| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: LyricsContainer auf Windows 7 - Wie schmeiße ich es runter?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.08.2013, 11:30
| #1 |
 |  LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Hey Leute, Ich habe mich hier registriert, weil ich unbedingt Hilfe brauche (Also ein Fachmannn bin ich nicht im geringsten  ). Ich habe letztens im Internet Explorer ein Nachricht erhalten: "Java-Sicherheitsupdate ist unbedingt erforderlich!" Normalerweise traue ich dem ganzen nicht und schließe das Fenster auch gleich. In diesem Fall konnte ich es aber nicht wegXen, da sich immer wieder erst das Fenster "Wollen sie diese Seite wirklich verlassen? --> JA" und dann wieder "JAVA-Sicherheitsupdate unbedingt erforderlich" kam, wie eine Dauerschleife die ich nicht verlassen konnte, also habe ich auf "Update installieren" gedrückt, da ich dachte es müsse also etwas ernstes sein. Das Update wurde heruntergeladen und der Installationsprozess begann. Nach 'ner Zeit (Ich hab mir ALLES durchgelesen) kam mir das aber nicht mehr allzu seriös vor, weil immer wieder Werbung für verschiedene Add-Ons kam, die er (hätte ich nicht auf NEIN gedrückt) installiert hätte. Irgendwann ging das aber mal nicht und deshalb habe ich den Installationsprozess (bzw. das Voreinstellungsmenü) geschlossen. Dann schaue ich in meine Mozilla Add-Ons und plötzlich sehe ich da dennoch "LyricsContainer 1.128". Das kann ich auch nicht so einfach entfernen, weil es dafür keinen Button gibt. Ich informiere mich darüber, was das ist und sehe "Spyware"   !"WHY ME ?!?" Tja und jetzt möchte ich vorsorgen, bevor es meinem PC Schaden zufügt und es herunterlöschen. Wie mache ich das? Könnte mir einer eine Schritt-für-Schritt Anleitung geben? Mein PC: Windows 7 Home Premium - 64-Bit Danke schon mal.  MFG, Ich. |
|
16.08.2013, 11:32
| #2 |
| /// TB-Ausbilder   |  LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Ich habe dein Thema in Arbeit und melde mich so schnell wie möglich mit weiteren Anweisungen. |
|
16.08.2013, 11:33
| #3 |
| /// TB-Ausbilder | LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Servus,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
|
16.08.2013, 11:47
| #4 |
| | LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Danke, Hier der FRST.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2013
Ran by Liam (administrator) on 16-08-2013 12:40:37
Running from C:\Users\Liam\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(LogMeIn Inc.) L:\Programme\Andere\Hamachi\hamachi-2.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
(COMPANYVERS_NAME) C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbarsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(RealNetworks, Inc.) L:\Programme\Andere\Real\Update\realsched.exe
(LogMeIn Inc.) L:\Programme\Andere\Hamachi\hamachi-2-ui.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6549136 2012-07-09] (Realtek Semiconductor)
HKLM\...\Run: [RadioRage Home Page Guard 64 bit] - C:\PROGRA~2\RADIOR~2\bar\1.bin\AppIntegrator64.exe [548936 2013-07-03] ()
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1807272 2013-07-27] (Valve Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrowserPlugInHelper] - L:\Programme\Medien-Bearbeitung\Video\Video Converter\BrowserPlugInHelper.exe [x]
HKLM-x32\...\Run: [TkBellExe] - L:\Programme\Andere\Real\update\realsched.exe [295512 2013-05-26] (RealNetworks, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - L:\Programme\Andere\Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [RadioRage Search Scope Monitor] - C:\PROGRA~2\RADIOR~2\bar\1.bin\4jsrchmn.exe [44784 2013-07-03] (MindSpark)
HKLM-x32\...\Run: [RadioRage_4j Browser Plugin Loader] - C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbrmon.exe [30096 2013-07-03] (VER_COMPANY_NAME)
Startup: C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files\Logitech Gaming Software\EReg\eReg.exe (Leader Technologies/Logitech)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=FC183085A9457AC6&affID=119357&tsp=4922
URLSearchHook: (No Name) - {3c35ad63-af1d-4e21-b484-b6651a8efcf9} - No File
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {A265D837-23A4-44BB-BA3F-B78607D0D4AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {110a9ea2-8810-4c04-b916-cfd4e9427fec} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZX^xdm070^YYA^de&ptb=B450B385-E276-4AC8-BEB3-A36BE29DB740&ind=2013070410&n=77fd044a&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {A265D837-23A4-44BB-BA3F-B78607D0D4AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKCU - DefaultScope {A265D837-23A4-44BB-BA3F-B78607D0D4AA} URL =
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0E4607E6-B308-42E2-83F0-84700C98F745} URL = hxxp://www.bing.com/search?q={searchTerms}&r=298
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=FC183085A9457AC6&affID=119357&tsp=4922
SearchScopes: HKCU - {110a9ea2-8810-4c04-b916-cfd4e9427fec} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZX^xdm070^YYA^de&ptb=B450B385-E276-4AC8-BEB3-A36BE29DB740&ind=2013070410&n=77fd044a&psa=&st=sb&searchfor={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Toolbar BHO - {48909954-14fb-4971-a7b3-47e7af10b38a} - C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbar.dll (MindSpark)
BHO-x32: Search Assistant BHO - {5848763c-2668-44ca-adbe-2999a6ee2858} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll (MindSpark)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: LyricsContainer - {77e880b5-cae7-4928-8507-ec2e5007e73e} - C:\Program Files (x86)\LyricsContainer\128.dll (LyricsContainer)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - RadioRage - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {78BA36C9-6036-482B-B48D-ECCA6F964B84} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default
FF user.js: detected! => C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\user.js
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: hxxp://www.google.com/ig
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - L:\Programme\Player & Reader\Winamp Detect\npwachk.dll No File
FF Plugin-x32: @RadioRage_4j.com/Plugin - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\NP4jStub.dll (MindSpark)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - L:\Programme\Andere\Real\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - L:\Programme\Andere\Real\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - L:\Programme\Player & Reader\Adobe\Adobe Reader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\searchplugins\webwebweb.xml
FF Extension: RadioRage - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\4jffxtbr@RadioRage_4j.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\ich@maltegoetz.de
FF Extension: Flash and Video Download - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: adblockpopups - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: info - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\info@youtube-mp3.org.xpi
FF Extension: personas - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\personas@christopher.beard.xpi
FF Extension: No Name - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi
FF Extension: No Name - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{5a28d000-81c8-11de-8a39-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
FF Extension: No Name - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.3.19\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [4jffxtbr@RadioRage_4j.com] C:\Program Files (x86)\RadioRage_4j\bar\1.bin
FF Extension: RadioRage - C:\Program Files (x86)\RadioRage_4j\bar\1.bin
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] L:\Programme\Andere\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - L:\Programme\Andere\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKCU\...\Firefox\Extensions: [Lyrics@LyricsContainer.co] C:\Program Files (x86)\LyricsContainer\128.xpi
FF Extension: No Name - C:\Program Files (x86)\LyricsContainer\128.xpi
==================== Services (Whitelisted) =================
R2 Hamachi2Svc; L:\Programme\Andere\Hamachi\hamachi-2.exe [2470736 2013-06-28] (LogMeIn Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 RadioRage_4jService; C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbarsvc.exe [42504 2013-07-03] (COMPANYVERS_NAME)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36520 2012-09-13] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-05] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-06-05] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-06-05] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-06-05] (Symantec Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [98416 2012-01-16] (Atheros Communications, Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130815.022\ENG64.SYS [126040 2013-06-05] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130815.022\ENG64.SYS [126040 2013-06-05] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130815.022\EX64.SYS [2098776 2013-06-05] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130815.022\EX64.SYS [2098776 2013-06-05] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 DIRECTIO; \??\UNC\srv1c027-b.wds8-b.intern\reminst\Test\BitPro64\DirectIo.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-16 12:39 - 2013-08-16 12:39 - 01576058 _____ (Farbar) C:\Users\Liam\Desktop\FRST64.exe
2013-08-16 10:53 - 2013-08-16 10:53 - 00059608 _____ C:\Users\Liam\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-16 09:24 - 2013-08-16 09:24 - 00000000 ____D C:\Program Files (x86)\LyricsContainer
2013-08-16 09:23 - 2013-08-16 09:23 - 00000056 _____ C:\Windows\setupact.log
2013-08-16 09:23 - 2013-08-16 09:23 - 00000000 _____ C:\Windows\setuperr.log
2013-08-16 09:22 - 2013-08-16 09:23 - 04893560 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-16 09:22 - 2013-08-16 09:22 - 00004626 _____ C:\Windows\PFRO.log
2013-08-15 16:28 - 2013-08-16 09:24 - 00003042 _____ C:\Windows\System32\Tasks\LyricsContainer Update
2013-08-15 16:28 - 2013-08-16 09:24 - 00000396 _____ C:\Windows\Tasks\LyricsContainer Update.job
2013-08-14 20:03 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 20:03 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 20:03 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 20:03 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 20:03 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 20:03 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 20:03 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 20:03 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 20:03 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 20:03 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 20:03 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 20:03 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 20:03 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 20:03 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 20:03 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 20:03 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 20:03 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 20:03 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 20:03 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 20:03 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 20:03 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 20:03 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 20:03 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 20:03 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 20:03 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 20:03 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 20:03 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 20:03 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 20:03 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 20:03 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 20:03 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 16:28 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 16:28 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 16:28 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 16:28 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 16:28 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 16:28 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 16:28 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 16:28 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 16:28 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 16:28 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 16:28 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 16:28 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 16:28 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 16:28 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 16:28 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 16:28 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 16:28 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 16:28 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 16:28 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 16:28 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 16:28 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 16:28 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 16:28 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 16:28 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 16:28 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 16:27 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 16:27 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-12 15:36 - 2013-08-12 15:36 - 00019551 _____ C:\Users\Liam\AppData\Local\recently-used.xbel
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Leadertech
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\Users\Liam\AppData\Local\Logitech
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\ProgramData\LogiShrd
2013-08-09 18:12 - 2013-08-09 18:13 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-08-09 18:12 - 2013-08-09 18:12 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-08-09 18:11 - 2013-08-09 18:11 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Logitech
2013-08-09 18:11 - 2013-08-09 18:11 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Logishrd
2013-08-05 17:06 - 2013-08-05 17:06 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-08-05 17:06 - 2013-04-29 20:00 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-08-05 17:06 - 2013-03-17 18:21 - 03649536 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2013-08-05 17:06 - 2012-06-09 19:21 - 00178688 _____ C:\Windows\SysWOW64\unrar.dll
2013-08-05 17:06 - 2011-12-21 19:14 - 00151552 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2013-08-05 17:06 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2013-08-05 17:06 - 2011-06-24 16:44 - 00243200 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-08-05 17:06 - 2011-06-24 16:28 - 00650752 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-08-04 12:54 - 2013-08-04 12:54 - 00003032 _____ C:\Windows\System32\Tasks\{7A426635-024D-43AF-AF3F-E160D3FB3227}
2013-08-04 12:45 - 2013-08-04 12:45 - 00000912 _____ C:\Windows\EF.ini
2013-08-04 12:40 - 2013-08-04 12:54 - 00000921 _____ C:\Windows\EFXP.ini
2013-08-04 12:40 - 2000-05-18 16:26 - 00328704 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe
2013-08-02 14:45 - 2013-08-16 10:29 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Winamp
2013-08-02 14:45 - 2013-08-02 14:45 - 00000799 _____ C:\Users\Liam\Desktop\Winamp.lnk
2013-08-02 14:45 - 2013-08-02 14:45 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-07-31 12:47 - 2013-07-31 12:47 - 00000000 ____D C:\Users\Liam\Desktop\Fluch der Karibik 4
2013-07-31 12:38 - 2013-07-31 12:38 - 00000000 ____D C:\Users\Liam\Documents\Nexus Mod Manager
2013-07-31 12:38 - 2013-07-31 12:38 - 00000000 ____D C:\Users\Liam\AppData\Local\Black_Tree_Gaming
2013-07-30 21:40 - 2013-07-30 21:40 - 00007605 _____ C:\Users\Liam\AppData\Local\Resmon.ResmonCfg
2013-07-30 21:30 - 2013-07-30 21:30 - 00000000 ____D C:\Users\Liam\AppData\Roaming\dvdcss
2013-07-27 20:32 - 2013-08-09 19:53 - 00000000 ___RD C:\Users\Liam\Desktop\Programme
2013-07-27 20:03 - 2013-07-27 20:03 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-27 20:03 - 2013-07-27 20:03 - 00000000 ____D C:\Program Files\CCleaner
2013-07-27 19:42 - 2013-08-15 22:15 - 00000000 ___RD C:\Users\Liam\Desktop\Games
2013-07-27 15:59 - 2013-07-27 15:59 - 00000000 ____D C:\Program Files (x86)\1-click run
2013-07-26 11:12 - 2013-07-26 11:17 - 00000000 ____D C:\ProgramData\Solidshield
==================== One Month Modified Files and Folders =======
2013-08-16 12:40 - 2013-08-16 12:40 - 00000000 ____D C:\FRST
2013-08-16 12:39 - 2013-08-16 12:39 - 01576058 _____ (Farbar) C:\Users\Liam\Desktop\FRST64.exe
2013-08-16 12:29 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-16 12:29 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-16 12:07 - 2013-04-15 18:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-16 11:58 - 2013-04-19 21:33 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-16 11:19 - 2013-04-19 17:38 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Skype
2013-08-16 11:13 - 2013-04-20 16:18 - 00000000 ____D C:\Users\Liam\AppData\Local\Windows Live
2013-08-16 10:53 - 2013-08-16 10:53 - 00059608 _____ C:\Users\Liam\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-16 10:38 - 2013-03-26 18:28 - 01089922 _____ C:\Windows\WindowsUpdate.log
2013-08-16 10:29 - 2013-08-02 14:45 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Winamp
2013-08-16 09:24 - 2013-08-16 09:24 - 00000000 ____D C:\Program Files (x86)\LyricsContainer
2013-08-16 09:24 - 2013-08-15 16:28 - 00003042 _____ C:\Windows\System32\Tasks\LyricsContainer Update
2013-08-16 09:24 - 2013-08-15 16:28 - 00000396 _____ C:\Windows\Tasks\LyricsContainer Update.job
2013-08-16 09:24 - 2013-05-02 18:08 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-16 09:24 - 2013-04-22 15:36 - 00000000 ____D C:\Users\Liam\AppData\Local\LogMeIn Hamachi
2013-08-16 09:24 - 2013-04-19 21:33 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-16 09:23 - 2013-08-16 09:23 - 00000056 _____ C:\Windows\setupact.log
2013-08-16 09:23 - 2013-08-16 09:23 - 00000000 _____ C:\Windows\setuperr.log
2013-08-16 09:23 - 2013-08-16 09:22 - 04893560 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-16 09:23 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-16 09:22 - 2013-08-16 09:22 - 00004626 _____ C:\Windows\PFRO.log
2013-08-15 22:15 - 2013-07-27 19:42 - 00000000 ___RD C:\Users\Liam\Desktop\Games
2013-08-15 20:03 - 2013-07-04 18:59 - 00001063 _____ C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk
2013-08-15 17:33 - 2013-03-28 20:09 - 00000000 ____D C:\Users\Liam\AppData\Local\CrashDumps
2013-08-15 17:33 - 2013-01-25 18:28 - 00000000 ____D C:\Windows\Panther
2013-08-15 17:23 - 2013-04-20 00:00 - 00003358 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000
2013-08-15 17:23 - 2013-04-20 00:00 - 00003222 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2844046150-3993658297-1854408014-1000
2013-08-15 16:53 - 2013-04-19 21:34 - 00003336 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000
2013-08-15 16:53 - 2013-04-19 21:34 - 00003200 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2844046150-3993658297-1854408014-1000
2013-08-14 19:53 - 2013-07-15 22:20 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 19:53 - 2013-04-19 17:06 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-12 15:36 - 2013-08-12 15:36 - 00019551 _____ C:\Users\Liam\AppData\Local\recently-used.xbel
2013-08-12 15:36 - 2013-04-29 19:47 - 00000000 ____D C:\Users\Liam\.gimp-2.8
2013-08-09 19:53 - 2013-07-27 20:32 - 00000000 ___RD C:\Users\Liam\Desktop\Programme
2013-08-09 19:44 - 2013-03-26 18:44 - 00000000 ___RD C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Leadertech
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\Users\Liam\AppData\Local\Logitech
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\ProgramData\LogiShrd
2013-08-09 18:13 - 2013-08-09 18:12 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-08-09 18:12 - 2013-08-09 18:12 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-08-09 18:11 - 2013-08-09 18:11 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Logitech
2013-08-09 18:11 - 2013-08-09 18:11 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Logishrd
2013-08-08 21:36 - 2013-03-28 12:08 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Audacity
2013-08-08 15:32 - 2013-04-15 18:51 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-08 15:32 - 2013-03-30 14:05 - 00000000 ____D C:\Users\Liam\AppData\Local\Adobe
2013-08-08 15:32 - 2013-03-28 12:46 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-08 15:32 - 2013-03-28 12:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-07 13:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-05 17:06 - 2013-08-05 17:06 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-08-04 12:56 - 2013-03-28 13:14 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-04 12:54 - 2013-08-04 12:54 - 00003032 _____ C:\Windows\System32\Tasks\{7A426635-024D-43AF-AF3F-E160D3FB3227}
2013-08-04 12:54 - 2013-08-04 12:40 - 00000921 _____ C:\Windows\EFXP.ini
2013-08-04 12:45 - 2013-08-04 12:45 - 00000912 _____ C:\Windows\EF.ini
2013-08-02 14:45 - 2013-08-02 14:45 - 00000799 _____ C:\Users\Liam\Desktop\Winamp.lnk
2013-08-02 14:45 - 2013-08-02 14:45 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-07-31 12:47 - 2013-07-31 12:47 - 00000000 ____D C:\Users\Liam\Desktop\Fluch der Karibik 4
2013-07-31 12:45 - 2013-03-28 12:59 - 00000000 ____D C:\Users\Liam\AppData\Local\Oblivion
2013-07-31 12:44 - 2013-05-02 18:51 - 00000000 ____D C:\Users\Liam\AppData\Local\Skyrim
2013-07-31 12:38 - 2013-07-31 12:38 - 00000000 ____D C:\Users\Liam\Documents\Nexus Mod Manager
2013-07-31 12:38 - 2013-07-31 12:38 - 00000000 ____D C:\Users\Liam\AppData\Local\Black_Tree_Gaming
2013-07-30 21:40 - 2013-07-30 21:40 - 00007605 _____ C:\Users\Liam\AppData\Local\Resmon.ResmonCfg
2013-07-30 21:30 - 2013-07-30 21:30 - 00000000 ____D C:\Users\Liam\AppData\Roaming\dvdcss
2013-07-30 13:59 - 2013-04-19 21:33 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-29 19:21 - 2011-04-12 09:43 - 00698694 _____ C:\Windows\system32\perfh007.dat
2013-07-29 19:21 - 2011-04-12 09:43 - 00148834 _____ C:\Windows\system32\perfc007.dat
2013-07-29 19:21 - 2009-07-14 07:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-29 14:31 - 2013-06-06 17:15 - 00000000 ____D C:\Users\Liam\AppData\Roaming\.minecraft
2013-07-27 20:25 - 2013-05-26 20:49 - 00000000 ____D C:\Users\Liam\Tracing
2013-07-27 20:25 - 2013-05-26 19:47 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Sony
2013-07-27 20:25 - 2013-03-28 12:17 - 00000000 ____D C:\Users\Liam\AppData\Roaming\inkscape
2013-07-27 20:03 - 2013-07-27 20:03 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-27 20:03 - 2013-07-27 20:03 - 00000000 ____D C:\Program Files\CCleaner
2013-07-27 15:59 - 2013-07-27 15:59 - 00000000 ____D C:\Program Files (x86)\1-click run
2013-07-26 11:17 - 2013-07-26 11:12 - 00000000 ____D C:\ProgramData\Solidshield
2013-07-26 11:06 - 2013-03-28 13:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-26 07:13 - 2013-08-14 20:03 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-14 20:03 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-14 20:03 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-14 20:03 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-14 20:03 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-14 20:03 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-14 20:03 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-14 20:03 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-14 20:03 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-14 20:03 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-14 20:03 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-14 20:03 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-14 20:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-14 20:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-14 20:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-14 20:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-14 20:03 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-14 20:03 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-14 20:03 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-14 20:03 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-14 20:03 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-14 20:03 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-14 20:03 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-14 20:03 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-14 20:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-14 20:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-14 20:03 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-14 20:03 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-14 20:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-14 20:03 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-14 20:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 11:25 - 2013-08-14 16:28 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-14 16:28 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-19 03:58 - 2013-08-14 16:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-19 03:41 - 2013-08-14 16:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-26 03:28
==================== End Of Log ============================
Und hier der Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2013
Ran by Liam at 2013-08-16 12:41:26
Running from C:\Users\Liam\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe AIR (x32 Version: 3.7.0.1530)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Age of Conan: Unchained (x32)
Audacity 2.0.2 (x32 Version: 2.0.2)
Camtasia Studio 8 (x32 Version: 8.0.4.1060)
CCleaner (Version: 4.04)
Cinema 4D version R12 (x32 Version: R12)
concept/design onlineTV 8 (x32 Version: 8.4.0.0)
Cry of Fear (x32)
Cube World (x32 Version: 1)
D3DX10 (x32 Version: 15.4.2368.0902)
Dota 2 (x32)
Elite Force (x32)
Fotogalerie (x32 Version: 16.4.3505.0912)
Fraps (remove only) (x32)
Freemake Video Converter Version 4.0.2 (x32 Version: 4.0.2)
Galerie de photos (x32 Version: 16.4.3505.0912)
GameMaker: Studio (x32)
GIMP 2.8.4 (Version: 2.8.4)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
Greenfish Icon Editor Pro 3.25 (x32)
Half-Life Dedicated Server Update Tool (x32)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
K-Lite Mega Codec Pack 9.9.0 (x32 Version: 9.9.0)
Logitech Gaming Software (Version: 8.45.88)
Logitech Gaming Software 8.46 (Version: 8.46.27)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
LyricsContainer (x32)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft .NET Framework 4.5 FRA Language Pack (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Module linguistique de Microsoft .NET Framework 4.5 - FRA (Version: 4.5.50709)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Norton 360 (x32 Version: 20.4.0.40)
Norton Identity Safe (x32 Version: 2013.4.0.10)
Oblivion - Construction Set (x32 Version: 1.00.0000)
Oblivion (x32 Version: 1.00.0000)
Photo Gallery (x32 Version: 16.4.3505.0912)
Pivot Animator version 4.1.9 (x32 Version: 4.1.9)
PlanetSide 2 (HKCU Version: 1.0.3.183)
RadioRage Firefox Toolbar (x32)
RadioRage Internet Explorer Toolbar (x32)
RealDownloader (x32 Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2005 Runtime (x32 Version: 8.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)
RealPlayer (x32 Version: 16.0.2)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6675)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Skype™ 6.6 (x32 Version: 6.6.106)
Source Filmmaker (x32)
Star Wars Battlefront (x32 Version: 1.0)
Star Wars Battlefront II (x32 Version: 1.0)
Steam (x32 Version: 1.0.0.0)
Team Fortress 2 (x32)
The Elder Scrolls V: Skyrim (x32)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
us Mod Manager (Version: 0.45.5)
Vegas Pro 12.0 (64-bit) (Version: 12.0.563)
Winamp (x32 Version: 5.65 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live (x32 Version: 16.4.3505.0912)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live Family Safety (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0)
==================== Restore Points =========================
26-07-2013 09:19:27 Entfernt James Cameron's AVATAR(tm): DAS SPIEL
14-08-2013 17:52:36 Windows Update
15-08-2013 15:34:09 DirectX wurde installiert
15-08-2013 18:04:02 DirectX wurde installiert
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {40690C1F-1092-49CD-B30A-C9BFAD20CE71} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe [2013-05-30] (Symantec Corporation)
Task: {4778DFE2-6047-48B9-9557-687453BADAAB} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe No File
Task: {4A26A9AC-A1C2-420E-AFD2-E8485620EECC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {4C03F15E-2447-4FAE-9261-C2FC57E6653B} - System32\Tasks\EPUpdater => C:\Users\Liam\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {4C1B7082-60FC-4C70-94B7-E03D7434EEA4} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {4F56EF5D-A68A-4FE1-8159-D966C7E76DB2} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {51A548DA-58D6-4DB1-B243-469075D1E63A} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe [2013-05-30] (Symantec Corporation)
Task: {5670462F-E306-46C9-A54B-5E1A788C3AAB} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {5EAF4290-5365-432E-87E6-CCF0C6ACAFF9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {66B3C01B-319A-42F1-BBBB-D9B7933919D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-19] (Google Inc.)
Task: {A7630FAB-6E7C-4F3D-A04B-A08A9FE90A0E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-08] (Adobe Systems Incorporated)
Task: {AD3210B2-1AC3-4BD7-91E4-2E9D6FEA44BB} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {AE108DA4-ED17-41EA-B65D-62E3F8495216} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {B69AEA86-5610-4309-8649-C215F4685507} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {B9A0A33C-490E-4A2A-85E4-810995CA95DA} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {C3FAC4D3-8951-4423-A844-2CE8214A6A68} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {E166D3FC-7868-4DA5-9AA6-BFCA8D69BAEF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {EEAAC532-092A-45FC-A9AF-5E589875C931} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {F0AD76E3-C45B-4904-8DC8-4C6028C73C48} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {F1FD97D9-2569-4077-9ABE-B33E21EBD91C} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {F2CBD92F-A58A-4934-ABED-C12996341F79} - System32\Tasks\LyricsContainer Update => C:\Program Files (x86)\LyricsContainer\LrcsCtrUpdr.exe [2013-08-16] ()
Task: {F3AFD570-33C1-48FB-87C6-D161E4F0543D} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {FAF4C6CA-7890-449D-8642-C2091BA5F166} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricsContainer Update.job => C:\Program Files (x86)\LyricsContainer\LrcsCtrUpdr.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/16/2013 11:54:20 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/16/2013 09:24:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2013 03:05:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x520aac6e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xde8
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3
Error: (08/15/2013 01:20:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2013 10:20:44 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/14/2013 07:50:14 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x520aac6e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x1f08
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3
Error: (08/14/2013 04:23:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2013 10:20:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x52059485
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x1424
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3
Error: (08/13/2013 07:50:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x52059485
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xd4c
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3
Error: (08/13/2013 02:29:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (08/06/2013 02:44:30 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:44:25 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:44:20 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:44:15 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:44:10 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:44:05 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:44:00 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:43:55 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:43:50 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:43:45 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Microsoft Office Sessions:
=========================
Error: (08/16/2013 11:54:20 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe
Error: (08/16/2013 09:24:42 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2013 03:05:10 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.0520aac6eKERNELBASE.dll6.1.7601.1801550b83c8ac00000050000c41fde801ce99aa8edeb2faG:\Sony Online Entertainment\Installed Games\Planetside 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dll503fcfa7-05ab-11e3-a58a-3085a9457ac6
Error: (08/15/2013 01:20:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2013 10:20:44 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/14/2013 07:50:14 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.0520aac6eKERNELBASE.dll6.1.7601.1801550b83c8ac00000050000c41f1f0801ce98fe277e4f38G:\Sony Online Entertainment\Installed Games\Planetside 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dllf89a52ea-0509-11e3-84e8-3085a9457ac6
Error: (08/14/2013 04:23:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2013 10:20:46 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.052059485KERNELBASE.dll6.1.7601.1801550b83c8ac00000050000c41f142401ce984dc322faadG:\Sony Online Entertainment\Installed Games\Planetside 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dlld5a78544-0455-11e3-9e95-3085a9457ac6
Error: (08/13/2013 07:50:36 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.052059485KERNELBASE.dll6.1.7601.1801550b83c8ac00000050000c41fd4c01ce982f83297c6dG:\Sony Online Entertainment\Installed Games\Planetside 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dlldb5a5d0a-0440-11e3-9e95-3085a9457ac6
Error: (08/13/2013 02:29:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 31%
Total physical RAM: 7641.29 MB
Available physical RAM: 5206.46 MB
Total Pagefile: 15280.77 MB
Available Pagefile: 12775.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:97.66 GB) (Free:44.42 GB) NTFS (Disk=0 Partition=2)
Drive g: (Spiele) (Fixed) (Total:195.31 GB) (Free:113.7 GB) NTFS (Disk=0 Partition=4)
Drive l: (Allgemein) (Fixed) (Total:627.16 GB) (Free:148.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 624C9C72)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=822 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=11 GB) - (Type=27)
==================== End Of Log ============================
|
|
16.08.2013, 13:46
| #5 |
| /// TB-Ausbilder | LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Servus, so geht es los: Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3 Downloade Dir bitte  Malwarebytes Anti-Malware
Bitte poste mit deiner nächsten Antwort
|
|
16.08.2013, 13:57
| #6 |
| | LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Lieber Matthias, Ich danke dir für deine Hilfe, aber ich denke, dass sich das Problem mit LyricsContain ererledigt hat. Tatsächlich habe ich einfach nur eine Systemwiederherstellung zum richtigen Zeitpunkt hin durchgeführt. Bei der Analyse stand: Anwendungen und Programme, die von der Systemwiederherstellung wieder entfernt werden: ..... LyricsContainer ..... Nun habe ich auch bei den Firefox Add-Ons nachgeschaut und der LyricsContainer ist nun nicht mehr dort. Falls du dennoch etwas entdecken solltest, sind hier meine System-Scans: FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2013 01
Ran by Liam (administrator) on 16-08-2013 14:53:13
Running from L:\Eigene Dateien\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(LogMeIn Inc.) L:\Programme\Andere\Hamachi\hamachi-2.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
(COMPANYVERS_NAME) C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbarsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(RealNetworks, Inc.) L:\Programme\Andere\Real\Update\realsched.exe
(LogMeIn Inc.) L:\Programme\Andere\Hamachi\hamachi-2-ui.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6549136 2012-07-09] (Realtek Semiconductor)
HKLM\...\Run: [RadioRage Home Page Guard 64 bit] - C:\PROGRA~2\RADIOR~2\bar\1.bin\AppIntegrator64.exe [548936 2013-07-03] ()
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1807272 2013-07-27] (Valve Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrowserPlugInHelper] - L:\Programme\Medien-Bearbeitung\Video\Video Converter\BrowserPlugInHelper.exe [x]
HKLM-x32\...\Run: [TkBellExe] - L:\Programme\Andere\Real\update\realsched.exe [295512 2013-05-26] (RealNetworks, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - L:\Programme\Andere\Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [RadioRage Search Scope Monitor] - C:\PROGRA~2\RADIOR~2\bar\1.bin\4jsrchmn.exe [44784 2013-07-03] (MindSpark)
HKLM-x32\...\Run: [RadioRage_4j Browser Plugin Loader] - C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbrmon.exe [30096 2013-07-03] (VER_COMPANY_NAME)
Startup: C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files\Logitech Gaming Software\EReg\eReg.exe (Leader Technologies/Logitech)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=FC183085A9457AC6&affID=119357&tsp=4922
URLSearchHook: (No Name) - {3c35ad63-af1d-4e21-b484-b6651a8efcf9} - No File
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {A265D837-23A4-44BB-BA3F-B78607D0D4AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {110a9ea2-8810-4c04-b916-cfd4e9427fec} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZX^xdm070^YYA^de&ptb=B450B385-E276-4AC8-BEB3-A36BE29DB740&ind=2013070410&n=77fd044a&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {A265D837-23A4-44BB-BA3F-B78607D0D4AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKCU - DefaultScope {A265D837-23A4-44BB-BA3F-B78607D0D4AA} URL =
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0E4607E6-B308-42E2-83F0-84700C98F745} URL = hxxp://www.bing.com/search?q={searchTerms}&r=298
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=FC183085A9457AC6&affID=119357&tsp=4922
SearchScopes: HKCU - {110a9ea2-8810-4c04-b916-cfd4e9427fec} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZX^xdm070^YYA^de&ptb=B450B385-E276-4AC8-BEB3-A36BE29DB740&ind=2013070410&n=77fd044a&psa=&st=sb&searchfor={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Toolbar BHO - {48909954-14fb-4971-a7b3-47e7af10b38a} - C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbar.dll (MindSpark)
BHO-x32: Search Assistant BHO - {5848763c-2668-44ca-adbe-2999a6ee2858} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll (MindSpark)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - RadioRage - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default
FF user.js: detected! => C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\user.js
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: hxxp://www.google.com/ig
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - L:\Programme\Player & Reader\Winamp Detect\npwachk.dll No File
FF Plugin-x32: @RadioRage_4j.com/Plugin - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\NP4jStub.dll (MindSpark)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - L:\Programme\Andere\Real\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - L:\Programme\Andere\Real\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - L:\Programme\Player & Reader\Adobe\Adobe Reader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\searchplugins\webwebweb.xml
FF Extension: RadioRage - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\4jffxtbr@RadioRage_4j.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\ich@maltegoetz.de
FF Extension: Flash and Video Download - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: adblockpopups - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: info - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\info@youtube-mp3.org.xpi
FF Extension: personas - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\personas@christopher.beard.xpi
FF Extension: No Name - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi
FF Extension: No Name - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{5a28d000-81c8-11de-8a39-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
FF Extension: No Name - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.3.19\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [4jffxtbr@RadioRage_4j.com] C:\Program Files (x86)\RadioRage_4j\bar\1.bin
FF Extension: RadioRage - C:\Program Files (x86)\RadioRage_4j\bar\1.bin
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] L:\Programme\Andere\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - L:\Programme\Andere\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
==================== Services (Whitelisted) =================
R2 Hamachi2Svc; L:\Programme\Andere\Hamachi\hamachi-2.exe [2470736 2013-06-28] (LogMeIn Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 RadioRage_4jService; C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbarsvc.exe [42504 2013-07-03] (COMPANYVERS_NAME)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36520 2012-09-13] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-05] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-05] (Symantec Corporation)
U3 EraserUtilDrv11220; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [138912 2013-08-16] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-06-05] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-06-05] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-06-05] (Symantec Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [98416 2012-01-16] (Atheros Communications, Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130815.022_fcc\ENG64.SYS [126040 2013-08-16] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130815.022_fcc\ENG64.SYS [126040 2013-08-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130815.022_fcc\EX64.SYS [2098776 2013-08-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130815.022_fcc\EX64.SYS [2098776 2013-08-16] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 DIRECTIO; \??\UNC\srv1c027-b.wds8-b.intern\reminst\Test\BitPro64\DirectIo.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-16 12:40 - 2013-08-16 12:40 - 00000000 ____D C:\FRST
2013-08-16 10:53 - 2013-08-16 10:53 - 00059608 _____ C:\Users\Liam\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-16 09:24 - 2013-08-16 14:09 - 00000000 ____D C:\Program Files (x86)\LyricsContainer
2013-08-12 15:36 - 2013-08-12 15:36 - 00019551 _____ C:\Users\Liam\AppData\Local\recently-used.xbel
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Leadertech
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\Users\Liam\AppData\Local\Logitech
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\ProgramData\LogiShrd
2013-08-09 18:12 - 2013-08-09 18:13 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-08-09 18:12 - 2013-08-09 18:12 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-08-09 18:12 - 2013-08-09 18:12 - 00000388 _____ C:\Windows\LkmdfCoInst.log
2013-08-09 18:11 - 2013-08-09 18:11 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Logitech
2013-08-09 18:11 - 2013-08-09 18:11 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Logishrd
2013-08-06 13:04 - 2013-08-16 14:12 - 00000886 _____ C:\Windows\setupact.log
2013-08-06 13:04 - 2013-08-06 13:04 - 00000000 _____ C:\Windows\setuperr.log
2013-08-06 13:03 - 2013-08-12 14:17 - 04893560 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-06 13:03 - 2013-08-06 13:49 - 00002040 _____ C:\Windows\PFRO.log
2013-08-05 17:06 - 2013-08-05 17:06 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-08-05 17:06 - 2013-04-29 20:00 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-08-05 17:06 - 2013-03-17 18:21 - 03649536 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2013-08-05 17:06 - 2012-06-09 19:21 - 00178688 _____ C:\Windows\SysWOW64\unrar.dll
2013-08-05 17:06 - 2011-12-21 19:14 - 00151552 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2013-08-05 17:06 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2013-08-05 17:06 - 2011-06-24 16:44 - 00243200 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-08-05 17:06 - 2011-06-24 16:28 - 00650752 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-08-04 12:54 - 2013-08-04 12:54 - 00003032 _____ C:\Windows\System32\Tasks\{7A426635-024D-43AF-AF3F-E160D3FB3227}
2013-08-04 12:45 - 2013-08-04 12:45 - 00000912 _____ C:\Windows\EF.ini
2013-08-04 12:40 - 2013-08-04 12:54 - 00000921 _____ C:\Windows\EFXP.ini
2013-08-04 12:40 - 2000-05-18 16:26 - 00328704 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe
2013-08-02 14:45 - 2013-08-16 14:10 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Winamp
2013-08-02 14:45 - 2013-08-02 14:45 - 00000799 _____ C:\Users\Liam\Desktop\Winamp.lnk
2013-08-02 14:45 - 2013-08-02 14:45 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-07-31 12:47 - 2013-07-31 12:47 - 00000000 ____D C:\Users\Liam\Desktop\Fluch der Karibik 4
2013-07-31 12:38 - 2013-07-31 12:38 - 00000000 ____D C:\Users\Liam\Documents\Nexus Mod Manager
2013-07-31 12:38 - 2013-07-31 12:38 - 00000000 ____D C:\Users\Liam\AppData\Local\Black_Tree_Gaming
2013-07-30 21:40 - 2013-07-30 21:40 - 00007605 _____ C:\Users\Liam\AppData\Local\Resmon.ResmonCfg
2013-07-30 21:30 - 2013-07-30 21:30 - 00000000 ____D C:\Users\Liam\AppData\Roaming\dvdcss
2013-07-27 20:32 - 2013-08-09 19:53 - 00000000 ___RD C:\Users\Liam\Desktop\Programme
2013-07-27 20:03 - 2013-07-27 20:03 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-27 20:03 - 2013-07-27 20:03 - 00000000 ____D C:\Program Files\CCleaner
2013-07-27 19:42 - 2013-08-16 14:10 - 00000000 ___RD C:\Users\Liam\Desktop\Games
2013-07-27 15:59 - 2013-07-27 15:59 - 00000000 ____D C:\Program Files (x86)\1-click run
2013-07-26 11:12 - 2013-07-26 11:17 - 00000000 ____D C:\ProgramData\Solidshield
==================== One Month Modified Files and Folders =======
2013-08-16 14:20 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-16 14:20 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-16 14:19 - 2013-03-26 18:28 - 01564995 _____ C:\Windows\WindowsUpdate.log
2013-08-16 14:13 - 2013-05-02 18:08 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-16 14:13 - 2013-04-22 15:36 - 00000000 ____D C:\Users\Liam\AppData\Local\LogMeIn Hamachi
2013-08-16 14:13 - 2013-04-19 21:33 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-16 14:12 - 2013-08-06 13:04 - 00000886 _____ C:\Windows\setupact.log
2013-08-16 14:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-16 14:11 - 2013-03-26 18:43 - 00000000 ____D C:\Users\Liam
2013-08-16 14:10 - 2013-08-02 14:45 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Winamp
2013-08-16 14:10 - 2013-07-27 19:42 - 00000000 ___RD C:\Users\Liam\Desktop\Games
2013-08-16 14:09 - 2013-08-16 09:24 - 00000000 ____D C:\Program Files (x86)\LyricsContainer
2013-08-16 14:09 - 2013-01-25 18:56 - 00000000 ____D C:\ProgramData\Norton
2013-08-16 14:09 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-16 14:09 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-08-16 14:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-16 14:07 - 2013-04-19 21:32 - 00000000 ____D C:\ProgramData\Real
2013-08-16 14:07 - 2013-04-19 17:38 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Skype
2013-08-16 12:40 - 2013-08-16 12:40 - 00000000 ____D C:\FRST
2013-08-16 11:13 - 2013-04-20 16:18 - 00000000 ____D C:\Users\Liam\AppData\Local\Windows Live
2013-08-16 10:53 - 2013-08-16 10:53 - 00059608 _____ C:\Users\Liam\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-15 17:33 - 2013-03-28 20:09 - 00000000 ____D C:\Users\Liam\AppData\Local\CrashDumps
2013-08-15 17:33 - 2013-01-25 18:28 - 00000000 ____D C:\Windows\Panther
2013-08-14 19:58 - 2013-07-15 22:20 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 19:07 - 2013-04-15 18:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-14 18:58 - 2013-04-19 21:33 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-14 16:21 - 2013-04-20 00:00 - 00003358 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000
2013-08-14 16:21 - 2013-04-20 00:00 - 00003222 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2844046150-3993658297-1854408014-1000
2013-08-12 16:27 - 2013-04-19 21:34 - 00003336 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000
2013-08-12 16:27 - 2013-04-19 21:34 - 00003200 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2844046150-3993658297-1854408014-1000
2013-08-12 15:36 - 2013-08-12 15:36 - 00019551 _____ C:\Users\Liam\AppData\Local\recently-used.xbel
2013-08-12 15:36 - 2013-04-29 19:47 - 00000000 ____D C:\Users\Liam\.gimp-2.8
2013-08-12 14:17 - 2013-08-06 13:03 - 04893560 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-09 19:53 - 2013-07-27 20:32 - 00000000 ___RD C:\Users\Liam\Desktop\Programme
2013-08-09 19:44 - 2013-03-26 18:44 - 00000000 ___RD C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Leadertech
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\Users\Liam\AppData\Local\Logitech
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\ProgramData\LogiShrd
2013-08-09 18:13 - 2013-08-09 18:12 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-08-09 18:12 - 2013-08-09 18:12 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-08-09 18:12 - 2013-08-09 18:12 - 00000388 _____ C:\Windows\LkmdfCoInst.log
2013-08-09 18:11 - 2013-08-09 18:11 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Logitech
2013-08-09 18:11 - 2013-08-09 18:11 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Logishrd
2013-08-08 21:36 - 2013-03-28 12:08 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Audacity
2013-08-08 15:32 - 2013-04-15 18:51 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-08 15:32 - 2013-03-30 14:05 - 00000000 ____D C:\Users\Liam\AppData\Local\Adobe
2013-08-08 15:32 - 2013-03-28 12:46 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-08 15:32 - 2013-03-28 12:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-07 13:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-06 13:49 - 2013-08-06 13:03 - 00002040 _____ C:\Windows\PFRO.log
2013-08-06 13:04 - 2013-08-06 13:04 - 00000000 _____ C:\Windows\setuperr.log
2013-08-05 17:06 - 2013-08-05 17:06 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-08-04 12:56 - 2013-03-28 13:14 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-04 12:54 - 2013-08-04 12:54 - 00003032 _____ C:\Windows\System32\Tasks\{7A426635-024D-43AF-AF3F-E160D3FB3227}
2013-08-04 12:54 - 2013-08-04 12:40 - 00000921 _____ C:\Windows\EFXP.ini
2013-08-04 12:45 - 2013-08-04 12:45 - 00000912 _____ C:\Windows\EF.ini
2013-08-02 14:45 - 2013-08-02 14:45 - 00000799 _____ C:\Users\Liam\Desktop\Winamp.lnk
2013-08-02 14:45 - 2013-08-02 14:45 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-07-31 12:47 - 2013-07-31 12:47 - 00000000 ____D C:\Users\Liam\Desktop\Fluch der Karibik 4
2013-07-31 12:45 - 2013-03-28 12:59 - 00000000 ____D C:\Users\Liam\AppData\Local\Oblivion
2013-07-31 12:44 - 2013-05-02 18:51 - 00000000 ____D C:\Users\Liam\AppData\Local\Skyrim
2013-07-31 12:38 - 2013-07-31 12:38 - 00000000 ____D C:\Users\Liam\Documents\Nexus Mod Manager
2013-07-31 12:38 - 2013-07-31 12:38 - 00000000 ____D C:\Users\Liam\AppData\Local\Black_Tree_Gaming
2013-07-30 21:40 - 2013-07-30 21:40 - 00007605 _____ C:\Users\Liam\AppData\Local\Resmon.ResmonCfg
2013-07-30 21:30 - 2013-07-30 21:30 - 00000000 ____D C:\Users\Liam\AppData\Roaming\dvdcss
2013-07-30 13:59 - 2013-04-19 21:33 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-29 19:21 - 2011-04-12 09:43 - 00698694 _____ C:\Windows\system32\perfh007.dat
2013-07-29 19:21 - 2011-04-12 09:43 - 00148834 _____ C:\Windows\system32\perfc007.dat
2013-07-29 19:21 - 2009-07-14 07:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-29 14:31 - 2013-06-06 17:15 - 00000000 ____D C:\Users\Liam\AppData\Roaming\.minecraft
2013-07-27 20:25 - 2013-05-26 20:49 - 00000000 ____D C:\Users\Liam\Tracing
2013-07-27 20:25 - 2013-05-26 19:47 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Sony
2013-07-27 20:25 - 2013-03-28 12:17 - 00000000 ____D C:\Users\Liam\AppData\Roaming\inkscape
2013-07-27 20:03 - 2013-07-27 20:03 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-27 20:03 - 2013-07-27 20:03 - 00000000 ____D C:\Program Files\CCleaner
2013-07-27 15:59 - 2013-07-27 15:59 - 00000000 ____D C:\Program Files (x86)\1-click run
2013-07-26 11:17 - 2013-07-26 11:12 - 00000000 ____D C:\ProgramData\Solidshield
2013-07-26 11:06 - 2013-03-28 13:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-26 03:28
==================== End Of Log ============================
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2013 01
Ran by Liam at 2013-08-16 14:53:31
Running from L:\Eigene Dateien\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe AIR (x32 Version: 3.7.0.1530)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Age of Conan: Unchained (x32)
Audacity 2.0.2 (x32 Version: 2.0.2)
Camtasia Studio 8 (x32 Version: 8.0.4.1060)
CCleaner (Version: 4.04)
Cinema 4D version R12 (x32 Version: R12)
concept/design onlineTV 8 (x32 Version: 8.4.0.0)
Cry of Fear (x32)
Cube World (x32 Version: 1)
D3DX10 (x32 Version: 15.4.2368.0902)
Dota 2 (x32)
Elite Force (x32)
Fotogalerie (x32 Version: 16.4.3505.0912)
Fraps (remove only) (x32)
Freemake Video Converter Version 4.0.2 (x32 Version: 4.0.2)
Galerie de photos (x32 Version: 16.4.3505.0912)
GameMaker: Studio (x32)
GIMP 2.8.4 (Version: 2.8.4)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
Greenfish Icon Editor Pro 3.25 (x32)
Half-Life Dedicated Server Update Tool (x32)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
K-Lite Mega Codec Pack 9.9.0 (x32 Version: 9.9.0)
Logitech Gaming Software (Version: 8.45.88)
Logitech Gaming Software 8.46 (Version: 8.46.27)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft .NET Framework 4.5 FRA Language Pack (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Module linguistique de Microsoft .NET Framework 4.5 - FRA (Version: 4.5.50709)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Norton 360 (x32 Version: 20.4.0.40)
Norton Identity Safe (x32 Version: 2013.4.0.10)
Oblivion - Construction Set (x32 Version: 1.00.0000)
Oblivion (x32 Version: 1.00.0000)
Photo Gallery (x32 Version: 16.4.3505.0912)
Pivot Animator version 4.1.9 (x32 Version: 4.1.9)
PlanetSide 2 (HKCU Version: 1.0.3.183)
RadioRage Firefox Toolbar (x32)
RadioRage Internet Explorer Toolbar (x32)
RealDownloader (x32 Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2005 Runtime (x32 Version: 8.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)
RealPlayer (x32 Version: 16.0.2)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6675)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Skype™ 6.6 (x32 Version: 6.6.106)
Source Filmmaker (x32)
Star Wars Battlefront (x32 Version: 1.0)
Star Wars Battlefront II (x32 Version: 1.0)
Steam (x32 Version: 1.0.0.0)
Team Fortress 2 (x32)
The Elder Scrolls V: Skyrim (x32)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
us Mod Manager (Version: 0.45.5)
Vegas Pro 12.0 (64-bit) (Version: 12.0.563)
Winamp (x32 Version: 5.65 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live (x32 Version: 16.4.3505.0912)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live Family Safety (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0)
==================== Restore Points =========================
14-08-2013 17:52:36 Windows Update
15-08-2013 15:34:09 DirectX wurde installiert
15-08-2013 18:04:02 DirectX wurde installiert
16-08-2013 12:05:50 Wiederherstellungsvorgang
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {058649EE-7486-43AA-A1C6-48387062C141} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {40690C1F-1092-49CD-B30A-C9BFAD20CE71} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe [2013-05-30] (Symantec Corporation)
Task: {4778DFE2-6047-48B9-9557-687453BADAAB} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe No File
Task: {4C03F15E-2447-4FAE-9261-C2FC57E6653B} - System32\Tasks\EPUpdater => C:\Users\Liam\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {4C1B7082-60FC-4C70-94B7-E03D7434EEA4} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {4F56EF5D-A68A-4FE1-8159-D966C7E76DB2} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {51A548DA-58D6-4DB1-B243-469075D1E63A} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe [2013-05-30] (Symantec Corporation)
Task: {5670462F-E306-46C9-A54B-5E1A788C3AAB} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {5EAF4290-5365-432E-87E6-CCF0C6ACAFF9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {66B3C01B-319A-42F1-BBBB-D9B7933919D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-19] (Google Inc.)
Task: {94EB5A90-1D03-4C9F-8E72-C41CFF134B73} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {A1A622A4-3035-43EF-B5D8-4E54B3F7854B} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {A7630FAB-6E7C-4F3D-A04B-A08A9FE90A0E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-08] (Adobe Systems Incorporated)
Task: {AE108DA4-ED17-41EA-B65D-62E3F8495216} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {B9A0A33C-490E-4A2A-85E4-810995CA95DA} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {C3FAC4D3-8951-4423-A844-2CE8214A6A68} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {C533FF3C-E8E5-4F5E-9FEB-A74818598775} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {E166D3FC-7868-4DA5-9AA6-BFCA8D69BAEF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {F0AD76E3-C45B-4904-8DC8-4C6028C73C48} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {F1FD97D9-2569-4077-9ABE-B33E21EBD91C} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {F3AFD570-33C1-48FB-87C6-D161E4F0543D} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {FAF4C6CA-7890-449D-8642-C2091BA5F166} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/16/2013 02:14:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2013 11:54:20 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/16/2013 09:24:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2013 03:05:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x520aac6e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xde8
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3
Error: (08/15/2013 01:20:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2013 10:20:44 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/14/2013 07:50:14 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x520aac6e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x1f08
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3
Error: (08/14/2013 04:23:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2013 10:20:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x52059485
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x1424
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3
Error: (08/13/2013 07:50:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PlanetSide2.exe, Version: 0.0.0.0, Zeitstempel: 0x52059485
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xd4c
Startzeit der fehlerhaften Anwendung: 0xPlanetSide2.exe0
Pfad der fehlerhaften Anwendung: PlanetSide2.exe1
Pfad des fehlerhaften Moduls: PlanetSide2.exe2
Berichtskennung: PlanetSide2.exe3
System errors:
=============
Error: (08/16/2013 02:12:54 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SRTSP
Error: (08/16/2013 02:12:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5.
Error: (08/16/2013 02:12:27 PM) (Source: SRTSP) (User: )
Description: Error loading virus definitions.
Error: (08/16/2013 02:11:50 PM) (Source: SRTSP) (User: )
Description: Error loading virus definitions.
Error: (08/06/2013 02:44:30 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:44:25 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:44:20 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:44:15 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:44:10 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (08/06/2013 02:44:05 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Microsoft Office Sessions:
=========================
Error: (08/16/2013 02:14:18 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2013 11:54:20 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe
Error: (08/16/2013 09:24:42 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2013 03:05:10 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.0520aac6eKERNELBASE.dll6.1.7601.1801550b83c8ac00000050000c41fde801ce99aa8edeb2faG:\Sony Online Entertainment\Installed Games\Planetside 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dll503fcfa7-05ab-11e3-a58a-3085a9457ac6
Error: (08/15/2013 01:20:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2013 10:20:44 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/14/2013 07:50:14 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.0520aac6eKERNELBASE.dll6.1.7601.1801550b83c8ac00000050000c41f1f0801ce98fe277e4f38G:\Sony Online Entertainment\Installed Games\Planetside 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dllf89a52ea-0509-11e3-84e8-3085a9457ac6
Error: (08/14/2013 04:23:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2013 10:20:46 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.052059485KERNELBASE.dll6.1.7601.1801550b83c8ac00000050000c41f142401ce984dc322faadG:\Sony Online Entertainment\Installed Games\Planetside 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dlld5a78544-0455-11e3-9e95-3085a9457ac6
Error: (08/13/2013 07:50:36 PM) (Source: Application Error)(User: )
Description: PlanetSide2.exe0.0.0.052059485KERNELBASE.dll6.1.7601.1801550b83c8ac00000050000c41fd4c01ce982f83297c6dG:\Sony Online Entertainment\Installed Games\Planetside 2 PSG\PlanetSide2.exeC:\Windows\syswow64\KERNELBASE.dlldb5a5d0a-0440-11e3-9e95-3085a9457ac6
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 7641.29 MB
Available physical RAM: 5399.35 MB
Total Pagefile: 15280.77 MB
Available Pagefile: 12989.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:97.66 GB) (Free:46.34 GB) NTFS
Drive g: (Spiele) (Fixed) (Total:195.31 GB) (Free:113.7 GB) NTFS
Drive l: (Allgemein) (Fixed) (Total:627.16 GB) (Free:148.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 624C9C72)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=822 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=11 GB) - (Type=27)
==================== End Of Log ============================
 |
|
16.08.2013, 15:16
| #7 | |
| /// TB-Ausbilder | LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Servus, Zitat:
 Aber wenn du meinst, es besser zu wissen...  |
|
16.08.2013, 18:11
| #8 |
| | LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Achso, na dann weiter mit Schritt 1. Die NEUEN System-Scans hab ich ja gepostet.Textdatei von Schritt 1: Code:
ATTFilter # AdwCleaner v2.306 - Datei am 16/08/2013 um 19:05:46 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Liam - LIAM-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Liam\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\searchplugins\delta.xml
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\LyricsContainer
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Liam\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Liam\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Liam\AppData\Roaming\ExpressFiles
Ordner Gelöscht : C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Ordner Gelöscht : C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\extensions\4jffxtbr@RadioRage_4j.com
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\ExpressFiles
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\d55dfd1b36fe415
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\ExpressFiles
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\d55dfd1b36fe415
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Freemake Video Converter_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\prefs.js
C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\user.js ... Gelöscht !
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.dfltLng", "de");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.id", "fc187c8d0000000000003085a9457ac6");
Gelöscht : user_pref("extensions.delta.instlDay", "15879");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.521:03:47");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=4922");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Gelöscht : user_pref("extensions.toolbar.mindspark._4jMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?p[...]
*************************
AdwCleaner[S1].txt - [16095 octets] - [16/08/2013 19:05:46]
########## EOF - C:\AdwCleaner[S1].txt - [16156 octets] ##########
Geändert von WritersM (16.08.2013 um 18:44 Uhr) |
|
16.08.2013, 18:16
| #9 | |
| /// TB-Ausbilder | LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Servus, Zitat:
 Weiter gehts mit JRT und MBAM bitte.  |
|
16.08.2013, 18:26
| #10 |
| | Tja, AW: LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Sorry, da merkt man mal, wie wenig ich eigentlich weiß.  Haha.Hier der Inhalt von JRT.txt: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.6 (08.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by Liam on 16.08.2013 at 19:17:49,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] radiorage_4jservice
Successfully deleted: [Service] radiorage_4jservice
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\browserpluginhelper
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\radiorage search scope monitor
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\radiorage_4j browser plugin loader
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0E4607E6-B308-42E2-83F0-84700C98F745}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48909954-14FB-4971-A7B3-47E7AF10B38A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5848763C-2668-44CA-ADBE-2999A6EE2858}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Liam\appdata\local\radiorage_4j"
Successfully deleted: [Folder] "C:\Users\Liam\appdata\locallow\radiorage_4j"
Failed to delete: [Folder] "C:\Program Files (x86)\radiorage_4j"
~~~ FireFox
Successfully deleted: [File] C:\Users\Liam\AppData\Roaming\mozilla\firefox\profiles\xdg5gi64.default\invalidprefs.js
Successfully deleted the following from C:\Users\Liam\AppData\Roaming\mozilla\firefox\profiles\xdg5gi64.default\prefs.js
user_pref("extensions.toolbar.mindspark._4jMembers_.hp.user.defined", true);
user_pref("extensions.toolbar.mindspark._4jMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._4jMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._4jMembers_.installation.installDate", "2013070321");
user_pref("extensions.toolbar.mindspark._4jMembers_.installation.partnerId", "^ZX^xdm070^YYA^de");
user_pref("extensions.toolbar.mindspark._4jMembers_.installation.partnerSubId", "");
user_pref("extensions.toolbar.mindspark._4jMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._4jMembers_.installation.toolbarId", "B450B385-E276-4AC8-BEB3-A36BE29DB740");
user_pref("extensions.toolbar.mindspark._4jMembers_.lastActivePing", "1376655286133");
user_pref("extensions.toolbar.mindspark._4jMembers_.options.defaultSearch", false);
user_pref("extensions.toolbar.mindspark._4jMembers_.options.homePageEnabled", false);
user_pref("extensions.toolbar.mindspark._4jMembers_.options.keywordEnabled", false);
user_pref("extensions.toolbar.mindspark._4jMembers_.options.tabEnabled", false);
user_pref("extensions.toolbar.mindspark._4jMembers_.searchHistory", "Otto Waalkes");
user_pref("extensions.toolbar.mindspark._4jMembers_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark.lastInstalled", "radiorage@mindspark.com");
Emptied folder: C:\Users\Liam\AppData\Roaming\mozilla\firefox\profiles\xdg5gi64.default\minidumps [48 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.08.2013 at 19:22:50,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Geändert von WritersM (16.08.2013 um 18:47 Uhr) |
|
16.08.2013, 18:29
| #11 |
| /// TB-Ausbilder | LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Servus, ok, fehlt noch MBAM. |
|
16.08.2013, 18:38
| #12 |
| | LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? UND der Logfile von Schritt 3: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.16.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16635 Liam :: LIAM-PC [Administrator] 16.08.2013 19:33:40 mbam-log-2013-08-16 (19-33-40).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 214789 Laufzeit: 2 Minute(n), 44 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8274B04B-9825-21EC-95CB-0DE78B0AF4EF} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\Program Files (x86)\Tuguu SL\VAFPlayer (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 2 C:\ProgramData\InstallMate\{68B4B7D7-2FC0-4DC9-AF22-67E2B3579521}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{68B4B7D7-2FC0-4DC9-AF22-67E2B3579521}\TsuDll.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Geändert von WritersM (16.08.2013 um 18:49 Uhr) |
|
17.08.2013, 12:30
| #13 | |
| /// TB-Ausbilder | LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Servus, Zitat:
sieht gut aus. Wir spüren die letzten Reste auf, damit wie sie später entfernen können: Schritt 1 Kontrollscan mit FRST Führe wie zuvor beschrieben einen Scan mit FRST aus. Setze dazu eine Haken bei Addition.txt rechts unten und klicke auf Scan. Es werden wieder zwei Logdateien erzeugt. Poste mir diese. Schritt 2 Lade SystemLook von jpshortstuff vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop. SystemLook (64 bit)
Gibt es noch Probleme mit Malware? Wenn ja, welche? Wie läuft der Rechner derzeit? Bitte poste mit deiner nächsten Antwort
|
|
17.08.2013, 12:50
| #14 |
| | LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Inhalt von FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2013 01
Ran by Liam (administrator) on 17-08-2013 13:37:56
Running from L:\Eigene Dateien\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(LogMeIn Inc.) L:\Programme\Andere\Hamachi\hamachi-2.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(RealNetworks, Inc.) L:\Programme\Andere\Real\Update\realsched.exe
(LogMeIn Inc.) L:\Programme\Andere\Hamachi\hamachi-2-ui.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6549136 2012-07-09] (Realtek Semiconductor)
HKLM\...\Run: [RadioRage Home Page Guard 64 bit] - C:\PROGRA~2\RADIOR~2\bar\1.bin\AppIntegrator64.exe [548936 2013-07-03] ()
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1807272 2013-07-27] (Valve Corporation)
MountPoints2: {8c1d9880-962e-11e2-bfb2-806e6f6e6963} - D:\LaunchBFII.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - L:\Programme\Andere\Real\update\realsched.exe [295512 2013-05-26] (RealNetworks, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - L:\Programme\Andere\Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
Startup: C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files\Logitech Gaming Software\EReg\eReg.exe (Leader Technologies/Logitech)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
URLSearchHook: (No Name) - {3c35ad63-af1d-4e21-b484-b6651a8efcf9} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {A265D837-23A4-44BB-BA3F-B78607D0D4AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {A265D837-23A4-44BB-BA3F-B78607D0D4AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - RadioRage - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: hxxp://www.google.com/ig
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - L:\Programme\Player & Reader\Winamp Detect\npwachk.dll No File
FF Plugin-x32: @RadioRage_4j.com/Plugin - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\NP4jStub.dll No File
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - L:\Programme\Andere\Real\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - L:\Programme\Andere\Real\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - L:\Programme\Player & Reader\Adobe\Adobe Reader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\searchplugins\webwebweb.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\ich@maltegoetz.de
FF Extension: Flash and Video Download - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: adblockpopups - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: info - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\info@youtube-mp3.org.xpi
FF Extension: personas - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\personas@christopher.beard.xpi
FF Extension: No Name - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi
FF Extension: No Name - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{5a28d000-81c8-11de-8a39-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
FF Extension: No Name - C:\Users\Liam\AppData\Roaming\Mozilla\Firefox\Profiles\xdg5gi64.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.3.19\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [4jffxtbr@RadioRage_4j.com] C:\Program Files (x86)\RadioRage_4j\bar\1.bin
FF Extension: No Name - C:\Program Files (x86)\RadioRage_4j\bar\1.bin
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] L:\Programme\Andere\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - L:\Programme\Andere\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
==================== Services (Whitelisted) =================
R2 Hamachi2Svc; L:\Programme\Andere\Hamachi\hamachi-2.exe [2470736 2013-06-28] (LogMeIn Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36520 2012-09-13] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-08-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-08-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-06-05] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-06-05] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-06-05] (Symantec Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [98416 2012-01-16] (Atheros Communications, Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130816.003\ENG64.SYS [126040 2013-08-16] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130816.003\ENG64.SYS [126040 2013-08-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130816.003\EX64.SYS [2098776 2013-08-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130816.003\EX64.SYS [2098776 2013-08-16] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 DIRECTIO; \??\UNC\srv1c027-b.wds8-b.intern\reminst\Test\BitPro64\DirectIo.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-16 21:38 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 21:38 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 21:38 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 21:38 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 21:38 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 21:38 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 21:38 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 21:38 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 21:38 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 21:38 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 21:38 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 21:38 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 21:38 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 21:38 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 21:38 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 21:38 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-16 21:38 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-16 21:38 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-16 21:38 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-16 21:38 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-16 21:38 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-16 21:38 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-16 21:38 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-16 21:38 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-16 21:38 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-16 21:38 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-16 21:38 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-16 21:38 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-16 21:38 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-16 21:38 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 21:38 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-16 19:33 - 2013-08-16 19:33 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Malwarebytes
2013-08-16 19:32 - 2013-08-16 19:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-16 19:32 - 2013-08-16 19:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-16 19:32 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-16 19:22 - 2013-08-16 19:22 - 00004215 _____ C:\Users\Liam\Desktop\JRT.txt
2013-08-16 19:17 - 2013-08-16 19:17 - 00000000 ____D C:\Windows\ERUNT
2013-08-16 19:12 - 2013-08-16 19:12 - 01159319 _____ (Thisisu) C:\Users\Liam\Desktop\JRT.exe
2013-08-16 19:05 - 2013-08-16 19:06 - 00016128 _____ C:\AdwCleaner[S1].txt
2013-08-16 19:02 - 2013-08-16 19:02 - 00666633 _____ C:\Users\Liam\Desktop\adwcleaner.exe
2013-08-16 14:19 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-16 14:19 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-16 14:19 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-16 14:19 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-16 14:19 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-16 14:19 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-16 14:19 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-16 14:19 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-16 14:18 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-16 14:18 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-16 14:18 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-16 14:18 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-16 14:18 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-16 14:18 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-16 14:17 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-16 14:17 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-16 12:40 - 2013-08-16 12:40 - 00000000 ____D C:\FRST
2013-08-16 10:53 - 2013-08-16 10:53 - 00059608 _____ C:\Users\Liam\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-12 15:36 - 2013-08-12 15:36 - 00019551 _____ C:\Users\Liam\AppData\Local\recently-used.xbel
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Leadertech
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\Users\Liam\AppData\Local\Logitech
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\ProgramData\LogiShrd
2013-08-09 18:12 - 2013-08-09 18:13 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-08-09 18:12 - 2013-08-09 18:12 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-08-09 18:12 - 2013-08-09 18:12 - 00000388 _____ C:\Windows\LkmdfCoInst.log
2013-08-09 18:11 - 2013-08-09 18:11 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Logitech
2013-08-09 18:11 - 2013-08-09 18:11 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Logishrd
2013-08-06 13:04 - 2013-08-17 13:32 - 00001054 _____ C:\Windows\setupact.log
2013-08-06 13:04 - 2013-08-06 13:04 - 00000000 _____ C:\Windows\setuperr.log
2013-08-06 13:03 - 2013-08-16 19:39 - 00003814 _____ C:\Windows\PFRO.log
2013-08-06 13:03 - 2013-08-12 14:17 - 04893560 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-05 17:06 - 2013-08-05 17:06 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-08-05 17:06 - 2013-04-29 20:00 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-08-05 17:06 - 2013-03-17 18:21 - 03649536 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2013-08-05 17:06 - 2012-06-09 19:21 - 00178688 _____ C:\Windows\SysWOW64\unrar.dll
2013-08-05 17:06 - 2011-12-21 19:14 - 00151552 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2013-08-05 17:06 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2013-08-05 17:06 - 2011-06-24 16:44 - 00243200 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-08-05 17:06 - 2011-06-24 16:28 - 00650752 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-08-04 12:54 - 2013-08-04 12:54 - 00003032 _____ C:\Windows\System32\Tasks\{7A426635-024D-43AF-AF3F-E160D3FB3227}
2013-08-04 12:45 - 2013-08-04 12:45 - 00000912 _____ C:\Windows\EF.ini
2013-08-04 12:40 - 2013-08-04 12:54 - 00000921 _____ C:\Windows\EFXP.ini
2013-08-04 12:40 - 2000-05-18 16:26 - 00328704 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe
2013-08-02 14:45 - 2013-08-16 14:10 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Winamp
2013-08-02 14:45 - 2013-08-02 14:45 - 00000799 _____ C:\Users\Liam\Desktop\Winamp.lnk
2013-08-02 14:45 - 2013-08-02 14:45 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-07-31 12:47 - 2013-07-31 12:47 - 00000000 ____D C:\Users\Liam\Desktop\Fluch der Karibik 4
2013-07-31 12:38 - 2013-07-31 12:38 - 00000000 ____D C:\Users\Liam\Documents\Nexus Mod Manager
2013-07-31 12:38 - 2013-07-31 12:38 - 00000000 ____D C:\Users\Liam\AppData\Local\Black_Tree_Gaming
2013-07-30 21:40 - 2013-07-30 21:40 - 00007605 _____ C:\Users\Liam\AppData\Local\Resmon.ResmonCfg
2013-07-30 21:30 - 2013-07-30 21:30 - 00000000 ____D C:\Users\Liam\AppData\Roaming\dvdcss
2013-07-27 20:32 - 2013-08-16 21:02 - 00000000 ___RD C:\Users\Liam\Desktop\Programme
2013-07-27 20:03 - 2013-07-27 20:03 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-27 20:03 - 2013-07-27 20:03 - 00000000 ____D C:\Program Files\CCleaner
2013-07-27 19:42 - 2013-08-16 16:57 - 00000000 ___RD C:\Users\Liam\Desktop\Games
2013-07-27 15:59 - 2013-07-27 15:59 - 00000000 ____D C:\Program Files (x86)\1-click run
2013-07-26 11:12 - 2013-07-26 11:17 - 00000000 ____D C:\ProgramData\Solidshield
==================== One Month Modified Files and Folders =======
2013-08-17 13:35 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-17 13:35 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-17 13:34 - 2013-05-02 18:08 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-17 13:34 - 2013-04-22 15:36 - 00000000 ____D C:\Users\Liam\AppData\Local\LogMeIn Hamachi
2013-08-17 13:34 - 2013-04-20 00:00 - 00003358 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000
2013-08-17 13:34 - 2013-04-20 00:00 - 00003222 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2844046150-3993658297-1854408014-1000
2013-08-17 13:34 - 2013-04-19 21:33 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-17 13:33 - 2013-01-25 18:28 - 00000000 ____D C:\Windows\Panther
2013-08-17 13:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-17 13:32 - 2013-08-06 13:04 - 00001054 _____ C:\Windows\setupact.log
2013-08-16 21:43 - 2013-03-26 18:28 - 01918739 _____ C:\Windows\WindowsUpdate.log
2013-08-16 21:29 - 2013-07-15 22:20 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 21:29 - 2013-04-19 17:06 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-16 21:07 - 2013-04-15 18:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-16 21:02 - 2013-07-27 20:32 - 00000000 ___RD C:\Users\Liam\Desktop\Programme
2013-08-16 20:58 - 2013-04-19 21:33 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-16 19:53 - 2013-04-19 17:38 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Skype
2013-08-16 19:39 - 2013-08-06 13:03 - 00003814 _____ C:\Windows\PFRO.log
2013-08-16 19:37 - 2013-04-29 14:41 - 00000000 ____D C:\Program Files (x86)\Tuguu SL
2013-08-16 19:33 - 2013-08-16 19:33 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Malwarebytes
2013-08-16 19:32 - 2013-08-16 19:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-16 19:32 - 2013-08-16 19:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-16 19:22 - 2013-08-16 19:22 - 00004215 _____ C:\Users\Liam\Desktop\JRT.txt
2013-08-16 19:17 - 2013-08-16 19:17 - 00000000 ____D C:\Windows\ERUNT
2013-08-16 19:12 - 2013-08-16 19:12 - 01159319 _____ (Thisisu) C:\Users\Liam\Desktop\JRT.exe
2013-08-16 19:06 - 2013-08-16 19:05 - 00016128 _____ C:\AdwCleaner[S1].txt
2013-08-16 19:02 - 2013-08-16 19:02 - 00666633 _____ C:\Users\Liam\Desktop\adwcleaner.exe
2013-08-16 19:00 - 2013-03-28 20:09 - 00000000 ____D C:\Users\Liam\AppData\Local\CrashDumps
2013-08-16 16:57 - 2013-07-27 19:42 - 00000000 ___RD C:\Users\Liam\Desktop\Games
2013-08-16 15:38 - 2013-07-04 18:59 - 00001063 _____ C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk
2013-08-16 14:11 - 2013-03-26 18:43 - 00000000 ____D C:\Users\Liam
2013-08-16 14:10 - 2013-08-02 14:45 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Winamp
2013-08-16 14:09 - 2013-01-25 18:56 - 00000000 ____D C:\ProgramData\Norton
2013-08-16 14:09 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-16 14:09 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-08-16 14:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-16 14:07 - 2013-04-19 21:32 - 00000000 ____D C:\ProgramData\Real
2013-08-16 12:40 - 2013-08-16 12:40 - 00000000 ____D C:\FRST
2013-08-16 11:13 - 2013-04-20 16:18 - 00000000 ____D C:\Users\Liam\AppData\Local\Windows Live
2013-08-16 10:53 - 2013-08-16 10:53 - 00059608 _____ C:\Users\Liam\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-12 16:27 - 2013-04-19 21:34 - 00003336 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000
2013-08-12 16:27 - 2013-04-19 21:34 - 00003200 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2844046150-3993658297-1854408014-1000
2013-08-12 15:36 - 2013-08-12 15:36 - 00019551 _____ C:\Users\Liam\AppData\Local\recently-used.xbel
2013-08-12 15:36 - 2013-04-29 19:47 - 00000000 ____D C:\Users\Liam\.gimp-2.8
2013-08-12 14:17 - 2013-08-06 13:03 - 04893560 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-09 19:44 - 2013-03-26 18:44 - 00000000 ___RD C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Leadertech
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\Users\Liam\AppData\Local\Logitech
2013-08-09 18:55 - 2013-08-09 18:55 - 00000000 ____D C:\ProgramData\LogiShrd
2013-08-09 18:13 - 2013-08-09 18:12 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-08-09 18:12 - 2013-08-09 18:12 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-08-09 18:12 - 2013-08-09 18:12 - 00000388 _____ C:\Windows\LkmdfCoInst.log
2013-08-09 18:11 - 2013-08-09 18:11 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Logitech
2013-08-09 18:11 - 2013-08-09 18:11 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Logishrd
2013-08-08 21:36 - 2013-03-28 12:08 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Audacity
2013-08-08 15:32 - 2013-04-15 18:51 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-08 15:32 - 2013-03-30 14:05 - 00000000 ____D C:\Users\Liam\AppData\Local\Adobe
2013-08-08 15:32 - 2013-03-28 12:46 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-08 15:32 - 2013-03-28 12:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-07 13:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-06 13:04 - 2013-08-06 13:04 - 00000000 _____ C:\Windows\setuperr.log
2013-08-05 17:06 - 2013-08-05 17:06 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-08-04 12:56 - 2013-03-28 13:14 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-04 12:54 - 2013-08-04 12:54 - 00003032 _____ C:\Windows\System32\Tasks\{7A426635-024D-43AF-AF3F-E160D3FB3227}
2013-08-04 12:54 - 2013-08-04 12:40 - 00000921 _____ C:\Windows\EFXP.ini
2013-08-04 12:45 - 2013-08-04 12:45 - 00000912 _____ C:\Windows\EF.ini
2013-08-02 14:45 - 2013-08-02 14:45 - 00000799 _____ C:\Users\Liam\Desktop\Winamp.lnk
2013-08-02 14:45 - 2013-08-02 14:45 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-07-31 12:47 - 2013-07-31 12:47 - 00000000 ____D C:\Users\Liam\Desktop\Fluch der Karibik 4
2013-07-31 12:45 - 2013-03-28 12:59 - 00000000 ____D C:\Users\Liam\AppData\Local\Oblivion
2013-07-31 12:44 - 2013-05-02 18:51 - 00000000 ____D C:\Users\Liam\AppData\Local\Skyrim
2013-07-31 12:38 - 2013-07-31 12:38 - 00000000 ____D C:\Users\Liam\Documents\Nexus Mod Manager
2013-07-31 12:38 - 2013-07-31 12:38 - 00000000 ____D C:\Users\Liam\AppData\Local\Black_Tree_Gaming
2013-07-30 21:40 - 2013-07-30 21:40 - 00007605 _____ C:\Users\Liam\AppData\Local\Resmon.ResmonCfg
2013-07-30 21:30 - 2013-07-30 21:30 - 00000000 ____D C:\Users\Liam\AppData\Roaming\dvdcss
2013-07-30 13:59 - 2013-04-19 21:33 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-29 19:21 - 2011-04-12 09:43 - 00698694 _____ C:\Windows\system32\perfh007.dat
2013-07-29 19:21 - 2011-04-12 09:43 - 00148834 _____ C:\Windows\system32\perfc007.dat
2013-07-29 19:21 - 2009-07-14 07:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-29 14:31 - 2013-06-06 17:15 - 00000000 ____D C:\Users\Liam\AppData\Roaming\.minecraft
2013-07-27 20:25 - 2013-05-26 20:49 - 00000000 ____D C:\Users\Liam\Tracing
2013-07-27 20:25 - 2013-05-26 19:47 - 00000000 ____D C:\Users\Liam\AppData\Roaming\Sony
2013-07-27 20:25 - 2013-03-28 12:17 - 00000000 ____D C:\Users\Liam\AppData\Roaming\inkscape
2013-07-27 20:03 - 2013-07-27 20:03 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-27 20:03 - 2013-07-27 20:03 - 00000000 ____D C:\Program Files\CCleaner
2013-07-27 15:59 - 2013-07-27 15:59 - 00000000 ____D C:\Program Files (x86)\1-click run
2013-07-26 11:17 - 2013-07-26 11:12 - 00000000 ____D C:\ProgramData\Solidshield
2013-07-26 11:06 - 2013-03-28 13:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-26 07:13 - 2013-08-16 21:38 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-16 21:38 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-16 21:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-16 21:38 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-16 21:38 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-16 21:38 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-16 21:38 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-16 21:38 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-16 21:38 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-16 21:38 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-16 21:38 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-16 21:38 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-16 21:38 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-16 21:38 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-16 21:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-16 21:38 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-16 21:38 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-16 21:38 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-16 21:38 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-16 21:38 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-16 21:38 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-16 21:38 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-16 21:38 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-16 21:38 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-16 21:38 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-16 21:38 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-16 21:38 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-16 21:38 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-16 21:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-16 21:38 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-16 21:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 11:25 - 2013-08-16 14:18 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-16 14:18 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-19 03:58 - 2013-08-16 14:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-19 03:41 - 2013-08-16 14:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-26 03:28
==================== End Of Log ============================
--- --- --- Und der Inhalt von Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2013 01 Ran by Liam at 2013-08-17 13:38:19 Running from L:\Eigene Dateien\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe AIR (x32 Version: 3.7.0.1530) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Help Manager (x32 Version: 4.0.244) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Age of Conan: Unchained (x32) Audacity 2.0.2 (x32 Version: 2.0.2) Camtasia Studio 8 (x32 Version: 8.0.4.1060) CCleaner (Version: 4.04) Cinema 4D version R12 (x32 Version: R12) concept/design onlineTV 8 (x32 Version: 8.4.0.0) Cry of Fear (x32) Cube World (x32 Version: 1) D3DX10 (x32 Version: 15.4.2368.0902) Dota 2 (x32) Elite Force (x32) Fotogalerie (x32 Version: 16.4.3505.0912) Fraps (remove only) (x32) Galerie de photos (x32 Version: 16.4.3505.0912) GameMaker: Studio (x32) GIMP 2.8.4 (Version: 2.8.4) Google Earth (x32 Version: 7.1.1.1888) Google Update Helper (x32 Version: 1.3.21.153) Greenfish Icon Editor Pro 3.25 (x32) Half-Life Dedicated Server Update Tool (x32) Java 7 Update 21 (64-bit) (Version: 7.0.210) Junk Mail filter update (x32 Version: 16.4.3505.0912) K-Lite Mega Codec Pack 9.9.0 (x32 Version: 9.9.0) Logitech Gaming Software (Version: 8.45.88) Logitech Gaming Software 8.46 (Version: 8.46.27) LogMeIn Hamachi (x32 Version: 2.1.0.374) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4.5 (Version: 4.5.50709) Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709) Microsoft .NET Framework 4.5 FRA Language Pack (Version: 4.5.50709) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000) Module linguistique de Microsoft .NET Framework 4.5 - FRA (Version: 4.5.50709) Movie Maker (x32 Version: 16.4.3505.0912) Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0) Mozilla Maintenance Service (x32 Version: 22.0) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT Redists (Version: 1.0) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSVCRT110 (x32 Version: 16.4.1108.0727) MSVCRT110_amd64 (Version: 16.4.1109.0912) Norton 360 (x32 Version: 20.4.0.40) Norton Identity Safe (x32 Version: 2013.4.0.10) Oblivion - Construction Set (x32 Version: 1.00.0000) Oblivion (x32 Version: 1.00.0000) Photo Gallery (x32 Version: 16.4.3505.0912) Pivot Animator version 4.1.9 (x32 Version: 4.1.9) PlanetSide 2 (HKCU Version: 1.0.3.183) RadioRage Firefox Toolbar (x32) RadioRage Internet Explorer Toolbar (x32) RealDownloader (x32 Version: 1.3.2) RealNetworks - Microsoft Visual C++ 2005 Runtime (x32 Version: 8.0) RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0) RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0) RealPlayer (x32 Version: 16.0.2) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6675) RealUpgrade 1.1 (x32 Version: 1.1.0) Skype™ 6.6 (x32 Version: 6.6.106) Source Filmmaker (x32) Star Wars Battlefront (x32 Version: 1.0) Star Wars Battlefront II (x32 Version: 1.0) Steam (x32 Version: 1.0.0.0) Team Fortress 2 (x32) The Elder Scrolls V: Skyrim (x32) Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1) Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1) Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1) us Mod Manager (Version: 0.45.5) Vegas Pro 12.0 (64-bit) (Version: 12.0.563) Winamp (x32 Version: 5.65 ) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1) Windows Live (x32 Version: 16.4.3505.0912) Windows Live Communications Platform (x32 Version: 16.4.3505.0912) Windows Live Essentials (x32 Version: 16.4.3505.0912) Windows Live Family Safety (Version: 16.4.3505.0912) Windows Live Family Safety (x32 Version: 16.4.3505.0912) Windows Live ID Sign-in Assistant (Version: 7.250.4311.0) Windows Live Installer (x32 Version: 16.4.3505.0912) Windows Live Mail (x32 Version: 16.4.3505.0912) Windows Live Messenger (x32 Version: 16.4.3505.0912) Windows Live MIME IFilter (Version: 16.4.3505.0912) Windows Live Photo Common (x32 Version: 16.4.3505.0912) Windows Live PIMT Platform (x32 Version: 16.4.3505.0912) Windows Live SOXE (x32 Version: 16.4.3505.0912) Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912) Windows Live UX Platform (x32 Version: 16.4.3505.0912) Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912) Windows Live Writer (x32 Version: 16.4.3505.0912) Windows Live Writer Resources (x32 Version: 16.4.3505.0912) WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0) ==================== Restore Points ========================= 14-08-2013 17:52:36 Windows Update 15-08-2013 15:34:09 DirectX wurde installiert 15-08-2013 18:04:02 DirectX wurde installiert 16-08-2013 12:05:50 Wiederherstellungsvorgang 16-08-2013 13:38:18 DirectX wurde installiert 16-08-2013 19:28:59 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {058649EE-7486-43AA-A1C6-48387062C141} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.) Task: {3C3B83E6-CF4D-4365-AADA-A9F80234594C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.) Task: {40690C1F-1092-49CD-B30A-C9BFAD20CE71} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe [2013-05-30] (Symantec Corporation) Task: {4778DFE2-6047-48B9-9557-687453BADAAB} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe No File Task: {4C03F15E-2447-4FAE-9261-C2FC57E6653B} - System32\Tasks\EPUpdater => C:\Users\Liam\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File Task: {4C1B7082-60FC-4C70-94B7-E03D7434EEA4} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.) Task: {4F56EF5D-A68A-4FE1-8159-D966C7E76DB2} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation) Task: {51A548DA-58D6-4DB1-B243-469075D1E63A} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe [2013-05-30] (Symantec Corporation) Task: {5670462F-E306-46C9-A54B-5E1A788C3AAB} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation) Task: {5EAF4290-5365-432E-87E6-CCF0C6ACAFF9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation) Task: {66B3C01B-319A-42F1-BBBB-D9B7933919D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-19] (Google Inc.) Task: {94EB5A90-1D03-4C9F-8E72-C41CFF134B73} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.) Task: {A7630FAB-6E7C-4F3D-A04B-A08A9FE90A0E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-08] (Adobe Systems Incorporated) Task: {AE108DA4-ED17-41EA-B65D-62E3F8495216} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {B9A0A33C-490E-4A2A-85E4-810995CA95DA} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation) Task: {C3FAC4D3-8951-4423-A844-2CE8214A6A68} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {D7765108-4419-4DED-A5A3-9F2E6B52474C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2844046150-3993658297-1854408014-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.) Task: {E166D3FC-7868-4DA5-9AA6-BFCA8D69BAEF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd) Task: {F0AD76E3-C45B-4904-8DC8-4C6028C73C48} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation) Task: {F1FD97D9-2569-4077-9ABE-B33E21EBD91C} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation) Task: {F3AFD570-33C1-48FB-87C6-D161E4F0543D} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation) Task: {FAF4C6CA-7890-449D-8642-C2091BA5F166} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-19] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/17/2013 01:34:27 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2013 09:07:02 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (08/16/2013 09:07:02 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (08/16/2013 07:41:15 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Microsoft Office Sessions: ========================= Error: (08/17/2013 01:34:27 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2013 09:07:02 PM) (Source: SideBySide)(User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe Error: (08/16/2013 09:07:02 PM) (Source: SideBySide)(User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe Error: (08/16/2013 07:41:15 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Percentage of memory in use: 28% Total physical RAM: 7641.29 MB Available physical RAM: 5463.69 MB Total Pagefile: 15280.77 MB Available Pagefile: 13001.04 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:97.66 GB) (Free:44.92 GB) NTFS Drive d: (BFII) (CDROM) (Total:3.02 GB) (Free:0 GB) CDFS Drive g: (Spiele) (Fixed) (Total:195.31 GB) (Free:113.65 GB) NTFS Drive l: (Allgemein) (Fixed) (Total:627.16 GB) (Free:148.3 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 624C9C72) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=822 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=11 GB) - (Type=27) ==================== End Of Log ============================ Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 13:42 on 17/08/2013 by Liam
Administrator - Elevation successful
========== filefind ==========
Searching for "*bprotector*"
No files found.
Searching for "*Iminent*"
No files found.
Searching for "*LyricsContainer*"
No files found.
Searching for "*Babylon*"
No files found.
Searching for "*BrowserDefender*"
C:\Windows\System32\Tasks\BrowserDefendert --a---- 3432 bytes [19:03 23/06/2013] [19:03 23/06/2013] 99015FA4B96CFFCE088A760693153863
Searching for "*BabSolution*"
No files found.
Searching for "*RadioRage*"
No files found.
Searching for "*Conduit*"
No files found.
Searching for "*ilivid*"
No files found.
Searching for "*DataMngr*"
No files found.
========== folderfind ==========
Searching for "*bprotector*"
No folders found.
Searching for "*Iminent*"
No folders found.
Searching for "*LyricsContainer*"
No folders found.
Searching for "*Babylon*"
No folders found.
Searching for "*BrowserDefender*"
No folders found.
Searching for "*BabSolution*"
No folders found.
Searching for "*RadioRage*"
C:\Program Files (x86)\RadioRage_4j d------ [19:03 03/07/2013]
Searching for "*Conduit*"
No folders found.
Searching for "*ilivid*"
No folders found.
Searching for "*DataMngr*"
No folders found.
========== regfind ==========
Searching for "bprotector"
No data found.
Searching for "Iminent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\Iminent\inst\Bootstrapper\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\Iminent\inst\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\Iminent\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]
"00000000000000000000000000000000"="C:\Program Files (x86)\Iminent\inst\Bootstrapper\Bootstrapper.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]
"00000000000000000000000000000000"="02:\SOFTWARE\Iminent\AppInstanceUid"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C]
"00000000000000000000000000000000"="C:\Program Files (x86)\Iminent\StartWeb.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD]
"00000000000000000000000000000000"="C:\Program Files (x86)\Iminent\UniverselyWeb.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7]
"00000000000000000000000000000000"="C:\Program Files (x86)\Iminent\SearchTheWeb.xml"
Searching for "LyricsContainer"
No data found.
Searching for "Babylon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
Searching for "BrowserDefender"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
"DllName"="PCTBrowserDefender.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}]
"DllName"="PCTBrowserDefender.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5670462F-E306-46C9-A54B-5E1A788C3AAB}]
"Path"="\BrowserDefendert"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
"DllName"="PCTBrowserDefender.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}]
"DllName"="PCTBrowserDefender.dll"
Searching for "BabSolution"
No data found.
Searching for "RadioRage"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\RadioRage_4j]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\RadioRage_4j]
"CacheDir"="C:\Users\Liam\AppData\LocalLow\RadioRage_4j\RadioRage_4j\Cache\"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\RadioRage_4j\bar]
"SettingsDir"="C:\Users\Liam\AppData\LocalLow\RadioRage_4j\bar\Settings\"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\RadioRage_4j\bar]
"CacheDir"="C:\Users\Liam\AppData\LocalLow\RadioRage_4j\bar\Cache\"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\RadioRage_4j\bar]
"HistoryDir"="C:\Users\Liam\AppData\LocalLow\RadioRage_4j\bar\History\"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\RadioRage_4j\bar]
"uninstallcompletedurl"="hxxp://buttons.radiorage.com/one-toolbaredits/survey/uninstallSurvey.jhtml?uninstallSurveyUrl=https://www.research.net/s/S6Y52X6?c=B450B385-E276-4AC8-BEB3-A36BE29DB740"
[HKEY_CURRENT_USER\Software\RadioRage_4j]
[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{3c35ad63-af1d-4e21-b484-b6651a8efcf9}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.DynamicBarButton]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.DynamicBarButton\CurVer]
@="RadioRage_4j.DynamicBarButton.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.DynamicBarButton.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.FeedManager]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.FeedManager\CurVer]
@="RadioRage_4j.FeedManager.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.FeedManager.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLMenu]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLMenu]
@="RadioRage_4j HTML Menu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLMenu\CurVer]
@="RadioRage_4j.HTMLMenu.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLMenu.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLMenu.1]
@="RadioRage_4j HTML Menu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLPanel]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLPanel]
@="RadioRage_4j HTML Panel"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLPanel\CurVer]
@="RadioRage_4j.HTMLPanel.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLPanel.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLPanel.1]
@="RadioRage_4j HTML Panel"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.MultipleButton]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.MultipleButton\CurVer]
@="RadioRage_4j.MultipleButton.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.MultipleButton.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin\CurVer]
@="RadioRage_4j.PseudoTransparentPlugin.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.Radio]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.Radio\CurVer]
@="RadioRage_4j.Radio.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.Radio.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.RadioSettings]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.RadioSettings\CurVer]
@="RadioRage_4j.RadioSettings.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.RadioSettings.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ScriptButton]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ScriptButton\CurVer]
@="RadioRage_4j.ScriptButton.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ScriptButton.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin\CurVer]
@="RadioRage_4j.SettingsPlugin.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SkinLauncher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SkinLauncher\CurVer]
@="RadioRage_4j.SkinLauncher.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SkinLauncher.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SkinLauncherSettings]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SkinLauncherSettings\CurVer]
@="RadioRage_4j.SkinLauncherSettings.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SkinLauncherSettings.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller]
@="RadioRage Third Party Installer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller\CurVer]
@="RadioRage_4j.ThirdPartyInstaller.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller.1]
@="RadioRage Third Party Installer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector\CurVer]
@="RadioRage_4j.ToolbarProtector.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.UrlAlertButton]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.UrlAlertButton\CurVer]
@="RadioRage_4j.UrlAlertButton.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.UrlAlertButton.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.XMLSessionPlugin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.XMLSessionPlugin\CurVer]
@="RadioRage_4j.XMLSessionPlugin.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.XMLSessionPlugin.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\905"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1003"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\405"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1807"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1406"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1506"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\100"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1104"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1604"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9E18E695-C9AF-4369-8CC3-93141C2928AF}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1306"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9E18E695-C9AF-4369-8CC3-93141C2928AF}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\626"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\625"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00a2b7c6-7487-4b99-9f6c-1fdf57fe130b}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jradio.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00a2b7c6-7487-4b99-9f6c-1fdf57fe130b}\ProgID]
@="RadioRage_4j.Radio.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00a2b7c6-7487-4b99-9f6c-1fdf57fe130b}\VersionIndependentProgID]
@="RadioRage_4j.Radio"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{10273591-d084-4328-a7d0-49e051fcde7b}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbprtct.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{10273591-d084-4328-a7d0-49e051fcde7b}\ProgID]
@="RadioRage_4j.ToolbarProtector.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{10273591-d084-4328-a7d0-49e051fcde7b}\VersionIndependentProgID]
@="RadioRage_4j.ToolbarProtector"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11d4b723-18ca-48c6-ba13-965488f19a70}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jscript.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11d4b723-18ca-48c6-ba13-965488f19a70}\ProgID]
@="RadioRage_4j.ScriptButton.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11d4b723-18ca-48c6-ba13-965488f19a70}\VersionIndependentProgID]
@="RadioRage_4j.ScriptButton"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{434fa5e9-253e-4bd0-adb6-7ce4cea114ca}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jmsg.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{434fa5e9-253e-4bd0-adb6-7ce4cea114ca}\ProgID]
@="RadioRage_4j.XMLSessionPlugin.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{434fa5e9-253e-4bd0-adb6-7ce4cea114ca}\VersionIndependentProgID]
@="RadioRage_4j.XMLSessionPlugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{53855564-cf81-410c-9c1c-321c7e067816}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jskin.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}]
@="RadioRage_4j HTML Menu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jhtmlmu.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}\ProgID]
@="RadioRage_4j.HTMLMenu.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}\VersionIndependentProgID]
@="RadioRage_4j.HTMLMenu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5848763c-2668-44ca-adbe-2999a6ee2858}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}]
@="RadioRage Third Party Installer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jtpinst.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}\ProgID]
@="RadioRage_4j.ThirdPartyInstaller.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}\VersionIndependentProgID]
@="RadioRage_4j.ThirdPartyInstaller"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6562e272-88e1-4dff-8ff8-fe1a05323d36}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jdlghk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{68122f44-3a4a-4edb-b28f-0c0e07f89bd0}]
@="RadioRage_4j HTML"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{68122f44-3a4a-4edb-b28f-0c0e07f89bd0}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\T8HTML.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{68122f44-3a4a-4edb-b28f-0c0e07f89bd0}\ProgID]
@="RadioRage_4j.HTMLPanel.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{68122f44-3a4a-4edb-b28f-0c0e07f89bd0}\VersionIndependentProgID]
@="RadioRage_4j.HTMLPanel"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{78ba36c9-6036-482b-b48d-ecca6f964b84}]
@="RadioRage"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{78ba36c9-6036-482b-b48d-ecca6f964b84}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7e7abf2a-8c44-4562-895d-dbca3cddd1a9}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jdyn.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7e7abf2a-8c44-4562-895d-dbca3cddd1a9}\ProgID]
@="RadioRage_4j.DynamicBarButton.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7e7abf2a-8c44-4562-895d-dbca3cddd1a9}\VersionIndependentProgID]
@="RadioRage_4j.DynamicBarButton"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9638b7d6-11f5-4406-b387-327642a11ffb}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9638b7d6-11f5-4406-b387-327642a11ffb}\ProgID]
@="RadioRage_4j.SettingsPlugin.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9638b7d6-11f5-4406-b387-327642a11ffb}\VersionIndependentProgID]
@="RadioRage_4j.SettingsPlugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ca41198f-c3c5-47d8-99e1-1ab199e81723}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4juabtn.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ca41198f-c3c5-47d8-99e1-1ab199e81723}\ProgID]
@="RadioRage_4j.UrlAlertButton.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ca41198f-c3c5-47d8-99e1-1ab199e81723}\VersionIndependentProgID]
@="RadioRage_4j.UrlAlertButton"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{d740ad89-baf4-47d5-9b5e-343d30f07a7a}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jhttpct.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{dfeb941c-8b58-4899-97c3-88fe394e1285}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jradio.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{dfeb941c-8b58-4899-97c3-88fe394e1285}\ProgID]
@="RadioRage_4j.RadioSettings.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{dfeb941c-8b58-4899-97c3-88fe394e1285}\VersionIndependentProgID]
@="RadioRage_4j.RadioSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{e23760be-23a3-4cef-9304-66af079f53db}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jfeedmg.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{e23760be-23a3-4cef-9304-66af079f53db}\ProgID]
@="RadioRage_4j.FeedManager.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{e23760be-23a3-4cef-9304-66af079f53db}\VersionIndependentProgID]
@="RadioRage_4j.FeedManager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{e6ad866f-ea06-476a-8432-ed943683fab1}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jskin.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ecef0d95-32fa-48d3-8a2d-d6453b5b7361}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jdatact.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{f69fe1be-09c3-460c-ac89-8ccd9d3df1cc}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jmlbtn.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{f69fe1be-09c3-460c-ac89-8ccd9d3df1cc}\ProgID]
@="RadioRage_4j.MultipleButton.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{f69fe1be-09c3-460c-ac89-8ccd9d3df1cc}\VersionIndependentProgID]
@="RadioRage_4j.MultipleButton"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{f706e19b-6c14-4272-ba98-2f16636a898d}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jskin.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{f706e19b-6c14-4272-ba98-2f16636a898d}\ProgID]
@="RadioRage_4j.PseudoTransparentPlugin.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{f706e19b-6c14-4272-ba98-2f16636a898d}\VersionIndependentProgID]
@="RadioRage_4j.PseudoTransparentPlugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\905"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1003"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\405"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1807"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1406"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1506"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\100"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1104"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1604"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{9E18E695-C9AF-4369-8CC3-93141C2928AF}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1306"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{9E18E695-C9AF-4369-8CC3-93141C2928AF}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\626"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\625"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RadioRage Home Page Guard 64 bit"=""C:\PROGRA~2\RADIOR~2\bar\1.bin\AppIntegrator64.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44db423d-a0db-4664-9477-ccdceb7cd666}]
"AppPath"="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53855564-cf81-410c-9c1c-321c7e067816}]
"AppPath"="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a25aa6e2-1cde-4d0f-a5d4-4898d7fb3c86}]
"AppPath"="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5c9cb1c-1c0a-45a2-81cc-1dd342d0a478}]
"AppPath"="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a661d4dc-4bd8-48fc-964b-a24ab8157de6}]
"AppPath"="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b5731ab1-8566-4441-aefb-9afb2eea63d9}]
"AppPath"="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RadioRage_4jbar Uninstall Firefox]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RadioRage_4jbar Uninstall Firefox]
"DisplayName"="RadioRage Firefox Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RadioRage_4jbar Uninstall Firefox]
"UninstallString"="rundll32 "C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jBar.dll",O mindsparktoolbarkey="RadioRage_4j" uninstalltype="FF""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RadioRage_4jbar Uninstall Internet Explorer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RadioRage_4jbar Uninstall Internet Explorer]
"DisplayName"="RadioRage Internet Explorer Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RadioRage_4jbar Uninstall Internet Explorer]
"UninstallString"="rundll32 "C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jBar.dll",O mindsparktoolbarkey="RadioRage_4j" uninstalltype="IE""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions]
"4jffxtbr@RadioRage_4j.com"="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RadioRage_4j.com/Plugin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RadioRage_4j.com/Plugin]
"Description"="RadioRage Plugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RadioRage_4j.com/Plugin]
"Path"="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\NP4jStub.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RadioRage_4j.com/Plugin]
"vendor"="RadioRage_4j"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RadioRage_4j.com/Plugin\MimeTypes\application/x-radiorage_4jplugin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RadioRage_4j.com/Plugin\MimeTypes\application/x-radiorage_4jplugin]
"Description"="RadioRage Plugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RadioRage_4j]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RadioRage_4j\bar]
"un"="RadioRage"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RadioRage_4j\bar]
"Dir"="C:\Program Files (x86)\RadioRage_4j\bar\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RadioRage_4j\bar]
"UninstallString"=""C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jhighin.exe" 4jbar.dll,O uninstalltype="IE""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RadioRage_4j\bar]
"PluginPath"="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RadioRage_4j\bar]
"SettingsDir"="C:\Program Files (x86)\RadioRage_4j\bar\Settings\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RadioRage_4j\bar]
"HistoryDir"="C:\Program Files (x86)\RadioRage_4j\bar\History\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RadioRage_4j\SkinTools]
"PlayerPath"=""C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSkPlay.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{00a2b7c6-7487-4b99-9f6c-1fdf57fe130b}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jradio.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{00a2b7c6-7487-4b99-9f6c-1fdf57fe130b}\ProgID]
@="RadioRage_4j.Radio.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{00a2b7c6-7487-4b99-9f6c-1fdf57fe130b}\VersionIndependentProgID]
@="RadioRage_4j.Radio"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{10273591-d084-4328-a7d0-49e051fcde7b}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbprtct.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{10273591-d084-4328-a7d0-49e051fcde7b}\ProgID]
@="RadioRage_4j.ToolbarProtector.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{10273591-d084-4328-a7d0-49e051fcde7b}\VersionIndependentProgID]
@="RadioRage_4j.ToolbarProtector"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{11d4b723-18ca-48c6-ba13-965488f19a70}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jscript.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{11d4b723-18ca-48c6-ba13-965488f19a70}\ProgID]
@="RadioRage_4j.ScriptButton.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{11d4b723-18ca-48c6-ba13-965488f19a70}\VersionIndependentProgID]
@="RadioRage_4j.ScriptButton"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{434fa5e9-253e-4bd0-adb6-7ce4cea114ca}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jmsg.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{434fa5e9-253e-4bd0-adb6-7ce4cea114ca}\ProgID]
@="RadioRage_4j.XMLSessionPlugin.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{434fa5e9-253e-4bd0-adb6-7ce4cea114ca}\VersionIndependentProgID]
@="RadioRage_4j.XMLSessionPlugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{53855564-cf81-410c-9c1c-321c7e067816}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jskin.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}]
@="RadioRage_4j HTML Menu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jhtmlmu.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}\ProgID]
@="RadioRage_4j.HTMLMenu.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}\VersionIndependentProgID]
@="RadioRage_4j.HTMLMenu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{5848763c-2668-44ca-adbe-2999a6ee2858}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}]
@="RadioRage Third Party Installer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jtpinst.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}\ProgID]
@="RadioRage_4j.ThirdPartyInstaller.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}\VersionIndependentProgID]
@="RadioRage_4j.ThirdPartyInstaller"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{6562e272-88e1-4dff-8ff8-fe1a05323d36}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jdlghk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{68122f44-3a4a-4edb-b28f-0c0e07f89bd0}]
@="RadioRage_4j HTML"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{68122f44-3a4a-4edb-b28f-0c0e07f89bd0}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\T8HTML.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{68122f44-3a4a-4edb-b28f-0c0e07f89bd0}\ProgID]
@="RadioRage_4j.HTMLPanel.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{68122f44-3a4a-4edb-b28f-0c0e07f89bd0}\VersionIndependentProgID]
@="RadioRage_4j.HTMLPanel"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{78ba36c9-6036-482b-b48d-ecca6f964b84}]
@="RadioRage"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{78ba36c9-6036-482b-b48d-ecca6f964b84}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{7e7abf2a-8c44-4562-895d-dbca3cddd1a9}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jdyn.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{7e7abf2a-8c44-4562-895d-dbca3cddd1a9}\ProgID]
@="RadioRage_4j.DynamicBarButton.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{7e7abf2a-8c44-4562-895d-dbca3cddd1a9}\VersionIndependentProgID]
@="RadioRage_4j.DynamicBarButton"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{9638b7d6-11f5-4406-b387-327642a11ffb}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{9638b7d6-11f5-4406-b387-327642a11ffb}\ProgID]
@="RadioRage_4j.SettingsPlugin.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{9638b7d6-11f5-4406-b387-327642a11ffb}\VersionIndependentProgID]
@="RadioRage_4j.SettingsPlugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{ca41198f-c3c5-47d8-99e1-1ab199e81723}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4juabtn.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{ca41198f-c3c5-47d8-99e1-1ab199e81723}\ProgID]
@="RadioRage_4j.UrlAlertButton.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{ca41198f-c3c5-47d8-99e1-1ab199e81723}\VersionIndependentProgID]
@="RadioRage_4j.UrlAlertButton"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{d740ad89-baf4-47d5-9b5e-343d30f07a7a}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jhttpct.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{dfeb941c-8b58-4899-97c3-88fe394e1285}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jradio.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{dfeb941c-8b58-4899-97c3-88fe394e1285}\ProgID]
@="RadioRage_4j.RadioSettings.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{dfeb941c-8b58-4899-97c3-88fe394e1285}\VersionIndependentProgID]
@="RadioRage_4j.RadioSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{e23760be-23a3-4cef-9304-66af079f53db}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jfeedmg.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{e23760be-23a3-4cef-9304-66af079f53db}\ProgID]
@="RadioRage_4j.FeedManager.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{e23760be-23a3-4cef-9304-66af079f53db}\VersionIndependentProgID]
@="RadioRage_4j.FeedManager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{e6ad866f-ea06-476a-8432-ed943683fab1}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jskin.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{ecef0d95-32fa-48d3-8a2d-d6453b5b7361}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jdatact.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{f69fe1be-09c3-460c-ac89-8ccd9d3df1cc}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jmlbtn.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{f69fe1be-09c3-460c-ac89-8ccd9d3df1cc}\ProgID]
@="RadioRage_4j.MultipleButton.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{f69fe1be-09c3-460c-ac89-8ccd9d3df1cc}\VersionIndependentProgID]
@="RadioRage_4j.MultipleButton"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{f706e19b-6c14-4272-ba98-2f16636a898d}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jskin.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{f706e19b-6c14-4272-ba98-2f16636a898d}\ProgID]
@="RadioRage_4j.PseudoTransparentPlugin.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{f706e19b-6c14-4272-ba98-2f16636a898d}\VersionIndependentProgID]
@="RadioRage_4j.PseudoTransparentPlugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\905"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1003"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\405"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1807"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1406"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1506"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\100"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1104"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1604"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{9E18E695-C9AF-4369-8CC3-93141C2928AF}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\1306"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{9E18E695-C9AF-4369-8CC3-93141C2928AF}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\626"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}\1.0\0\win32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\t8res.dll\625"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}\1.0\HELPDIR]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin"
[HKEY_USERS\S-1-5-21-2844046150-3993658297-1854408014-1000\Software\AppDataLow\Software\RadioRage_4j]
[HKEY_USERS\S-1-5-21-2844046150-3993658297-1854408014-1000\Software\AppDataLow\Software\RadioRage_4j]
"CacheDir"="C:\Users\Liam\AppData\LocalLow\RadioRage_4j\RadioRage_4j\Cache\"
[HKEY_USERS\S-1-5-21-2844046150-3993658297-1854408014-1000\Software\AppDataLow\Software\RadioRage_4j\bar]
"SettingsDir"="C:\Users\Liam\AppData\LocalLow\RadioRage_4j\bar\Settings\"
[HKEY_USERS\S-1-5-21-2844046150-3993658297-1854408014-1000\Software\AppDataLow\Software\RadioRage_4j\bar]
"CacheDir"="C:\Users\Liam\AppData\LocalLow\RadioRage_4j\bar\Cache\"
[HKEY_USERS\S-1-5-21-2844046150-3993658297-1854408014-1000\Software\AppDataLow\Software\RadioRage_4j\bar]
"HistoryDir"="C:\Users\Liam\AppData\LocalLow\RadioRage_4j\bar\History\"
[HKEY_USERS\S-1-5-21-2844046150-3993658297-1854408014-1000\Software\AppDataLow\Software\RadioRage_4j\bar]
"uninstallcompletedurl"="hxxp://buttons.radiorage.com/one-toolbaredits/survey/uninstallSurvey.jhtml?uninstallSurveyUrl=https://www.research.net/s/S6Y52X6?c=B450B385-E276-4AC8-BEB3-A36BE29DB740"
[HKEY_USERS\S-1-5-21-2844046150-3993658297-1854408014-1000\Software\RadioRage_4j]
[HKEY_USERS\S-1-5-21-2844046150-3993658297-1854408014-1000\Software\Classes\Wow6432Node\CLSID\{3c35ad63-af1d-4e21-b484-b6651a8efcf9}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll"
[HKEY_USERS\S-1-5-21-2844046150-3993658297-1854408014-1000_Classes\Wow6432Node\CLSID\{3c35ad63-af1d-4e21-b484-b6651a8efcf9}\InprocServer32]
@="C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll"
Searching for "Conduit"
No data found.
Searching for "ilivid"
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Users\Liam\AppData\Local\iLivid]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.8.false\C:\Users\Liam\AppData\Local\iLivid]
[HKEY_USERS\S-1-5-21-2844046150-3993658297-1854408014-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Users\Liam\AppData\Local\iLivid]
[HKEY_USERS\S-1-5-21-2844046150-3993658297-1854408014-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.8.false\C:\Users\Liam\AppData\Local\iLivid]
Searching for "DataMngr"
No data found.
-= EOF =-
|
|
17.08.2013, 12:55
| #15 |
| /// TB-Ausbilder | LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles: Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
Task: {4C03F15E-2447-4FAE-9261-C2FC57E6653B} - System32\Tasks\EPUpdater => C:\Users\Liam\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {5670462F-E306-46C9-A54B-5E1A788C3AAB} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
C:\Program Files (x86)\RadioRage_4j
Reg: rege delete "HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\AppDataLow\Software\RadioRage_4j" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\RadioRage_4j" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{3c35ad63-af1d-4e21-b484-b6651a8efcf9}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.DynamicBarButton" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.DynamicBarButton.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.FeedManager" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.FeedManager.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLMenu" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLMenu.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLPanel" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.HTMLPanel.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.MultipleButton" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.MultipleButton.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.Radio" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.Radio.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.RadioSettings" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.RadioSettings.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ScriptButton" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ScriptButton.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SkinLauncher" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SkinLauncher.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SkinLauncherSettings" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.SkinLauncherSettings.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.UrlAlertButton" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.UrlAlertButton.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RadioRage_4j.XMLSessionPlugin" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9E18E695-C9AF-4369-8CC3-93141C2928AF}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00a2b7c6-7487-4b99-9f6c-1fdf57fe130b}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{10273591-d084-4328-a7d0-49e051fcde7b}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11d4b723-18ca-48c6-ba13-965488f19a70}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{434fa5e9-253e-4bd0-adb6-7ce4cea114ca}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{53855564-cf81-410c-9c1c-321c7e067816}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6562e272-88e1-4dff-8ff8-fe1a05323d36}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{68122f44-3a4a-4edb-b28f-0c0e07f89bd0}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7e7abf2a-8c44-4562-895d-dbca3cddd1a9}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9638b7d6-11f5-4406-b387-327642a11ffb}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ca41198f-c3c5-47d8-99e1-1ab199e81723}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{d740ad89-baf4-47d5-9b5e-343d30f07a7a}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{dfeb941c-8b58-4899-97c3-88fe394e1285}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{e23760be-23a3-4cef-9304-66af079f53db}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{e6ad866f-ea06-476a-8432-ed943683fab1}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ecef0d95-32fa-48d3-8a2d-d6453b5b7361}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{f69fe1be-09c3-460c-ac89-8ccd9d3df1cc}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{f706e19b-6c14-4272-ba98-2f16636a898d}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{9E18E695-C9AF-4369-8CC3-93141C2928AF}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44db423d-a0db-4664-9477-ccdceb7cd666}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53855564-cf81-410c-9c1c-321c7e067816}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a25aa6e2-1cde-4d0f-a5d4-4898d7fb3c86}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5c9cb1c-1c0a-45a2-81cc-1dd342d0a478}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a661d4dc-4bd8-48fc-964b-a24ab8157de6}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b5731ab1-8566-4441-aefb-9afb2eea63d9}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RadioRage_4jbar Uninstall Firefox" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RadioRage_4jbar Uninstall Internet Explorer" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RadioRage_4j" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{00a2b7c6-7487-4b99-9f6c-1fdf57fe130b}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{10273591-d084-4328-a7d0-49e051fcde7b}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{11d4b723-18ca-48c6-ba13-965488f19a70}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{434fa5e9-253e-4bd0-adb6-7ce4cea114ca}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{53855564-cf81-410c-9c1c-321c7e067816}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{6562e272-88e1-4dff-8ff8-fe1a05323d36}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{68122f44-3a4a-4edb-b28f-0c0e07f89bd0}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{7e7abf2a-8c44-4562-895d-dbca3cddd1a9}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{9638b7d6-11f5-4406-b387-327642a11ffb}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{ca41198f-c3c5-47d8-99e1-1ab199e81723}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{d740ad89-baf4-47d5-9b5e-343d30f07a7a}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{dfeb941c-8b58-4899-97c3-88fe394e1285}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{e23760be-23a3-4cef-9304-66af079f53db}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{e6ad866f-ea06-476a-8432-ed943683fab1}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{ecef0d95-32fa-48d3-8a2d-d6453b5b7361}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{f69fe1be-09c3-460c-ac89-8ccd9d3df1cc}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{f706e19b-6c14-4272-ba98-2f16636a898d}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{9E18E695-C9AF-4369-8CC3-93141C2928AF}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}" /f
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 ESET Online Scanner
Schritt 4 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
|
| Themen zu LyricsContainer auf Windows 7 - Wie schmeiße ich es runter? |
| anleitung, brauche, button, einfach, entfernen, explorer, fenster, home, installiert, internet, internet explorer, leute, lyricscontainer, mozilla, nicht mehr, plötzlich, runter, seite, spyware, trojaner, unbedingt, verlassen, verschiedene, werbung, windows, windows 7, wirklich |
Linear-Darstellung
