15:32 | 000,083,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll
MOD - [2011.09.07 04:15:32 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
MOD - [2011.09.07 04:15:31 | 000,293,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_local.dll
MOD - [2011.09.07 04:15:31 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_online.dll
MOD - [2011.09.07 04:15:29 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
MOD - [2011.09.07 04:15:29 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
MOD - [2011.09.07 04:15:29 | 000,200,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
MOD - [2011.09.07 04:15:29 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll
MOD - [2011.09.07 04:15:29 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_history.dll
MOD - [2011.09.07 04:15:29 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll
MOD - [2011.09.07 04:15:29 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
MOD - [2011.09.07 04:15:28 | 000,285,696 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
MOD - [2011.09.07 04:15:28 | 000,252,416 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
MOD - [2011.09.07 04:15:28 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
MOD - [2011.09.07 04:15:28 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
MOD - [2011.09.07 04:15:28 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
MOD - [2011.09.07 04:15:28 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
MOD - [2011.09.07 04:15:28 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
MOD - [2011.09.07 04:15:28 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
MOD - [2011.09.07 04:15:28 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
MOD - [2011.09.07 04:15:28 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_linein.dll
MOD - [2011.09.07 04:15:27 | 001,737,728 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
MOD - [2011.09.07 04:15:27 | 000,340,992 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
MOD - [2011.09.07 04:15:27 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
MOD - [2011.09.07 04:15:27 | 000,183,808 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
MOD - [2011.09.07 04:15:27 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
MOD - [2011.09.07 04:15:27 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
MOD - [2011.09.07 04:15:27 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
MOD - [2011.09.07 04:15:27 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
MOD - [2011.09.07 04:15:27 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll
MOD - [2011.09.07 04:15:27 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
MOD - [2011.09.07 04:15:27 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
MOD - [2011.09.07 04:15:27 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll
MOD - [2011.09.07 04:15:26 | 000,410,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll
MOD - [2011.09.07 04:15:26 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll
MOD - [2011.09.07 04:15:25 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.04.22 16:28:20 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.19 23:10:50 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.03.31 23:46:26 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.28 05:08:58 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.28 05:08:49 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.10 05:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.09 19:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2011.12.05 23:50:06 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.30 10:15:02 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Programme\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE -- (HerculesDJControlMP3)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.03.28 05:09:00 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.28 05:09:00 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.28 05:09:00 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.09.06 11:52:36 | 000,073,040 | ---- | M] (Dataram, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RAMDiskVE.sys -- (RAMDiskVE)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.11 16:24:56 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2011.06.15 10:30:46 | 000,093,240 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2011.05.10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.09.30 10:15:38 | 000,222,208 | ---- | M] (© Guillemot R&D, 2010. All rights reserved.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HDJMidi.sys -- (HDJMidi)
DRV:64bit: - [2010.09.30 10:15:30 | 000,185,344 | ---- | M] (© Guillemot R&D, 2010. All rights reserved.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HDJBulk.sys -- (Bulk)
DRV:64bit: - [2010.09.30 10:15:26 | 000,253,440 | ---- | M] (© Guillemot R&D, 2010. All rights reserved.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HDJAsioK.sys -- (HDJAsioK)
DRV:64bit: - [2009.10.13 02:15:52 | 000,061,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\l160x64.sys -- (AtcL001)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007.02.03 10:30:58 | 000,058,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007.02.03 10:25:56 | 000,955,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CamDrL64.sys -- (CamDrL64)
DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Gary\Desktop
IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-LU
IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E 32 CE CC 11 CC CC 01  [binary data]
IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..\SearchScopes,DefaultScope = {CBD72339-BABA-4018-846B-9BB0501B8952}
IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..\SearchScopes\{CBD72339-BABA-4018-846B-9BB0501B8952}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..browser.startup.homepage: 
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Gary\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.31 23:46:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.31 23:46:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.02.18 16:08:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\mozilla\Extensions
[2013.04.24 21:49:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\mozilla\Firefox\Profiles\yksloj73.default\extensions
[2013.04.24 21:41:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\mozilla\Firefox\Profiles\yksloj73.default\extensions\ffxtlbr@babylon.com
[2012.12.13 22:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\Gary\AppData\Roaming\mozilla\firefox\profiles\yksloj73.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2013.04.24 21:41:29 | 000,001,294 | ---- | M] () -- C:\Users\Gary\AppData\Roaming\mozilla\firefox\profiles\yksloj73.default\searchplugins\delta.xml
[2013.02.04 16:36:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.03 03:25:58 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.30 20:48:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.09.05 17:16:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.10.21 15:25:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.03.31 23:46:27 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.31 23:46:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.04.24 21:41:19 | 000,006,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013.03.31 23:46:25 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.03.31 23:46:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.31 23:46:25 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.31 23:46:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.31 23:46:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (Hercules®)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1701DECB-2E39-4713-AD42-92009466C8B3}: DhcpNameServer = 85.94.224.1 85.94.224.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4EF9AA8-4C78-494E-89BF-A2397239E4DA}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.02 18:15:38 | 000,354,299 | ---- | C] (Farbar) -- C:\Users\Gary\Desktop\FSS.exe
[2013.05.02 18:14:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2013.04.29 17:14:26 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Riptide
[2013.04.24 21:48:51 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\AutomaticSolution Software
[2013.04.24 21:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoClickerbyShocker
[2013.04.24 21:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker by Shocker
[2013.04.24 21:41:38 | 000,000,000 | ---D | C] -- C:\Users\Gary\Local Settings
[2013.04.24 21:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.04.24 21:41:09 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Babylon
[2013.04.22 22:19:35 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Emulator
[2013.04.22 20:27:14 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Schoul
[2013.04.21 19:36:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2013.04.21 19:36:31 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\WinZip
[2013.04.21 19:36:20 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2013.04.21 19:36:19 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2013.04.19 22:01:08 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\FLT
[2013.04.19 21:34:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BioShock Infinite
[2013.04.17 18:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.17 18:21:55 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.17 18:21:55 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.17 18:21:55 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.11 01:03:53 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.11 01:03:53 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.11 01:03:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.04.11 01:03:52 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.04.11 01:03:51 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.11 01:03:51 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.04.11 01:03:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.04.11 01:03:51 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.04.11 01:03:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.04.11 01:03:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.04.11 01:03:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.04.11 01:03:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.04.11 01:03:49 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.11 01:03:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.11 01:03:49 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.10 19:02:45 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.04.10 19:02:44 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.04.10 19:02:43 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.04.10 19:02:43 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.04.10 19:02:43 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.04.10 19:02:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.04.10 19:02:29 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 19:02:27 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 19:02:26 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 19:02:26 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 19:02:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 19:02:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.04.05 21:22:55 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Videoen
[2013.04.05 21:08:27 | 000,000,000 | R--D | C] -- C:\Users\Gary\Documents\Ubisoft
[2013.04.05 19:18:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2013.04.05 19:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2013.04.05 18:25:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.02 18:15:38 | 000,354,299 | ---- | M] (Farbar) -- C:\Users\Gary\Desktop\FSS.exe
[2013.05.02 18:14:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2013.05.02 18:13:15 | 000,000,208 | ---- | M] () -- C:\Users\Gary\Desktop\chkhd.bat
[2013.05.02 18:04:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.02 17:46:50 | 000,149,966 | ---- | M] () -- C:\Users\Gary\Desktop\problem1.png
[2013.05.02 17:37:44 | 000,014,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.02 17:37:44 | 000,014,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.02 17:37:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.02 16:23:24 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.02 16:23:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.02 16:23:10 | 536,174,591 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.01 22:09:01 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2539292132-395309747-3638915529-1001UA.job
[2013.05.01 19:09:01 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2539292132-395309747-3638915529-1001Core.job
[2013.05.01 14:14:27 | 000,000,024 | ---- | M] () -- C:\Users\Gary\random.dat
[2013.05.01 14:11:10 | 000,000,024 | ---- | M] () -- C:\Users\Gary\jagexappletviewer.preferences
[2013.05.01 14:07:46 | 000,000,032 | ---- | M] () -- C:\Users\Gary\jagex_cl_runescape_LIVE.dat
[2013.04.24 21:48:51 | 000,001,154 | ---- | M] () -- C:\Users\Public\Desktop\Auto Clicker by Shocker.lnk
[2013.04.24 21:37:31 | 000,000,117 | ---- | M] () -- C:\Users\Gary\Desktop\bunnyhop.ahk
[2013.04.22 16:28:19 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.22 16:28:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.21 22:17:06 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.21 22:17:06 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.21 22:17:06 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.21 22:17:06 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.21 22:17:06 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.19 21:51:57 | 000,002,235 | ---- | M] () -- C:\Users\Public\Desktop\Launch BioShock Infinite.lnk
[2013.04.11 16:38:37 | 004,882,272 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.04 05:35:05 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.04 05:30:10 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.04 05:29:44 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.04 05:24:24 | 000,256,112 | ---- | M] () -- C:\Users\Gary\Desktop\163523_10200930456444971_1065856204_n.jpg
[2013.04.04 05:23:29 | 000,000,865 | ---- | M] () -- C:\Users\Gary\AppData\Local\recently-used.xbel
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.05.02 18:13:02 | 000,000,208 | ---- | C] () -- C:\Users\Gary\Desktop\chkhd.bat
[2013.05.02 17:46:48 | 000,149,966 | ---- | C] () -- C:\Users\Gary\Desktop\problem1.png
[2013.04.24 21:48:51 | 000,001,154 | ---- | C] () -- C:\Users\Public\Desktop\Auto Clicker by Shocker.lnk
[2013.04.19 21:51:57 | 000,002,235 | ---- | C] () -- C:\Users\Public\Desktop\Launch BioShock Infinite.lnk
[2013.04.04 05:23:29 | 000,000,865 | ---- | C] () -- C:\Users\Gary\AppData\Local\recently-used.xbel
[2013.04.04 05:03:39 | 000,256,112 | ---- | C] () -- C:\Users\Gary\Desktop\163523_10200930456444971_1065856204_n.jpg
[2013.02.22 21:31:00 | 000,000,043 | ---- | C] () -- C:\Users\Gary\jagex_cl_oldschool_LIVE.dat
[2013.02.22 21:31:00 | 000,000,024 | ---- | C] () -- C:\Users\Gary\random.dat
[2012.12.19 18:18:48 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.10.30 23:30:24 | 000,075,040 | ---- | C] () -- C:\Program Files (x86)\Common Files\SpeechUninstall.exe
[2012.01.29 17:16:15 | 000,094,378 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\icarus-dxdiag.xml
[2012.01.05 03:11:47 | 000,000,032 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE.dat
[2011.12.13 21:19:22 | 000,000,132 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.10.08 22:30:48 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.09.28 22:24:59 | 000,000,600 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\winscp.rnd
[2011.09.28 21:50:16 | 000,004,608 | ---- | C] () -- C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.19 00:24:35 | 000,000,129 | ---- | C] () -- C:\Users\Gary\jagex_runescape_preferences2.dat
[2011.09.19 00:23:58 | 000,000,035 | ---- | C] () -- C:\Users\Gary\jagex_runescape_preferences.dat
[2011.09.19 00:23:49 | 000,000,024 | ---- | C] () -- C:\Users\Gary\jagexappletviewer.preferences
[2011.09.12 21:30:11 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.07 18:12:16 | 000,007,610 | ---- | C] () -- C:\Users\Gary\AppData\Local\Resmon.ResmonCfg
[2011.05.31 08:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011.05.31 08:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.12.29 00:31:05 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\.minecraft
[2012.08.31 23:31:04 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Awesomium
[2013.04.24 21:41:09 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Babylon
[2013.03.31 18:24:16 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\CPUControl
[2011.10.23 16:24:30 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\eType
[2012.01.08 18:16:48 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\gamigoGr
[2012.01.08 17:46:59 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\GetRightToGo
[2012.11.02 03:41:49 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\gtk-2.0
[2011.12.08 18:09:59 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\ImgBurn
[2012.01.08 17:49:30 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\launcher
[2012.05.26 23:23:03 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Leadertech
[2012.05.22 23:13:00 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\LolClient
[2012.05.24 04:55:33 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\LolClient2
[2012.01.08 17:49:30 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Martial Empires Launcher
[2013.04.22 22:28:32 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mp3tag
[2012.10.18 20:45:41 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\OpenOffice.org
[2011.09.26 23:54:31 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Opera
[2012.01.02 19:19:25 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\PhotoScape
[2011.11.26 01:39:45 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Publish Providers
[2012.01.02 18:46:56 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\redsn0w
[2012.05.09 18:20:33 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\RIFT
[2012.08.02 20:28:09 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\six-zsync
[2011.11.26 01:39:41 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Sony
[2012.05.09 18:30:43 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Sony Creative Software Inc
[2012.10.22 18:01:00 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Spesoft Text To MP3
[2011.10.13 23:06:17 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Structorizer
[2012.12.19 18:59:04 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\systweak
[2013.03.20 23:14:59 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\TeamViewer
[2013.03.04 17:45:52 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\ts3overlay
[2011.10.13 23:06:17 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Unimozer
[2013.04.19 21:37:11 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\UseNeXT
[2013.04.01 03:13:51 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\uTorrent
[2012.04.04 00:24:03 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\WindSolutions
[2012.12.02 23:05:12 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\YourFileDownloader
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---
__________________
Alt 02.05.2013, 20:53   #3
felix1
/// Helfer-Team
 
Windows 7 - PC friert unregelmäßig ein - Standard

Windows 7 - PC friert unregelmäßig ein


Zitat:
Zitat von Core70 Beitrag anzeigen
Hier sind einige Logs aus verschiedenen Programmen, und bei einem fiel mir auch etwas sehr verdächtiges auf:
Es wäre besser gewesen, das Vedächtige gleich zu bennen, als hier ellenlange Logs einzustellen
Wenn es sich um Malware und ähnliches handelt, bist Du in diesem Unterforum sowieso falsch.
__________________
__________________
Alt 02.05.2013, 20:57   #4
Core70
 
Windows 7 - PC friert unregelmäßig ein - Standard

Windows 7 - PC friert unregelmäßig ein


"The ServiceDll of Dnscache: "%SystemRoot%\System32\poua4ksfr.dll"."

scheint für vieles verantwortlich zu sein, glaube ich jedenfalls. Ansonsten weiß ich ja nicht ganz genau was es ist und deshalb brauche ich euren Rat.

lg

Alt 02.05.2013, 22:02   #5
felix1
/// Helfer-Team
 
Windows 7 - PC friert unregelmäßig ein - Standard

Windows 7 - PC friert unregelmäßig ein


Erstelle hier einen neuen Thread:http://www.trojaner-board.de/plagege...n-bekaempfung/
Vorher kannst Du das schon mal machen und die Logs gleich posten: Anleitung: Malwarebytes Anti-Mal
Nur um hier nicht an der falschen Stelle zu suchen.

__________________
LG

Der Felix

Keine Hilfe per PN und E-Mail
Alt 02.05.2013, 22:04   #6
Core70
 
Windows 7 - PC friert unregelmäßig ein - Standard

Windows 7 - PC friert unregelmäßig ein


Mache ich morgen dann, danke dir! War mir halt nicht sicher was es sein könnte.. Dachte es ginge um mein Prozessor, deshalb Hardware und weil meine Internetverbindunge dabei verloren geht -> Netzwerk, aber sieht wohl so aus als wäre es etwas anderes.

Kann dann geschlossen werden.

lg

Antwort

Themen zu Windows 7 - PC friert unregelmäßig ein
auslastung, besser, computer, friert, internetverbindung, musik, neuer, problem, prozessor, rechner, rechtsklick, ruckel, screenshot, sekunden, start, system, task-manager, temperatur, unregelmäßige, verbindung, win, win7, windows, windows 7, windows7 einfrieren prozessor fehler dnsclient


« Western Digital 500GB Festplatte Schaden? | Netzwerkverbidung beziehen »


Ähnliche Themen: Windows 7 - PC friert unregelmäßig ein


  1. Windows 7 Laptop: Avira blockiert Registryzugriffe und der Rechner schaltet sich unregelmäßig und plötzlich aus.
    Log-Analyse und Auswertung - 18.04.2015 (15)
  2. Windows 7 bootet unregelmäßig und meist er st nach dem dritten Versuch
    Log-Analyse und Auswertung - 30.10.2014 (15)
  3. Windows 7 |64 Bit | Friert unregelmäßig ein
    Alles rund um Windows - 24.10.2014 (9)
  4. Windows 7 friert unregelmäßig ein
    Netzwerk und Hardware - 17.10.2014 (57)
  5. PC friert ein Windows 8.1
    Log-Analyse und Auswertung - 15.08.2014 (17)
  6. Windows 7 friert ein!
    Alles rund um Windows - 13.06.2014 (9)
  7. Windows 7 stürzt unregelmäßig ab - C:\Windows\Minidump\061014-20482-01.dmp
    Plagegeister aller Art und deren Bekämpfung - 12.06.2014 (7)
  8. win7 64 bit friert regelmäßig - unregelmäßig ohne meldung ein
    Log-Analyse und Auswertung - 08.04.2014 (8)
  9. Windows 7: PC ist sehr langsam und hängt unregelmäßig einige Sekunden
    Log-Analyse und Auswertung - 12.09.2013 (2)
  10. Windows 7 Notebook friert nach Windows boot für 30-60sekunden ein
    Plagegeister aller Art und deren Bekämpfung - 24.04.2013 (3)
  11. Notebook friert unregelmäßig ein oder ist extrem träge
    Log-Analyse und Auswertung - 23.06.2011 (26)
  12. Windows 7 laggt beim Spielen unregelmäßig
    Alles rund um Windows - 19.11.2010 (6)
  13. Computer friert unregelmäßig ein.
    Plagegeister aller Art und deren Bekämpfung - 08.08.2010 (3)
  14. Computer friert unregelmäßig ein
    Plagegeister aller Art und deren Bekämpfung - 05.02.2008 (0)
  15. PC /Wndows friert unregelmäßig ein
    Log-Analyse und Auswertung - 15.07.2007 (5)
  16. Windows XP friert ein
    Log-Analyse und Auswertung - 15.07.2007 (3)
  17. Probleme mit Trojaner / Windows startet nicht bzw. unregelmäßig und fehlerhaft
    Log-Analyse und Auswertung - 24.06.2006 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7 - PC friert unregelmäßig ein - Hallo, da ich seit Monaten jetzt ein Problem damit habe habe ich mich endlich dazu entschieden mal wo anders Hilfe zu holen, die ich hier hoffentlich auch bekomme. Ich habe - Windows 7 - PC friert unregelmäßig ein...
Archiv
Du betrachtest: Windows 7 - PC friert unregelmäßig ein auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55