Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Keine Rückmeldung und Freeze (https://www.trojaner-board.de/125517-keine-rueckmeldung-freeze.html)

Valentice94 11.10.2012 13:51
Keine Rückmeldung und Freeze
 
Hallo liebe Community,

Ich habe seid geraumer Zeit ein mehr oder weniger Großes Problem.
Und zwar wenn ich auf meine Seiten will dann bekommt er ''Keine Rückmeldung'' oder wenn ich meine Pc-Spiele spiele, friert er einfach so für Sekunden geschweige denn Minuten ein und ich kann nix mehr tun. Dies Passiert auch mittlerweile recht häufig und die Haare stehen mir zu Berge.
Also Zusammenfassung nochmal: Internet --> häufiger Keine Rückmeldung bis Freeze

Und Spiele im Vollbildmodus, Frieren für Sekunden oder Minuten ein und ich kann nix mehr machen AUßER zu warten.

Ich habe mir heute das Programm Malewarebytes Anti-Malwarre heruntergeladen und werde gleich den Report hier in das Forum Posten.
Ich hoffe doch ihr habt eine Lösung für mein nervenaufreibendes Problem und könnt mir da raushelfen.

MfG. Valentice

Report nach dem Scan von Malewarebytes:

Code:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.10.05.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mustermann :: MAX [Administrator]

11.10.2012 14:34:38
mbam-log-2012-10-11 (14-34-38).txt

Art des Suchlaufs: Vollständigen Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P



Infizierte Registrierungsschlüssel: 52
HKCR\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.HbGuru (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.Dwnldr (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.Scopes.1 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.Scopes (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.Reporter (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.Stock.1 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.Stock (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.AsyncReporter (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.ReportData.1 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.ReportData (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\CmndFF.DLL (Adware.ClickPotato) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\mozillaps.dll (Adware.ClickPotato) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Invictus (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.1.22.0 (Adware.HotBar) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E879047EB7765A5032AC95 (Malware.Trace) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Mozilla\Firefox\extensions|ShopperReports@ShopperReports.com (ShopperReports) -> Daten: C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 16
C:\Users\DragoTheOwner\AppData\Roaming\loadtbs (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\DragoTheOwner\AppData\Roaming\ShopperReports3 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0 (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0} (Adware.QuestBrowse) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}\chrome (Adware.QuestBrowse) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}\defaults (Adware.QuestBrowse) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}\defaults\preferences (Adware.QuestBrowse) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 24
C:\Program Files (x86)\EA GAMES\Battlefield Vietnam\trainer.exe (Trojan.FakeAlert.SecGen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\DragoTheOwner\AppData\Roaming\loadtbs\ytdl.exe (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\DragoTheOwner\Desktop\Ein Ordner für Alles!\Shizuka3-Client-2012-v3\ClientStarter.exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\DragoTheOwner\AppData\Roaming\loadtbs\keyHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\DragoTheOwner\AppData\Roaming\loadtbs\config.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\DragoTheOwner\AppData\Roaming\loadtbs\domHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\DragoTheOwner\AppData\Roaming\loadtbs\evHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\DragoTheOwner\AppData\Roaming\loadtbs\uninstall.exe (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\DragoTheOwner\AppData\Roaming\loadtbs\updateHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\link.ico (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\infopane.js (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\InfoPane.xul (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BrowserExtensionFF.xpt (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\About Us.lnk (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\Customer Support.lnk (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\ShopperReports Uninstall Instructions.lnk (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}\chrome.manifest (Adware.QuestBrowse) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}\install.rdf (Adware.QuestBrowse) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}\chrome\questbrowse.jar (Adware.QuestBrowse) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}\defaults\preferences\prefs.js (Adware.QuestBrowse) -> Erfolgreich gelöscht und in Quarantäne gestellt.


(Ende)

cosinus 11.10.2012 18:26
Warum machst du einen neuen Strang auf? Ich hab in diesem vergeblich auf Antwort gewartet! => http://www.trojaner-board.de/124295-...tml#post918466

Valentice94 11.10.2012 18:38
Ich bin sone Art von Personen die das nicht gerne machen wenn sie einen Fehler gemacht haben :D Ich bin ne Art Perfektionist :P Naja aber ich brauche wirklich dringend Hilfe. Ich glaube das er von Tag zu Tag immer schlechter wird und ich hoffe ihr könnt mit dem Report was anfangen x.x

cosinus 11.10.2012 18:59
Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Valentice94 11.10.2012 19:31
Nein das ist mein einzigster

cosinus 12.10.2012 10:07
adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Valentice94 12.10.2012 14:56
Hier ist es.

Code:
# AdwCleaner v2.004 - Datei am 12/10/2012 um 15:52:37 erstellt
# Aktualisiert am 06/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : MaxMustermann
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\MaxMustermann\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : Application Updater
Gefunden : WajamUpdater

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\Users\MaxMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\searchplugins\Web Search.xml
Datei Gefunden : C:\Windows\SysWOW64\conduitEngine.tmp
Ordner Gefunden : C:\Program Files (x86)\Application Updater
Ordner Gefunden : C:\Program Files (x86)\AutocompletePro
Ordner Gefunden : C:\Program Files (x86)\Common Files\spigot
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\DVDVideoSoftTB
Ordner Gefunden : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gefunden : C:\Program Files (x86)\myBabylon_English
Ordner Gefunden : C:\Users\Max\AppData\Local\Temp\CT2269050
Ordner Gefunden : C:\Users\MaxMustermann\AppData\Local\Conduit
Ordner Gefunden : C:\Users\MaxMustermann\AppData\Local\OpenCandy
Ordner Gefunden : C:\Users\MaxMustermann\AppData\Local\Wajam
Ordner Gefunden : C:\Users\MaxMustermann\AppData\LocalLow\BabylonToolbar
Ordner Gefunden : C:\Users\MaxMustermann\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\MaxMustermann\AppData\LocalLow\DVDVideoSoftTB
Ordner Gefunden : C:\Users\MaxMustermann\AppData\LocalLow\Elf_1.13
Ordner Gefunden : C:\Users\MaxMustermann\AppData\LocalLow\myBabylon_English
Ordner Gefunden : C:\Users\MaxMustermann\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\MaxMustermann\AppData\LocalLow\Search Settings
Ordner Gefunden : C:\Users\MaxMustermann\AppData\LocalLow\ShopperReports3
Ordner Gefunden : C:\Users\MaxMustermann\AppData\LocalLow\SweetIM
Ordner Gefunden : C:\Users\MaxMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Ordner Gefunden : C:\Users\MaxMustermann\AppData\Roaming\OpenCandy

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\HavingFunOnline
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Elf_1.13
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\I Want This
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\myBabylon_English
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ShopperReports3
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\AutocompletePro
Schlüssel Gefunden : HKCU\Software\AutocompleteProBHO
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3F624D28-5FE1-4F08-9D02-D6A105DD3072}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99779854-1D37-4B91-B403-05486E20028F}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gefunden : HKCU\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Wajam
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Schlüssel Gefunden : HKLM\Software\Application Updater
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT1460988
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKLM\Software\Elf_1.13
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99779854-1D37-4B91-B403-05486E20028F}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gefunden : HKLM\Software\myBabylon_English
Schlüssel Gefunden : HKLM\Software\Search Settings
Schlüssel Gefunden : HKLM\Software\Wajam
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99779854-1D37-4B91-B403-05486E20028F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0F179926-16F1-4584-AC96-12FA9BD6A0CA}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D7EDC0E-3215-4B96-B59B-5BAD9DA3CEB6}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D0FC09C-7D48-4D23-B483-445A691E11A4}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{731E8EFE-C724-47B8-8EBC-07B2F27F934A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADD47822-804A-482C-85E4-9C5604D244DA}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C807BF39-F310-430D-81F4-C7AC3F03D2A0}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\myBabylon_English Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKLM\SOFTWARE\Software
Schlüssel Gefunden : HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B80F591E-FE9A-46CF-A13E-180377240586}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B80F591E-FE9A-46CF-A13E-180377240586}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B80F591E-FE9A-46CF-A13E-180377240586}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7ef195aa-da4a-4bd3-a5f4-4af5443c6029&searchtype=ds&q={searchTerms}
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7ef195aa-da4a-4bd3-a5f4-4af5443c6029&searchtype=ds&q={searchTerms}
[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7ef195aa-da4a-4bd3-a5f4-4af5443c6029&searchtype=ds&q={searchTerms}
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7ef195aa-da4a-4bd3-a5f4-4af5443c6029&searchtype=ds&q={searchTerms}

-\\ Mozilla Firefox v14.0.1 (de)

Profilname : default
Datei : C:\Users\MaxMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\prefs.js

Gefunden : user_pref("browser.startup.homepage", "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpe[...]
Gefunden : user_pref("extensions.wajam.affiliate_id", "6447");
Gefunden : user_pref("extensions.wajam.firstrun", "false");
Gefunden : user_pref("extensions.wajam.log_send_info", "false");
Gefunden : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21083\",\"supported_sites\":{\[...]
Gefunden : user_pref("extensions.wajam.no_trace", "false");
Gefunden : user_pref("extensions.wajam.server_current_mapping_version", "0.21083");
Gefunden : user_pref("extensions.wajam.trace_log", "1347936166969 - onFlagInfoReceived - No user current mappin[...]
Gefunden : user_pref("extensions.wajam.unique_id", "2CFB2D75B5E00EF7013706891590F9FD");
Gefunden : user_pref("extensions.wajam.user_current_mapping_version", "0");
Gefunden : user_pref("extensions.wajam.version", "1.25");
Gefunden : user_pref("CT2269050.autoDisableScopes", -1);

-\\ Google Chrome v22.0.1229.94

Datei : C:\Users\MaxMustermann\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gefunden [l.12] : homepage = "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48",
Gefunden [l.16] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48" ]
Gefunden [l.50] : icon_url = "hxxp://search.conduit.com/fav.ico",
Gefunden [l.53] : keyword = "search.conduit.com",
Gefunden [l.56] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050",
Gefunden [l.1440] : homepage = "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48",
Gefunden [l.1929] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48" ]

*************************

AdwCleaner[R1].txt - [19378 octets] - [12/10/2012 15:52:37]

########## EOF - C:\AdwCleaner[R1].txt - [19439 octets] ##########

cosinus 12.10.2012 15:39
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Valentice94 12.10.2012 17:18
Das kam herraus.

Code:
# AdwCleaner v2.004 - Datei am 12/10/2012 um 18:11:11 erstellt
# Aktualisiert am 06/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : MaxMustermann
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : Application Updater
Gestoppt & Gelöscht : WajamUpdater

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Users\MaxMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Windows\SysWOW64\conduitEngine.tmp
Ordner Gelöscht : C:\Program Files (x86)\Application Updater
Ordner Gelöscht : C:\Program Files (x86)\AutocompletePro
Ordner Gelöscht : C:\Program Files (x86)\Common Files\spigot
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\DVDVideoSoftTB
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Program Files (x86)\myBabylon_English
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\Local\Temp\CT2269050
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\Local\Wajam
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\LocalLow\DVDVideoSoftTB
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\LocalLow\Elf_1.13
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\LocalLow\myBabylon_English
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\LocalLow\Search Settings
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\LocalLow\ShopperReports3
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Ordner Gelöscht : C:\Users\MaxMustermann\AppData\Roaming\OpenCandy

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\HavingFunOnline
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Elf_1.13
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\I Want This
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\myBabylon_English
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ShopperReports3
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AutocompletePro
Schlüssel Gelöscht : HKCU\Software\AutocompleteProBHO
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3F624D28-5FE1-4F08-9D02-D6A105DD3072}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99779854-1D37-4B91-B403-05486E20028F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gelöscht : HKCU\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Schlüssel Gelöscht : HKLM\Software\Application Updater
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT1460988
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKLM\Software\Elf_1.13
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99779854-1D37-4B91-B403-05486E20028F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gelöscht : HKLM\Software\myBabylon_English
Schlüssel Gelöscht : HKLM\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99779854-1D37-4B91-B403-05486E20028F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0F179926-16F1-4584-AC96-12FA9BD6A0CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D7EDC0E-3215-4B96-B59B-5BAD9DA3CEB6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D0FC09C-7D48-4D23-B483-445A691E11A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{731E8EFE-C724-47B8-8EBC-07B2F27F934A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADD47822-804A-482C-85E4-9C5604D244DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C807BF39-F310-430D-81F4-C7AC3F03D2A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\myBabylon_English Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B80F591E-FE9A-46CF-A13E-180377240586}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B80F591E-FE9A-46CF-A13E-180377240586}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B80F591E-FE9A-46CF-A13E-180377240586}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7ef195aa-da4a-4bd3-a5f4-4af5443c6029&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7ef195aa-da4a-4bd3-a5f4-4af5443c6029&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7ef195aa-da4a-4bd3-a5f4-4af5443c6029&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7ef195aa-da4a-4bd3-a5f4-4af5443c6029&searchtype=ds&q={searchTerms} --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (de)

Profilname : default
Datei : C:\Users\MaxMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\prefs.js

C:\Users\MaxMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\user.js ... Gelöscht !

Gelöscht : user_pref("browser.startup.homepage", "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpe[...]
Gelöscht : user_pref("extensions.wajam.affiliate_id", "6447");
Gelöscht : user_pref("extensions.wajam.firstrun", "false");
Gelöscht : user_pref("extensions.wajam.log_send_info", "false");
Gelöscht : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21083\",\"supported_sites\":{\[...]
Gelöscht : user_pref("extensions.wajam.no_trace", "false");
Gelöscht : user_pref("extensions.wajam.server_current_mapping_version", "0.21083");
Gelöscht : user_pref("extensions.wajam.trace_log", "1347936166969 - onFlagInfoReceived - No user current mappin[...]
Gelöscht : user_pref("extensions.wajam.unique_id", "2CFB2D75B5E00EF7013706891590F9FD");
Gelöscht : user_pref("extensions.wajam.user_current_mapping_version", "0");
Gelöscht : user_pref("extensions.wajam.version", "1.25");
Gelöscht : user_pref("CT2269050.autoDisableScopes", -1);

-\\ Google Chrome v22.0.1229.94

Datei : C:\Users\MaxMustermann\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.12] : homepage = "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48",
Gelöscht [l.16] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48" ]
Gelöscht [l.50] : icon_url = "hxxp://search.conduit.com/fav.ico",
Gelöscht [l.53] : keyword = "search.conduit.com",
Gelöscht [l.56] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050",
Gelöscht [l.1440] : homepage = "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48",
Gelöscht [l.1929] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48" ]

*************************

AdwCleaner[R1].txt - [19443 octets] - [12/10/2012 15:52:37]
AdwCleaner[S1].txt - [18875 octets] - [12/10/2012 18:11:11]

########## EOF - C:\AdwCleaner[S1].txt - [18936 octets] ##########

cosinus 12.10.2012 19:10
Hätte da mal zwei Fragen bevor es weiter geht (wir sind noch nicht fertig!)

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Valentice94 12.10.2012 19:12
1. Was meinst du damit? Ich verstehe das nicht tut mir leid

2.Nein ich vermisse nichts :)

cosinus 12.10.2012 20:43
Windows hat einen abgesicherten und einen normalen Modus. Deine Reaktion verrät, dass alles offensichtlich normal läuft.

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Valentice94 13.10.2012 17:36
So das ist raus gekommen.

Code:
OTL logfile created on: 13.10.2012 18:12:32 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\MaxMustermann\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,63 Gb Available Physical Memory | 70,14% Memory free
7,50 Gb Paging File | 6,14 Gb Available in Paging File | 81,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 317,86 Gb Free Space | 68,26% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: MaxMustermann | User Name: MaxMustermann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MaxMustermann\Desktop\OTL.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.07.18 18:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2005.07.22 09:22:22 | 000,126,976 | ---- | M] (T-Com Bereich Endgeräte) -- C:\Program Files (x86)\OnlineControl\ocontrol.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Update-Service-Installer-Service)
SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Dnscache)
SRV - [2012.10.09 03:51:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.05 01:28:45 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.08.30 21:36:30 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2012.07.14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.29 05:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.12 19:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.02.15 13:08:56 | 000,675,840 | ---- | M] (RapidSolution Software AG) [Disabled | Stopped] -- C:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe -- (ScrambyServer)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.07.18 18:04:42 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.07.18 18:04:42 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.07.18 18:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.05.21 15:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.09.26 20:32:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.08.12 13:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010.07.01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010.02.14 17:06:19 | 000,575,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.11.11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008.11.11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008.11.11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007.08.08 08:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scramby_out.sys -- (scramby_out)
DRV:64bit: - [2006.12.05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV - [2011.12.12 19:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.11.01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01  [binary data]
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01  [binary data]
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{5E4D3DCE-F4DD-433C-A690-3EF511A532F2}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{9ECAE799-1810-47F9-AA0D-74B6C39860CF}: "URL" = hxxp://www.ricardo.ch/search/search.asp?txtSearch={searchTerms}&Catg=1&InTitleAndDesc=1
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{EE232B47-5DB3-4AA9-87BD-51DD6FA63286}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=685749"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DragoTheOwner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DragoTheOwner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 04:57:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.01 12:37:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\DragoTheOwner\AppData\Roaming\IDM\idmmzcc3
 
[2012.07.22 04:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Extensions
[2012.10.12 18:11:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions
[2012.09.17 19:22:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.09.18 17:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions
[2011.07.17 20:51:18 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.09 17:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\ffxtlbr@babylon.com
[2012.08.07 18:04:54 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.12 18:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.08.24 22:46:49 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Free Studio (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
 
O1 HOSTS File: ([2012.08.07 19:07:25 | 000,444,231 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: hxxp://legendmt2.eu/ l2testauthd.lineage2.com
O1 - Hosts: hxxp://legendmt2.eu/ l2authd.lineage2.com
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 15246 more lines...
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\system32\d3dywzbtg.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri64_4.4.26.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47dda526-fe72-4f24-ae70-b0681e2df27d}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software)
O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Seite1.exe
O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun
O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun
O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk -  - File not found
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk -  - File not found
MsConfig:64bit - StartUpReg: BabylonToolbar - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Free Download Manager - hkey= - key= - C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
MsConfig:64bit - StartUpReg: HBLiteSA - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: Windows Game Service - hkey= - key= -  File not found
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: DnsCache - C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.13 18:03:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
[2012.10.12 22:59:07 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Shizuka3-Client-2012-v3
[2012.10.10 18:29:00 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\CRE
[2012.10.09 15:21:06 | 000,024,960 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2012.10.09 15:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Toolbar
[2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5
[2012.09.23 21:16:38 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.09.23 21:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2012.09.23 21:07:37 | 000,000,000 | R--D | C] -- C:\Users\DragoTheOwner\SkyDrive
[2012.09.23 21:07:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2012.09.23 17:44:28 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple Computer
[2012.09.23 17:44:27 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer
[2012.09.23 17:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.09.23 17:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.09.23 17:41:50 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple
[2012.09.23 17:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.09.23 17:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.09.18 17:54:25 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes
[2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.18 17:54:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.18 17:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.18 17:31:19 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Drum & Bass und DubStep
[2012.09.15 22:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2012.09.15 22:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012.09.15 22:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.13 18:13:01 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
[2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
[2012.10.13 17:54:27 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.13 17:54:27 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.13 17:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.13 17:46:05 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.10.13 17:46:03 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job
[2012.10.13 17:45:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.13 15:13:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.10.12 23:34:29 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.12 23:34:29 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.12 23:34:29 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.12 23:34:29 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.12 23:34:29 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.12 23:00:14 | 000,000,707 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk
[2012.10.12 16:05:43 | 000,284,749 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg
[2012.10.12 15:52:22 | 000,538,327 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
[2012.10.11 20:38:17 | 000,577,076 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5466_kimmundo_leblanc_league_of_legends.png
[2012.10.11 18:07:17 | 000,263,365 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\615911_538994196117062_708083328_o.jpg
[2012.10.11 01:18:36 | 000,002,523 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Google Chrome.lnk
[2012.10.10 18:46:08 | 046,796,570 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Entdecke die Schönen Seiten im Leben.mp4
[2012.10.10 18:29:09 | 000,000,009 | ---- | M] () -- C:\END
[2012.10.10 15:34:18 | 000,212,245 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg
[2012.10.09 15:10:14 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012.10.08 18:36:38 | 003,256,058 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a
[2012.10.08 11:35:33 | 000,009,216 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.07 18:43:08 | 000,000,220 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url
[2012.09.29 23:42:11 | 000,000,219 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url
[2012.09.29 22:59:13 | 000,001,243 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk
[2012.09.26 04:32:38 | 000,029,114 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\Folder.jpg
[2012.09.26 04:32:38 | 000,006,205 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\AlbumArtSmall.jpg
[2012.09.26 04:25:54 | 000,433,908 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg
[2012.09.26 03:20:32 | 057,228,076 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Ich kann nicht ohne dich...mp4
[2012.09.23 21:23:02 | 000,349,777 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg
[2012.09.23 21:15:54 | 000,001,305 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk
[2012.09.23 17:44:17 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.20 19:36:36 | 000,000,222 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url
[2012.09.19 21:25:16 | 002,311,218 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov
[2012.09.18 17:54:10 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.18 17:37:47 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img
[2012.09.18 05:57:42 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img.bak
[2012.09.17 09:41:33 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.15 22:25:16 | 000,001,186 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012.09.15 22:25:16 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.12 23:00:14 | 000,000,707 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk
[2012.10.12 16:05:41 | 000,284,749 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg
[2012.10.12 15:52:20 | 000,538,327 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
[2012.10.11 20:38:16 | 000,577,076 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5466_kimmundo_leblanc_league_of_legends.png
[2012.10.11 18:07:17 | 000,263,365 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\615911_538994196117062_708083328_o.jpg
[2012.10.10 18:43:10 | 046,796,570 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Entdecke die Schönen Seiten im Leben.mp4
[2012.10.10 18:29:07 | 000,000,009 | ---- | C] () -- C:\END
[2012.10.10 15:34:18 | 000,212,245 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg
[2012.10.09 15:10:14 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012.10.08 18:36:35 | 003,256,058 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a
[2012.10.07 18:43:08 | 000,000,220 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url
[2012.09.29 23:42:11 | 000,000,219 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url
[2012.09.26 04:26:54 | 000,433,908 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg
[2012.09.26 03:13:15 | 057,228,076 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Ich kann nicht ohne dich...mp4
[2012.09.24 05:01:33 | 000,000,617 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\League of Legends spielen .lnk
[2012.09.23 21:23:08 | 000,349,777 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg
[2012.09.23 21:15:54 | 000,001,305 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk
[2012.09.23 21:15:42 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2012.09.23 21:14:59 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012.09.23 21:07:35 | 000,002,200 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2012.09.23 17:44:17 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.23 17:41:47 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.09.20 19:36:36 | 000,000,222 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url
[2012.09.19 21:23:33 | 002,311,218 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov
[2012.09.18 17:54:10 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.17 19:22:41 | 000,001,243 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk
[2012.09.15 22:25:16 | 000,001,186 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012.09.15 22:25:16 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012.09.07 06:01:03 | 000,008,976 | ---- | C] () -- C:\Users\DragoTheOwner\.recently-used.xbel
[2012.07.27 14:11:05 | 000,003,551 | ---- | C] () -- C:\Windows\wininit.ini
[2012.07.23 00:33:25 | 000,009,216 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.05.01 21:50:14 | 922,460,208 | ---- | C] () -- C:\Users\DragoTheOwner\War_Rock_10182011_G1_Xfire.exe
[2012.03.21 18:54:48 | 000,000,000 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\{30DEB4EF-7BA3-4C31-B2F1-2D0414B6C43D}
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.25 01:58:18 | 000,282,472 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.09.25 01:58:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.24 18:06:10 | 000,150,184 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.04.18 23:30:47 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.03.10 16:58:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.11.22 12:00:06 | 004,269,056 | ---- | C] () -- C:\Windows\SysWow64\system.dll
[2010.11.16 15:33:06 | 000,021,220 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\UserTile.png
[2010.03.01 20:09:42 | 000,007,606 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.09.10 03:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft
[2011.12.17 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics
[2011.05.22 11:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux
[2010.01.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener
[2011.02.10 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache
[2012.06.15 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations
[2012.07.06 17:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB
[2012.10.10 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft
[2012.09.17 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.01.27 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner
[2012.05.17 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson
[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen
[2011.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader
[2012.10.09 15:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager
[2010.06.10 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo
[2012.09.07 06:01:03 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0
[2011.06.18 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios
[2011.11.03 11:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ
[2011.01.15 00:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM
[2012.10.09 15:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2010.07.15 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics
[2010.08.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient
[2012.05.24 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2
[2010.10.11 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX
[2011.10.30 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut
[2011.04.03 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World
[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF
[2011.07.10 21:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++
[2012.06.15 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org
[2010.06.27 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape
[2012.07.03 20:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games
[2011.10.08 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee
[2011.05.14 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot
[2012.07.20 02:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater
[2012.06.28 20:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync
[2010.12.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat
[2012.08.07 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer
[2011.05.10 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds
[2012.09.17 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client
[2012.04.20 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software
[2012.09.18 17:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue
[2011.10.15 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.09.10 03:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft
[2012.06.15 10:44:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Adobe
[2012.09.23 17:45:20 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer
[2010.10.08 21:44:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ArcSoft
[2011.12.17 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics
[2011.05.22 11:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux
[2012.07.27 15:44:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Avira
[2011.01.08 00:17:15 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\AVS4YOU
[2010.01.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener
[2011.01.08 17:15:16 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DivX
[2011.02.10 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache
[2012.06.15 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations
[2012.07.06 17:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB
[2012.10.10 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft
[2012.09.17 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.01.27 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner
[2012.05.17 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson
[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen
[2011.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader
[2012.10.09 15:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager
[2010.06.10 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo
[2012.09.07 06:01:03 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0
[2010.09.18 16:21:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hamachi
[2011.06.18 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios
[2011.11.03 11:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ
[2010.01.27 16:55:55 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Identities
[2011.01.15 00:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM
[2010.02.14 17:06:21 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\InstallShield
[2012.10.09 15:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2010.07.15 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics
[2010.08.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient
[2012.05.24 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2
[2010.01.27 20:28:38 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia
[2010.10.11 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX
[2012.09.18 17:54:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes
[2009.07.14 20:18:18 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Media Center Programs
[2012.09.30 01:10:48 | 000,000,000 | --SD | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft
[2012.07.22 04:58:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Mozilla
[2011.10.30 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut
[2011.04.03 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World
[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF
[2011.07.10 21:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++
[2012.04.22 15:31:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\NVIDIA
[2012.06.15 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org
[2010.06.27 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape
[2012.07.03 20:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games
[2011.10.08 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee
[2011.05.14 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot
[2012.07.20 02:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater
[2012.06.28 20:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync
[2012.10.13 18:12:37 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Skype
[2011.07.24 00:03:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\skypePM
[2010.12.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat
[2010.08.10 13:36:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\teamspeak2
[2012.08.07 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer
[2011.05.10 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds
[2012.09.17 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client
[2012.04.20 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software
[2012.09.18 17:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue
[2011.10.15 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer
[2010.01.27 17:09:32 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.01.29 17:45:25 | 079,043,646 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe7
[2011.01.29 17:45:25 | 087,148,709 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe5
[2011.01.29 17:45:25 | 074,667,317 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe6
[2011.01.29 17:45:25 | 079,551,845 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe4
[2011.01.29 17:45:25 | 068,507,997 | ---- | M] (Igor Pavlov) -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe
[2011.01.29 17:45:25 | 064,054,648 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe1
[2011.01.29 17:45:25 | 075,811,492 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe2
[2011.01.29 17:45:25 | 074,545,348 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe3
[2010.11.27 04:01:28 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.04.12 13:33:48 | 008,738,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2011.01.16 16:07:29 | 000,348,160 | ---- | M] (Octoshape ApS) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
 
< %SYSTEMDRIVE%\*.exe >
[2008.04.11 08:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
<          >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.06.28 21:36:59 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.10.15 12:41:45 | 000,000,198 | ---- | C] () -- C:\Windows\Tasks\{CD7D28A7-F48B-41CE-B478-5A4BFF4BF3EB}.job
[2012.03.27 17:33:15 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core1cd0c2eed37e280.job
[2012.04.24 13:09:42 | 000,000,240 | ---- | C] () -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012.job
[2012.05.23 18:15:41 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.06.09 16:06:09 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.07.13 03:14:16 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job
[2012.07.26 17:34:42 | 000,001,152 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

cosinus 13.10.2012 20:39
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/np-cwmp.dll
O2 - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found.
O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Seite1.exe
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
:Files
C:\install.exe
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Valentice94 13.10.2012 20:47
Es gibt ein Problem..Es sind zuviele Zeichen. also kann ich es nicht Posten.

cosinus 14.10.2012 15:40
Dann bitte in zwei Posting verteilt posten in CODE-Tags

Ich hab auch gerade einen Hinweis bekommen, dass du den mediyes hast, da müssen wir auchnochmal richtig ran :balla:

Valentice94 14.10.2012 17:23
Alles klar hier kommt der 1.

Code:
OTL logfile created on: 13.10.2012 18:12:32 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\MaxMustermann\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,63 Gb Available Physical Memory | 70,14% Memory free
7,50 Gb Paging File | 6,14 Gb Available in Paging File | 81,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 317,86 Gb Free Space | 68,26% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: MaxMustermann | User Name: MaxMustermann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MaxMustermann\Desktop\OTL.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.07.18 18:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2005.07.22 09:22:22 | 000,126,976 | ---- | M] (T-Com Bereich Endgeräte) -- C:\Program Files (x86)\OnlineControl\ocontrol.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Update-Service-Installer-Service)
SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Dnscache)
SRV - [2012.10.09 03:51:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.05 01:28:45 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.08.30 21:36:30 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2012.07.14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.29 05:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.12 19:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.02.15 13:08:56 | 000,675,840 | ---- | M] (RapidSolution Software AG) [Disabled | Stopped] -- C:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe -- (ScrambyServer)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.07.18 18:04:42 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.07.18 18:04:42 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.07.18 18:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.05.21 15:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.09.26 20:32:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.08.12 13:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010.07.01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010.02.14 17:06:19 | 000,575,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.11.11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008.11.11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008.11.11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007.08.08 08:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scramby_out.sys -- (scramby_out)
DRV:64bit: - [2006.12.05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV - [2011.12.12 19:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.11.01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01  [binary data]
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01  [binary data]
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{5E4D3DCE-F4DD-433C-A690-3EF511A532F2}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{9ECAE799-1810-47F9-AA0D-74B6C39860CF}: "URL" = hxxp://www.ricardo.ch/search/search.asp?txtSearch={searchTerms}&Catg=1&InTitleAndDesc=1
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{EE232B47-5DB3-4AA9-87BD-51DD6FA63286}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=685749"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DragoTheOwner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DragoTheOwner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 04:57:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.01 12:37:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\DragoTheOwner\AppData\Roaming\IDM\idmmzcc3
 
[2012.07.22 04:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Extensions
[2012.10.12 18:11:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions
[2012.09.17 19:22:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.09.18 17:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions
[2011.07.17 20:51:18 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.09 17:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\ffxtlbr@babylon.com
[2012.08.07 18:04:54 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.12 18:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.08.24 22:46:49 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Free Studio (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
 
O1 HOSTS File: ([2012.08.07 19:07:25 | 000,444,231 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: hxxp://legendmt2.eu/ l2testauthd.lineage2.com
O1 - Hosts: hxxp://legendmt2.eu/ l2authd.lineage2.com
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 15246 more lines...
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\system32\d3dywzbtg.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri64_4.4.26.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47dda526-fe72-4f24-ae70-b0681e2df27d}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software)
O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Seite1.exe
O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun
O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun
O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk -  - File not found
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk -  - File not found
MsConfig:64bit - StartUpReg: BabylonToolbar - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Free Download Manager - hkey= - key= - C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
MsConfig:64bit - StartUpReg: HBLiteSA - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: Windows Game Service - hkey= - key= -  File not found
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: DnsCache - C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
Der 2.

Code:
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.13 18:03:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
[2012.10.12 22:59:07 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Shizuka3-Client-2012-v3
[2012.10.10 18:29:00 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\CRE
[2012.10.09 15:21:06 | 000,024,960 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2012.10.09 15:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Toolbar
[2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5
[2012.09.23 21:16:38 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.09.23 21:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2012.09.23 21:07:37 | 000,000,000 | R--D | C] -- C:\Users\DragoTheOwner\SkyDrive
[2012.09.23 21:07:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2012.09.23 17:44:28 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple Computer
[2012.09.23 17:44:27 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer
[2012.09.23 17:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.09.23 17:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.09.23 17:41:50 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple
[2012.09.23 17:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.09.23 17:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.09.18 17:54:25 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes
[2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.18 17:54:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.18 17:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.18 17:31:19 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Drum & Bass und DubStep
[2012.09.15 22:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2012.09.15 22:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012.09.15 22:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.13 18:13:01 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
[2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
[2012.10.13 17:54:27 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.13 17:54:27 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.13 17:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.13 17:46:05 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.10.13 17:46:03 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job
[2012.10.13 17:45:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.13 15:13:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.10.12 23:34:29 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.12 23:34:29 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.12 23:34:29 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.12 23:34:29 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.12 23:34:29 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.12 23:00:14 | 000,000,707 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk
[2012.10.12 16:05:43 | 000,284,749 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg
[2012.10.12 15:52:22 | 000,538,327 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
[2012.10.11 20:38:17 | 000,577,076 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5466_kimmundo_leblanc_league_of_legends.png
[2012.10.11 18:07:17 | 000,263,365 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\615911_538994196117062_708083328_o.jpg
[2012.10.11 01:18:36 | 000,002,523 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Google Chrome.lnk
[2012.10.10 18:46:08 | 046,796,570 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Entdecke die Schönen Seiten im Leben.mp4
[2012.10.10 18:29:09 | 000,000,009 | ---- | M] () -- C:\END
[2012.10.10 15:34:18 | 000,212,245 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg
[2012.10.09 15:10:14 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012.10.08 18:36:38 | 003,256,058 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a
[2012.10.08 11:35:33 | 000,009,216 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.07 18:43:08 | 000,000,220 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url
[2012.09.29 23:42:11 | 000,000,219 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url
[2012.09.29 22:59:13 | 000,001,243 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk
[2012.09.26 04:32:38 | 000,029,114 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\Folder.jpg
[2012.09.26 04:32:38 | 000,006,205 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\AlbumArtSmall.jpg
[2012.09.26 04:25:54 | 000,433,908 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg
[2012.09.26 03:20:32 | 057,228,076 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Ich kann nicht ohne dich...mp4
[2012.09.23 21:23:02 | 000,349,777 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg
[2012.09.23 21:15:54 | 000,001,305 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk
[2012.09.23 17:44:17 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.20 19:36:36 | 000,000,222 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url
[2012.09.19 21:25:16 | 002,311,218 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov
[2012.09.18 17:54:10 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.18 17:37:47 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img
[2012.09.18 05:57:42 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img.bak
[2012.09.17 09:41:33 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.15 22:25:16 | 000,001,186 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012.09.15 22:25:16 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.12 23:00:14 | 000,000,707 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk
[2012.10.12 16:05:41 | 000,284,749 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg
[2012.10.12 15:52:20 | 000,538,327 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
[2012.10.11 20:38:16 | 000,577,076 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5466_kimmundo_leblanc_league_of_legends.png
[2012.10.11 18:07:17 | 000,263,365 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\615911_538994196117062_708083328_o.jpg
[2012.10.10 18:43:10 | 046,796,570 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Entdecke die Schönen Seiten im Leben.mp4
[2012.10.10 18:29:07 | 000,000,009 | ---- | C] () -- C:\END
[2012.10.10 15:34:18 | 000,212,245 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg
[2012.10.09 15:10:14 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012.10.08 18:36:35 | 003,256,058 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a
[2012.10.07 18:43:08 | 000,000,220 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url
[2012.09.29 23:42:11 | 000,000,219 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url
[2012.09.26 04:26:54 | 000,433,908 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg
[2012.09.26 03:13:15 | 057,228,076 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Ich kann nicht ohne dich...mp4
[2012.09.24 05:01:33 | 000,000,617 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\League of Legends spielen .lnk
[2012.09.23 21:23:08 | 000,349,777 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg
[2012.09.23 21:15:54 | 000,001,305 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk
[2012.09.23 21:15:42 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2012.09.23 21:14:59 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012.09.23 21:07:35 | 000,002,200 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2012.09.23 17:44:17 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.23 17:41:47 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.09.20 19:36:36 | 000,000,222 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url
[2012.09.19 21:23:33 | 002,311,218 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov
[2012.09.18 17:54:10 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.17 19:22:41 | 000,001,243 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk
[2012.09.15 22:25:16 | 000,001,186 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012.09.15 22:25:16 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012.09.07 06:01:03 | 000,008,976 | ---- | C] () -- C:\Users\DragoTheOwner\.recently-used.xbel
[2012.07.27 14:11:05 | 000,003,551 | ---- | C] () -- C:\Windows\wininit.ini
[2012.07.23 00:33:25 | 000,009,216 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.05.01 21:50:14 | 922,460,208 | ---- | C] () -- C:\Users\DragoTheOwner\War_Rock_10182011_G1_Xfire.exe
[2012.03.21 18:54:48 | 000,000,000 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\{30DEB4EF-7BA3-4C31-B2F1-2D0414B6C43D}
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.25 01:58:18 | 000,282,472 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.09.25 01:58:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.24 18:06:10 | 000,150,184 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.04.18 23:30:47 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.03.10 16:58:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.11.22 12:00:06 | 004,269,056 | ---- | C] () -- C:\Windows\SysWow64\system.dll
[2010.11.16 15:33:06 | 000,021,220 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\UserTile.png
[2010.03.01 20:09:42 | 000,007,606 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.09.10 03:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft
[2011.12.17 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics
[2011.05.22 11:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux
[2010.01.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener
[2011.02.10 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache
[2012.06.15 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations
[2012.07.06 17:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB
[2012.10.10 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft
[2012.09.17 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.01.27 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner
[2012.05.17 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson
[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen
[2011.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader
[2012.10.09 15:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager
[2010.06.10 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo
[2012.09.07 06:01:03 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0
[2011.06.18 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios
[2011.11.03 11:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ
[2011.01.15 00:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM
[2012.10.09 15:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2010.07.15 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics
[2010.08.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient
[2012.05.24 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2
[2010.10.11 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX
[2011.10.30 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut
[2011.04.03 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World
[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF
[2011.07.10 21:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++
[2012.06.15 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org
[2010.06.27 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape
[2012.07.03 20:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games
[2011.10.08 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee
[2011.05.14 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot
[2012.07.20 02:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater
[2012.06.28 20:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync
[2010.12.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat
[2012.08.07 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer
[2011.05.10 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds
[2012.09.17 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client
[2012.04.20 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software
[2012.09.18 17:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue
[2011.10.15 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.09.10 03:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft
[2012.06.15 10:44:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Adobe
[2012.09.23 17:45:20 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer
[2010.10.08 21:44:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ArcSoft
[2011.12.17 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics
[2011.05.22 11:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux
[2012.07.27 15:44:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Avira
[2011.01.08 00:17:15 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\AVS4YOU
[2010.01.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener
[2011.01.08 17:15:16 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DivX
[2011.02.10 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache
[2012.06.15 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations
[2012.07.06 17:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB
[2012.10.10 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft
[2012.09.17 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.01.27 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner
[2012.05.17 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson
[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen
[2011.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader
[2012.10.09 15:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager
[2010.06.10 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo
[2012.09.07 06:01:03 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0
[2010.09.18 16:21:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hamachi
[2011.06.18 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios
[2011.11.03 11:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ
[2010.01.27 16:55:55 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Identities
[2011.01.15 00:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM
[2010.02.14 17:06:21 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\InstallShield
[2012.10.09 15:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2010.07.15 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics
[2010.08.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient
[2012.05.24 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2
[2010.01.27 20:28:38 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia
[2010.10.11 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX
[2012.09.18 17:54:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes
[2009.07.14 20:18:18 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Media Center Programs
[2012.09.30 01:10:48 | 000,000,000 | --SD | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft
[2012.07.22 04:58:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Mozilla
[2011.10.30 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut
[2011.04.03 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World
[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF
[2011.07.10 21:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++
[2012.04.22 15:31:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\NVIDIA
[2012.06.15 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org
[2010.06.27 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape
[2012.07.03 20:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games
[2011.10.08 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee
[2011.05.14 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot
[2012.07.20 02:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater
[2012.06.28 20:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync
[2012.10.13 18:12:37 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Skype
[2011.07.24 00:03:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\skypePM
[2010.12.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat
[2010.08.10 13:36:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\teamspeak2
[2012.08.07 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer
[2011.05.10 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds
[2012.09.17 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client
[2012.04.20 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software
[2012.09.18 17:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue
[2011.10.15 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer
[2010.01.27 17:09:32 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.01.29 17:45:25 | 079,043,646 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe7
[2011.01.29 17:45:25 | 087,148,709 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe5
[2011.01.29 17:45:25 | 074,667,317 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe6
[2011.01.29 17:45:25 | 079,551,845 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe4
[2011.01.29 17:45:25 | 068,507,997 | ---- | M] (Igor Pavlov) -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe
[2011.01.29 17:45:25 | 064,054,648 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe1
[2011.01.29 17:45:25 | 075,811,492 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe2
[2011.01.29 17:45:25 | 074,545,348 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe3
[2010.11.27 04:01:28 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.04.12 13:33:48 | 008,738,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2011.01.16 16:07:29 | 000,348,160 | ---- | M] (Octoshape ApS) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
 
< %SYSTEMDRIVE%\*.exe >
[2008.04.11 08:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
<          >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.06.28 21:36:59 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.10.15 12:41:45 | 000,000,198 | ---- | C] () -- C:\Windows\Tasks\{CD7D28A7-F48B-41CE-B478-5A4BFF4BF3EB}.job
[2012.03.27 17:33:15 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core1cd0c2eed37e280.job
[2012.04.24 13:09:42 | 000,000,240 | ---- | C] () -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012.job
[2012.05.23 18:15:41 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.06.09 16:06:09 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.07.13 03:14:16 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job
[2012.07.26 17:34:42 | 000,001,152 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

cosinus 14.10.2012 17:43
Das ist aber nicht das Fixlog, bitte das Log nach dem Fix posten

Valentice94 14.10.2012 18:24
Ok ich denke das ist es.

Code:
OTL Extras logfile created on: 13.10.2012 18:12:32 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\DragoTheOwner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,63 Gb Available Physical Memory | 70,14% Memory free
7,50 Gb Paging File | 6,14 Gb Available in Paging File | 81,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 317,86 Gb Free Space | 68,26% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: NOEL | User Name: DragoTheOwner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.js [@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0181F78D-5CE6-4286-ACFD-B79B89A4ACB3}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{0215D7D0-6125-4B20-B2DB-00C281D6CF6B}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{043A0207-AC8A-4CF9-9CF9-F3AE0EB75AD7}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{0624245A-F330-411B-AE1C-50DAB5407FEF}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher |
"{07E2F0D4-8481-4382-9931-9160542DABC2}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{07EF7F63-D8C0-4D4E-B3DD-A28FC9388B97}" = lport=6898 | protocol=6 | dir=in | name=league of legends launcher |
"{0A035BE2-93FE-44CE-8339-0D7F008F42C3}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{0EC10FD2-A665-4842-B7F3-F946F58E92F7}" = lport=6929 | protocol=17 | dir=in | name=league of legends launcher |
"{15B5565E-617B-4DD0-B58A-2A65E26F9D17}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{1C391C93-81D5-4879-B616-A8D2087C5160}" = lport=6961 | protocol=17 | dir=in | name=league of legends launcher |
"{1F446F90-6367-49D9-9555-4E2987106D1F}" = lport=6900 | protocol=6 | dir=in | name=league of legends launcher |
"{1F71F3EB-BBF0-4568-BC9D-1F919BF9E01D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{21A88D69-9145-44C3-9824-CA6A09327135}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{21C5279B-7B43-4529-A6BB-9991141AB25C}" = lport=6962 | protocol=6 | dir=in | name=league of legends launcher |
"{25042E63-EB50-409D-9C2B-A2386DE4D6E2}" = lport=6919 | protocol=17 | dir=in | name=league of legends launcher |
"{2C71F38C-57C9-4809-B326-490489AE13C4}" = lport=6945 | protocol=17 | dir=in | name=league of legends launcher |
"{2F8FE8F8-15AC-4C96-8B1E-65442319FB22}" = lport=6895 | protocol=17 | dir=in | name=league of legends launcher |
"{3218AE2C-66E4-480D-8C15-F68BDCE451FE}" = lport=6967 | protocol=17 | dir=in | name=league of legends launcher |
"{334AD1A3-D6C1-4299-A1B8-90CFFA94E335}" = lport=6959 | protocol=17 | dir=in | name=league of legends launcher |
"{3453A4B5-76B9-4495-B87C-D0B66D4EF34F}" = rport=445 | protocol=6 | dir=out | app=system |
"{34C297EF-1E60-4EE2-9EE4-0369E6DFFD49}" = lport=6948 | protocol=6 | dir=in | name=league of legends launcher |
"{36F32453-2174-4AF1-BFAE-84D2167003B6}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{37AAFDCC-EF15-4891-B939-ABD648B38D1B}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{38D0497C-9328-4BDB-819A-29403F3B07A9}" = lport=6938 | protocol=6 | dir=in | name=league of legends launcher |
"{39E12260-B2FF-40DF-AC8C-DD0C80ADDB02}" = lport=6893 | protocol=17 | dir=in | name=league of legends launcher |
"{3B6F384D-6B56-4FF0-8224-65AFA007C545}" = lport=6888 | protocol=6 | dir=in | name=league of legends launcher |
"{3C29D026-9BBA-4BFC-B307-CB8B21784021}" = lport=6923 | protocol=17 | dir=in | name=league of legends launcher |
"{42F44017-048D-4D8C-96F5-40677E8256CE}" = lport=139 | protocol=6 | dir=in | app=system |
"{44EB6ED0-B2A9-443F-9856-E123AF8D005F}" = lport=6908 | protocol=6 | dir=in | name=league of legends launcher |
"{44F94022-4158-413D-9E07-155C1788BF64}" = lport=6888 | protocol=17 | dir=in | name=league of legends launcher |
"{45501073-1523-42C3-AAF9-FB09C0490B45}" = lport=6974 | protocol=17 | dir=in | name=league of legends launcher |
"{486617AF-ABB1-427E-A35D-08A6FFF16665}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{4C00C683-3FAD-4D6E-9304-140C7880BE54}" = lport=6992 | protocol=6 | dir=in | name=league of legends launcher |
"{4C356839-28B8-4598-9494-C6CC32BC719A}" = lport=6908 | protocol=17 | dir=in | name=league of legends launcher |
"{4CB603C9-3F77-4926-B2DE-F11660A84482}" = lport=137 | protocol=17 | dir=in | app=system |
"{4D49FCC4-D1E4-4962-B493-238E55191D78}" = lport=6906 | protocol=17 | dir=in | name=league of legends launcher |
"{4DF3713D-5B8B-43A0-A3C0-CB2474263A3A}" = lport=6895 | protocol=17 | dir=in | name=league of legends launcher |
"{5044B455-4C35-4CE3-B664-7D95C0ACB103}" = lport=6910 | protocol=17 | dir=in | name=league of legends launcher |
"{5217827B-072A-46A7-BF78-715172EF80E7}" = lport=6962 | protocol=17 | dir=in | name=league of legends launcher |
"{535D0BEA-7F26-4CC6-8DC8-332358E35284}" = lport=6924 | protocol=6 | dir=in | name=league of legends launcher |
"{54AF4826-EFD0-4BD3-B175-A7EC85E0484B}" = lport=6986 | protocol=6 | dir=in | name=league of legends launcher |
"{56040CC9-E8F4-46F5-81F7-52B157A0CDEC}" = lport=6895 | protocol=6 | dir=in | name=league of legends launcher |
"{56D86038-EB48-4DED-B478-EF9A6FA46CEF}" = lport=6963 | protocol=17 | dir=in | name=league of legends launcher |
"{57433B7D-8D26-4FC5-9E7D-1D8A19B63598}" = lport=6955 | protocol=6 | dir=in | name=league of legends launcher |
"{58761F36-6AAC-4169-88BE-0F5E12DC6A00}" = lport=49170 | protocol=6 | dir=in | name=akamai netsession interface |
"{58F8051C-C16A-4DE2-8D79-B79300C0C836}" = lport=6949 | protocol=17 | dir=in | name=league of legends launcher |
"{599EE1F3-853F-45ED-9B1F-0689183E2B97}" = lport=6888 | protocol=6 | dir=in | name=league of legends launcher |
"{59B9D11B-1F75-427C-BB34-D678DC3169D7}" = lport=6893 | protocol=6 | dir=in | name=league of legends launcher |
"{5B83656C-5477-4CB7-A696-B2F775046BF8}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5C20C9F0-D7EC-4AFD-B5E8-5EE8A242CE85}" = lport=6921 | protocol=6 | dir=in | name=league of legends launcher |
"{5F88EE07-53E2-4A8F-AE41-C7FD08A4951E}" = lport=6899 | protocol=17 | dir=in | name=league of legends launcher |
"{609BC565-50AA-4910-8136-E642FA1C555F}" = lport=6972 | protocol=6 | dir=in | name=league of legends launcher |
"{61886DF5-D463-4CFB-8327-12BCC8FAA1B7}" = lport=6888 | protocol=17 | dir=in | name=league of legends launcher |
"{61FBBBB1-AF5B-4195-903F-8156AADB1053}" = lport=6973 | protocol=17 | dir=in | name=league of legends launcher |
"{622EB039-7382-4F66-9023-F07B68FA9AC5}" = lport=6974 | protocol=6 | dir=in | name=league of legends launcher |
"{655AF73E-0770-424C-8339-E3B5A759EFF4}" = lport=6916 | protocol=6 | dir=in | name=league of legends launcher |
"{6AE49FBB-8221-4FAA-8D93-22625176FF28}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{6BDB25EE-4499-4071-9AA6-AE55C011E8BA}" = lport=6973 | protocol=6 | dir=in | name=league of legends launcher |
"{6CB2311A-54BD-4F5B-9B33-FAABEA2F09AB}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
"{6E94131B-197D-42E3-9BF6-621C3BBAEED6}" = lport=6997 | protocol=17 | dir=in | name=league of legends launcher |
"{6EAE8F25-5017-4022-A696-6B24BA1185BC}" = lport=6951 | protocol=6 | dir=in | name=league of legends launcher |
"{7469E944-8E94-4AA0-B08E-2F3495D691C6}" = lport=6949 | protocol=6 | dir=in | name=league of legends launcher |
"{74E0D935-AC31-4456-A30B-2C44A1EC5C56}" = lport=6910 | protocol=6 | dir=in | name=league of legends launcher |
"{75CD009E-1AA1-491B-B098-FEDD6FE23398}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher |
"{76742038-BD21-4997-A2BB-816394FC4DB3}" = lport=138 | protocol=17 | dir=in | app=system |
"{7ABDFFED-9861-485E-8C31-36DB9D84098B}" = lport=6899 | protocol=6 | dir=in | name=league of legends launcher |
"{7AE4DEAF-378C-4CD8-AE01-79D39579EC2F}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{7C5804C4-2629-4EEC-9B0C-E987CAFDAD62}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{7D3E74A5-8FB4-4C1C-A329-394A930FF93C}" = lport=6959 | protocol=6 | dir=in | name=league of legends launcher |
"{7EEF91E2-0512-461F-A995-3E51048E0C41}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{84D9E18D-7CF7-4BA2-B65F-863B3945C986}" = lport=6924 | protocol=17 | dir=in | name=league of legends launcher |
"{87C912B4-02A5-4DCF-9893-8B63AD18CD25}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{88854A7F-12FD-4B7A-9D5D-80CA6DD3F39F}" = lport=6958 | protocol=17 | dir=in | name=league of legends launcher |
"{8B554B7D-2916-4B53-A665-95C9D46386B7}" = lport=6895 | protocol=6 | dir=in | name=league of legends launcher |
"{8B768A98-0DD9-4881-827A-7D9AA1B60063}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{8C849DB0-4DD1-4504-A1CE-C77DF2C241AE}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{91170BF9-CBF5-47A8-80B2-A0004DF584C8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{95472323-035B-48E6-B190-0B4804DAA110}" = lport=6981 | protocol=6 | dir=in | name=league of legends launcher |
"{97197243-B0E2-4D65-9E3A-2C61197551E5}" = rport=2869 | protocol=6 | dir=out | app=system |
"{9742BBD9-615F-43B8-BF27-B3CC0BA0460C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9808C5A0-3C9F-46F6-A013-AB86AD020EE6}" = lport=6970 | protocol=17 | dir=in | name=league of legends launcher |
"{9A0F7963-8BC9-4D1C-8EBE-849DAC48A364}" = lport=445 | protocol=6 | dir=in | app=system |
"{9A119EB0-E983-43BB-878A-E72173DE2DA1}" = lport=6993 | protocol=6 | dir=in | name=league of legends launcher |
"{9C90351D-FF94-4576-B8CD-6FDA94000375}" = lport=6997 | protocol=6 | dir=in | name=league of legends launcher |
"{9D611338-CBDC-459A-8072-9B9D95709C82}" = lport=6884 | protocol=6 | dir=in | name=league of legends launcher |
"{9D6BEC60-13C4-4FF1-8E0D-5A796A849D20}" = lport=6958 | protocol=6 | dir=in | name=league of legends launcher |
"{9F7F625E-AFF5-4142-A670-0C72DF0F0129}" = lport=6938 | protocol=17 | dir=in | name=league of legends launcher |
"{A63A74CA-0F0D-47B5-814A-B082C00CB09F}" = lport=6992 | protocol=17 | dir=in | name=league of legends launcher |
"{A70822BF-12AA-40FF-80DF-BA56D11C3B3F}" = lport=6972 | protocol=17 | dir=in | name=league of legends launcher |
"{A9340B90-3FCC-424C-B011-B516B3A88480}" = lport=6898 | protocol=17 | dir=in | name=league of legends launcher |
"{AA128517-49FA-42C6-863B-5F4A62E90506}" = lport=6925 | protocol=17 | dir=in | name=league of legends launcher |
"{AAE111D4-AFE6-4F11-941D-A6152E4DD0EC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{AD0E7F71-6057-4FE2-B6A2-F150F4790581}" = lport=6955 | protocol=17 | dir=in | name=league of legends launcher |
"{B078C6D4-ECA9-4FD9-ACBF-168D8D7286B7}" = lport=6901 | protocol=6 | dir=in | name=league of legends launcher |
"{B31F07B7-3293-430C-8EF9-32B9513E8CAA}" = rport=138 | protocol=17 | dir=out | app=system |
"{B3D25BED-9C7A-4EF3-9B4B-B99CE0A46C46}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B473C4B2-1AD7-4421-9AF5-F35CC4910E96}" = lport=6986 | protocol=17 | dir=in | name=league of legends launcher |
"{BBB5BF17-78BB-4DA6-9C9E-C0569F8D8563}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C1C5A996-0BA5-4C8A-B486-50872E14EF99}" = lport=6906 | protocol=6 | dir=in | name=league of legends launcher |
"{C2083098-08F3-40B6-B010-E5C178AB2F99}" = lport=56728 | protocol=6 | dir=in | name=akamai netsession interface |
"{C2B6D530-8C74-4435-A188-E564049D3086}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C3FDA257-B8CD-4B69-B8A5-113D2DDE1738}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{C416656D-9C01-4434-91D2-4F533FBFC452}" = lport=6916 | protocol=17 | dir=in | name=league of legends launcher |
"{C53DCB03-E831-4D55-B48C-5A54511BA8B2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C66F0361-C74B-40CE-8D48-09AC406D8204}" = lport=6925 | protocol=6 | dir=in | name=league of legends launcher |
"{C80D2B93-069C-4C51-A329-A39021ADC2A1}" = lport=6956 | protocol=17 | dir=in | name=league of legends launcher |
"{C9E3C64C-0970-4088-B356-78009014EDB3}" = lport=6970 | protocol=6 | dir=in | name=league of legends launcher |
"{CC699927-FC79-4EA2-BD56-251F93A5DA91}" = lport=6973 | protocol=17 | dir=in | name=league of legends launcher |
"{D19040B6-3CEC-4010-BFC0-D702E9E6FA40}" = lport=6973 | protocol=6 | dir=in | name=league of legends launcher |
"{D2AEBAD4-1E77-446D-9A32-CA0E77C91FD5}" = lport=6929 | protocol=6 | dir=in | name=league of legends launcher |
"{D345E497-5438-4624-A222-BF3E6A3AC850}" = lport=6987 | protocol=6 | dir=in | name=league of legends launcher |
"{D3E3890F-7A35-45A6-8B9E-D8F4569F1DFC}" = lport=6991 | protocol=17 | dir=in | name=league of legends launcher |
"{D74209DF-6FB4-4B90-B979-D9E8D257BE31}" = rport=139 | protocol=6 | dir=out | app=system |
"{D7E1484A-E0EE-4C9D-92A2-99B80B18627E}" = lport=6951 | protocol=17 | dir=in | name=league of legends launcher |
"{D81C56A1-3D8B-44A9-9916-964765465630}" = lport=6945 | protocol=6 | dir=in | name=league of legends launcher |
"{D944A160-5B92-428C-BA67-AA3E77B72F03}" = lport=6948 | protocol=17 | dir=in | name=league of legends launcher |
"{DA25D335-5B53-41DA-94B2-E67A440FFC59}" = lport=6956 | protocol=6 | dir=in | name=league of legends launcher |
"{DA8808E3-AE7A-4347-8189-9958BADAC0DA}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{DA910466-D1E7-4F9E-B1D8-C2304BE0B234}" = lport=6981 | protocol=17 | dir=in | name=league of legends launcher |
"{DC8F8188-E3FF-47FD-A0FD-D05DDB24270E}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{E11CDB96-A35A-4ED7-B2A8-39AA08C63FAE}" = lport=6993 | protocol=17 | dir=in | name=league of legends launcher |
"{E231FDAA-7300-4D30-8D29-5C43E9BEA56B}" = lport=6961 | protocol=6 | dir=in | name=league of legends launcher |
"{E2D301F1-649A-4B45-B879-7A2AF7309AE5}" = lport=6923 | protocol=6 | dir=in | name=league of legends launcher |
"{E2DF213D-D47F-4089-A8CA-BF8208EE03D8}" = rport=137 | protocol=17 | dir=out | app=system |
"{E48E1D16-420A-4CD0-A020-F4D9EF763804}" = lport=6975 | protocol=6 | dir=in | name=league of legends launcher |
"{E4C2200F-B830-4D48-B0FB-B7A2AF960CCA}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{E61F8937-9FCB-4C42-A5BF-456C9BDFA6E6}" = lport=6921 | protocol=17 | dir=in | name=league of legends launcher |
"{E77DC069-2EE8-4B02-923A-3953EE9A9FA8}" = lport=6967 | protocol=6 | dir=in | name=league of legends launcher |
"{E980BE68-EF21-4A94-9E9F-C27F75333789}" = lport=6991 | protocol=6 | dir=in | name=league of legends launcher |
"{E9FA3997-A301-4402-B1E4-FE29792F8C3F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{ED8B9B5D-A16A-4016-A3AB-EB2D54EABFA6}" = lport=6884 | protocol=17 | dir=in | name=league of legends launcher |
"{EF23489D-87B4-4D36-AB56-47C849736CC8}" = lport=6963 | protocol=6 | dir=in | name=league of legends launcher |
"{F1398547-AFBE-41F8-AA1F-6E82581D20C9}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
"{F170C795-DF22-4775-8B62-B960397F75FD}" = lport=6975 | protocol=17 | dir=in | name=league of legends launcher |
"{F5A56737-8F41-476B-9FF8-47A2F5B17DEF}" = lport=6987 | protocol=17 | dir=in | name=league of legends launcher |
"{F8E8BC49-88E3-4AA5-9288-EE25B3F8C4DD}" = lport=6901 | protocol=17 | dir=in | name=league of legends launcher |
"{FAE5F774-6D41-4585-9787-3D569802699B}" = lport=6919 | protocol=6 | dir=in | name=league of legends launcher |
"{FC589C0F-D4FE-4EB0-8FB7-EF4801C51D81}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FF66BBC8-6D15-490D-9FD5-0FCF7992144E}" = lport=6900 | protocol=17 | dir=in | name=league of legends launcher |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000CBF69-198F-43DF-A7A7-F4737DE8FC7A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{00E21F34-8F0F-47BE-A6DC-5FB51252EC59}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{07333EB7-B85B-4884-9919-DC7BB1128BF5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{085247E5-346F-4E5A-AC0D-9B331BC04359}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{092C72A6-6108-441E-8963-2BB86FE2A9A1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{093828A4-5B1C-4865-9361-7D3F13A572BA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0D750937-053F-4B97-B584-F0F1F1500F7C}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo ag\levelr\levelr.bin |
"{0EB7DD18-CA56-404B-94A1-E462D8989B4A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0FCF00AB-3CF4-4333-9ABF-041F96370D8D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{13ABB685-A593-45C5-996C-F9B050F14E8C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\bin\sdklauncher.exe |
"{140BAE6A-1A7F-4B6F-8B7F-1A872617E825}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{16CC8864-7561-4E07-AA28-B07EF0B1703B}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe |
"{18E1B345-BC0C-403F-AFA4-89C7B1466C55}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\unins000.exe |
"{1979644A-F39C-430C-8A1B-A97B06BFF055}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{19B378A9-670C-4C81-9DEB-30C037EF464F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe |
"{1B34BBDA-0CB3-4D8A-ABDF-B084FFDCB755}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\blackprophecy.exe |
"{1BB32477-D47F-44C7-947D-EB7565EE14FB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1D3009C9-C361-47C7-B27D-EE05E4A53BD2}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\unins000.exe |
"{212850CD-F5A7-41BA-97F8-52FB1A588FCC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2228188C-F553-4378-8F0F-DC613390E708}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{25027E02-6B3C-4081-8991-6F1EF0C457A7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{269634CA-5FCB-419C-A8E4-828B06019594}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{28D587DB-2506-443A-BBDC-B88155319406}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2A8E1E28-B7E4-4C92-85C9-461CF8C0C143}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{2F1FCD9F-48D8-4F43-B55C-2F1A6C2661E1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{31C6941D-D684-44A7-9F57-6AD0C809E75A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe |
"{35B531F2-BC99-422D-ADC5-B8FB03B24CC5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{375B15D0-41C1-408D-B4F9-758E77AA5D43}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{37E91763-B598-487F-B9F0-181B6FF36130}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{38118137-0148-4462-9186-5D3E1AA2B8CB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{386BAEAB-726F-4C10-B055-53B2D6500A50}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\champions online\champions online.exe |
"{39C501BF-56BC-4333-9CCA-5E3E6817D207}" = protocol=17 | dir=in | app=c:\sg interactive\project blackout\pblackout.exe |
"{3DA3F967-B671-4BCA-B110-477C6A7B4157}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{3E432F52-38E0-4B72-ABF1-0115DB2F9699}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3FFE9D4F-3392-47EF-A142-96247A59B6EF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{42E4B585-D9BA-4A8A-A9C8-68B8CBD0B9E7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{47838A69-2345-473F-A498-233C5BBCBC90}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{47D54E56-86F9-4EAD-A820-3D164CAAE98B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4A19C264-DA4E-4E17-920A-E7F024155ACF}" = protocol=6 | dir=in | app=c:\users\dragotheowner\appdata\local\temp\7zipsfx.000\cf_downloader.exe |
"{4A5F46D3-14B4-4E9C-9C0F-EFAB066BD0DA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"{4BC4AE4B-F4AF-4182-9D07-34F4B812A1FC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight\torchlight.exe |
"{4E477D29-F8E4-4CB6-9646-0EEA058D8570}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{50269FEE-E251-422E-990D-9C8C2D0BC070}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{50BA7E46-1CCB-4C46-A1ED-5530FF9FBC2F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{53AF14E9-0E56-4236-9BC3-2680197FC46E}" = protocol=17 | dir=in | app=c:\users\dragotheowner\appdata\local\temp\7zipsfx.000\cf_downloader.exe |
"{56118E1B-1707-4C6B-9F1C-B9D87E3F01BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{578D02CF-8F67-4078-888D-049697284B65}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{5ABBEFCA-873E-42FC-9734-8D3D17449D86}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{5CE25829-9AD2-4BEC-8FBD-1A13866D67C9}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe |
"{5F204958-DE04-429C-A194-17171A852697}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5F42B82E-2457-4A59-B7D4-CA499118C9EB}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{611AE355-AB00-4800-8237-BF15A732C6C0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{65C04AB1-77B0-4450-8871-DFE1D69FEB85}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{65E3CEF6-5D74-4D09-B3AA-BC6C462B16FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{6B95A064-D37C-4D96-94A5-EF34B66EB296}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{6D9D03E2-FE8B-4857-BE6A-F93D06D737DE}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{6F40AEAD-3B11-43AF-90A6-E5D52A68D74E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7001DD2D-885D-4B97-85BB-5860DE0D0534}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{72E9B77D-B45A-40DA-8592-08B90626FD10}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{7451D09C-2607-4B5E-8305-D0C99F74BA34}" = protocol=6 | dir=in | app=c:\sg interactive\project blackout\pblackout.exe |
"{76DDFDD1-CE8C-4CB9-81B7-7EADD6A8BCF8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{771D97A4-A3E1-4656-898B-B16D5C1941DD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{77D302BB-10F1-4D4F-9F39-B789CC8111C0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7A99CBCD-D03B-4733-8A14-AFDDB4BCB37F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7ADF3F88-05AA-4C74-8EE6-F60193D244BF}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo ag\levelr\levelr.bin |
"{7AE932DF-4D5C-4B9E-A5A4-0DB78D5B0BA3}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{7BBC028F-5BCC-4E3B-B631-97A0D651C201}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{7BC29F74-58A1-41C0-8A04-1106BB7F493B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7D6ECC47-AA8E-4684-90B0-F0ACE44718FC}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{80E6E6AE-710D-41C9-A2D4-76EF1EB7114A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{81546F30-A726-4E86-B02C-FCD30ED60B01}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{86FC0222-078E-4E86-9661-397B971E1D3C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{887C4FC5-55C5-4C86-8F5D-54AB7AED549D}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe |
"{8A2FA4F1-11E1-464A-AFD0-12CDEE8200FF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{8ACA0FD1-B660-45CD-BFE3-4F3245BFA62A}" = protocol=17 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe |
"{8C094B4A-B988-4466-9438-69D8EBB3A92E}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{8DC50D0C-026C-4F9D-9E07-5CE3B41214A8}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{8E2F68CA-7DF6-49D3-8F5E-54BA481DC226}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\launcher.exe |
"{8E674E93-CA84-48FD-9CC2-6C55DE14A7D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{90835441-C0CC-4AFD-8084-D105591E4AA6}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{90AFAA01-FB74-41F9-AC1F-71FCE8D5A878}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\patcher.exe |
"{90E68EDA-D43C-4080-834C-2FB0E0E01CD3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9117B0E4-449E-45F5-BCAB-BC15D7E668F3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{926A469E-A2BE-4768-A171-9C649F52E8FB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{93D7426C-8074-4AB4-919B-119526643A1E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9447F102-3EA8-49BA-8CA3-40D547D03A86}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9569C423-C427-4BDE-8D28-17AC5CF841B6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{97007113-34E7-4E9A-A379-7757A0612FAA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{9991DDB1-ADA1-4750-879E-901F04A158E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
"{99B2038C-D48B-4A9E-A738-3B3791D795A4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A0948FAE-DD04-4CE0-9736-2EFB29A2D092}" = dir=in | app=c:\users\dragotheowner\appdata\local\microsoft\skydrive\skydrive.exe |
"{A4EC7DF9-625F-4E33-A957-31A2ABD257D9}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{A57F993F-399E-4CFD-822E-9E3D94F7512B}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{A6E5506A-0AB1-4976-9752-86DEC663102E}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe |
"{A8A73E39-BC40-4CD0-A904-43268260F84A}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{A8A9FFD7-A6CC-4CB8-B76A-53BB6F4F26C0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{A8C15AE0-C326-4BDF-B303-53E598F06F91}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A93BCD96-45EF-485F-A7C0-8C059BC270A8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AB7766F1-A342-4A1D-87B7-3347F98E6EF3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AC100769-9639-4F7C-B2F2-ED4215ED0E13}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AD9DB33A-EF66-427D-8963-FB3805EEAD1A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\champions online\champions online.exe |
"{AE51108E-229D-43CC-8D4B-1471F789ABA8}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\launcher.exe |
"{AEE28279-0455-493D-98C7-EE1F6460364A}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{AFC378ED-1588-4CFA-BEC0-6EFA7BAC10C7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B01C77B2-BB28-4891-90A3-842F37080FB6}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{B0952B52-2808-44E5-A50D-194CD517B3E0}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{B31702A3-0D0A-47EA-99D8-D681717BC9F5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B31AAC5A-4A9D-4C35-8C9E-92AD6359364C}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\blackprophecy.exe |
"{B44871FC-FBD6-4CAA-959F-01C20762968E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{B4B901B3-C0DD-43F0-B3D2-6B9D82EED711}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe |
"{B4D65D28-9D1A-44E5-832E-F7D0D88C5A33}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{B5AD7A36-FEC1-4605-8732-40B1EBB89F89}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B6FC5A9C-6A13-4BCA-A1ED-7F8FC20607AE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{B74DA5F7-2A1C-4EF5-BA62-E1EA063DBDCF}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B8E47AC9-788F-4F03-99B5-6F3C6AA6F5F7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B9F157C8-A855-43ED-895F-D5C7E40306A1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{BCFCEE52-DA16-4D02-A68D-8AB37164B346}" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe |
"{BF95C140-9C7C-4DA5-83C8-4B5C55FF5497}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"{C093242E-69BB-471E-A1DA-8E1CB003E599}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C70C616A-32B0-4411-AB22-B12950EE9A9B}" = protocol=6 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe |
"{C7C6E21D-DD5A-4453-BBD8-F874633028F2}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{C99643F2-931E-4157-ADFF-26DDA4B068A5}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{CC408758-ABED-4992-B563-CDCB6F87E6C8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CEDA62C3-7102-48C6-873E-1ABCF4F05E2B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3D3711C-F111-44F0-ABD8-FA63BB3660C9}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{D44F520A-E566-4B9F-A2C1-9D00EF131F1B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7C69C4D-CD13-48BB-A9C5-43D09E9EF31C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{D82587CC-75C6-4AF0-B127-924E7496C1FC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DD5AE7F5-4F4F-4C90-A5D6-27C759D16F1C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DE7168DF-E3E7-4C55-9E59-A8975582E319}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DEE4B43F-74AF-4947-8E98-C7ACFC2EBA56}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DFA8B9FA-6B9D-42DD-A196-854A7BE725C7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E3C36F52-3247-4763-A478-8B44BB5622E1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight\torchlight.exe |
"{E69D6554-9089-42F2-B069-B4FE04C622F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{E75D29AB-B590-4EBB-BD98-70B67DAB2FB3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E7B9D362-BC44-428C-A55A-3745066844C1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E7DD46D0-E2EC-4F32-AA61-4B4572162F68}" = protocol=6 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe |
"{E81E2328-791D-4C29-84CE-8252ACB4CA29}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{EAE60D8F-C3DA-42BB-9B76-295272D97152}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EC36AE3A-A9EC-456C-B868-913761E5221C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EDEC32A1-516E-48F5-8B8D-64517132A43A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\bin\sdklauncher.exe |
"{EED52A35-1A47-4957-B8A5-49D175151C9E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{EF9A9F26-D145-4A85-9A44-6D3D981EA64E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{F028D3C8-09D7-46E4-BBB6-3473E0E043BB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F3E8D68C-F24A-44B2-907E-948A22ABC6C9}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{F45FB0DC-7F87-4D5F-86A4-21B1ABED54CF}" = protocol=17 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe |
"{F562A49E-B5F1-4CF3-9081-5C6F5DABB7AE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{F7AD0A82-2CCE-454D-89E8-6063280AE5BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{F8EB05F5-B17A-4E74-8E8F-AE91EE259116}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F9EED0B2-1236-4D9F-9826-12D6DDDAF6BB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
"{FA88F5AD-B633-4181-B5EB-F13DDA7AAE8D}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\patcher.exe |
"{FB741097-F530-4F4C-8C98-A1C566DF494E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FE4F050B-2762-486A-9F73-7F9369F6B46C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{012E340D-D271-40AD-B4C4-78902A2346BE}C:\program files (x86)\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2.bin |
"TCP Query User{0F3D28FA-76DA-48B4-B6AD-75052532B24F}C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"TCP Query User{17762F96-17CD-45D8-990A-153B298EEE1E}C:\program files (x86)\mijagi-mt2\mijagi-mt2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mijagi-mt2\mijagi-mt2.exe |
"TCP Query User{277ADAAD-1208-49E6-B009-4C1B77C18EC6}C:\program files (x86)\mijagi-mt2\mijagi-mt2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mijagi-mt2\mijagi-mt2.exe |
"TCP Query User{31B3BAED-C195-414F-A823-CD95424A2A61}C:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe" = protocol=6 | dir=in | app=c:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe |
"TCP Query User{3CD1EA82-809E-4D8D-B8DF-AB6883D181EB}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=6 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin |
"TCP Query User{3F5909A6-8D44-40CB-A7E1-7DE3F36139F5}C:\program files (x86)\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"TCP Query User{40D1789D-E91A-4C0A-B9B2-6EFBD58B4F35}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{438152DE-175D-4A8F-9156-A747C4718D0B}C:\program files (x86)\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2.bin |
"TCP Query User{64DEC689-83CA-400C-AF71-38AB43A5F2A5}C:\users\dragotheowner\desktop\alle ordner und spiele\legendmt2\xmetin2.exe" = protocol=6 | dir=in | app=c:\users\dragotheowner\desktop\alle ordner und spiele\legendmt2\xmetin2.exe |
"TCP Query User{67FCF5FB-38C1-4200-8E13-D207752F1741}C:\program files (x86)\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"TCP Query User{6ADECFC1-5F57-4F7E-B927-39A9FC6E5289}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |
"TCP Query User{968BD33B-73DC-46CD-B5D2-79E26AD46573}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |
"TCP Query User{B9C6F79D-95A1-433C-92F4-BC4B7DB9C8DD}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{E8296704-B78A-4E2F-8D14-E452E720DE77}C:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe" = protocol=6 | dir=in | app=c:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe |
"UDP Query User{0F40CA87-0B39-4D09-8A96-3ABD4539CDD1}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=17 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin |
"UDP Query User{145D4C43-DE47-4490-A7DE-2DF76C857DC7}C:\program files (x86)\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"UDP Query User{164956AA-3A93-494C-BBF5-0543C9E55BCA}C:\program files (x86)\mijagi-mt2\mijagi-mt2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mijagi-mt2\mijagi-mt2.exe |
"UDP Query User{1F5F4A7D-E9AF-43EA-819A-CCF4FBCA43BA}C:\program files (x86)\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2.bin |
"UDP Query User{27827D02-F1C6-489F-9578-FC9809FC63D8}C:\users\dragotheowner\desktop\alle ordner und spiele\legendmt2\xmetin2.exe" = protocol=17 | dir=in | app=c:\users\dragotheowner\desktop\alle ordner und spiele\legendmt2\xmetin2.exe |
"UDP Query User{36D2424D-7F63-40F2-921C-F87FEEBBEFBC}C:\program files (x86)\mijagi-mt2\mijagi-mt2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mijagi-mt2\mijagi-mt2.exe |
"UDP Query User{5703781B-A11C-47CB-B518-A07AEB80574B}C:\program files (x86)\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2.bin |
"UDP Query User{786D6472-C291-476F-A64C-791F9FA7F44C}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |
"UDP Query User{98F20467-8879-4784-A6B2-2DCA527AAF49}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"UDP Query User{A6BD85F2-400A-4957-9773-6F5D47A32783}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |
"UDP Query User{BA607340-4325-459D-AECC-FF5863909A27}C:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe" = protocol=17 | dir=in | app=c:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe |
"UDP Query User{BE285D4B-CB2E-4CAD-A559-7B864AB28C58}C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"UDP Query User{C9816D7F-031C-44EF-A22B-E503BFDA70E5}C:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe" = protocol=17 | dir=in | app=c:\users\dragotheowner\desktop\nerdmt2_full\nerdmt2.exe |
"UDP Query User{D96632EE-D07F-4BB2-99A8-215C69EC05D0}C:\program files (x86)\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{053B3DA8-91B5-4682-A130-715412A1A253}" = Paint.NET v3.5.4
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{4BA33BE3-20CF-4972-BD67-B44CEFA52DCB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.17.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8B10C8E-46F0-4C9A-A688-78B8A2F720BD}" = Windows Live Family Safety
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D01E478E-05BE-46BC-AF96-DD40EABA1F6A}" = System Requirements Lab CYRI (64-bit)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"EPSON SX130 Series" = EPSON SX130 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Drivers" = NVIDIA Drivers
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform
"{10D9B15C-0F89-41EF-838C-B97802AB54E9}" = Lagsters
"{10EAC7D9-7ED4-425E-8054-643452147D13}" = MyScript Notes Basic Edition
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2FAFE37E-D796-47B8-BA8F-D09819B12DF6}" = Windows Live Essentials
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3513E6E0-A5B5-4ED9-A28A-D9D962DBABB4}" = Scramby
"{44E89CCA-BB20-4EA6-80EB-4126E886F83D}" = Windows Live Mail
"{46BE6D86-7BEF-4DAB-B3E6-7B932D3872F3}_is1" = Dragonica Version TEST
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE
"{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions
"{511A5609-446A-11D5-9FA6-0060087051D5}" = T-DSL Treiber
"{556F2137-B772-43BB-9A45-E0275234DD16}" = Free Notes & Office Ink
"{5672382F-8A9B-4890-B79A-414997360F2D}" = IObit Toolbar v6.3
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{618F39BD-9720-47CF-A89C-108AB41B1493}" = Windows Live UX Platform Language Pack
"{62813F65-4D78-43AF-A53C-DFAFA122E065}" = Windows Live Messenger
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7F682A00-6497-4551-A2A6-063AE667D1CF}" = Movie Maker
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84BEAA30-1AF1-450B-9DD7-AD38B84004BA}" = Windows Live Messenger
"{884DF67C-F47D-4B09-B474-C3B7D51CA52A}" = Windows Live Family Safety
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}" = Epson Event Manager
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2
"{A5D8B1C2-4B2E-42F1-ADB4-D0308A4F5C6F}" = Windows Live Writer
"{A929A7EA-4DFB-48F9-AAF6-C880DF64FB73}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B19E03EA-067C-412F-A81E-271720E601AB}" = Fotogalerie
"{B240DC53-E923-48ED-AA5D-5830D2773A97}" = S4 League_EU
"{B27FA0A3-D80F-41A9-8BAD-C5F2D859AB22}" = Photo Common
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B89EE842-D398-4EAC-A3DF-47280B285DD9}" = Windows Live Mail
"{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D07643A3-CE41-4286-8C78-EB9C83E76DDB}" = PunkBuster für Battlefield Vietnam
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D555C389-F793-443A-B012-A3D70590CF3D}" = Windows Live Writer Resources
"{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0DA672E-15DB-4413-BE2D-887DD1513607}" = Windows Live Writer
"{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}" = Belkin 54Mbps Wireless Network Adapter
"{FECB76C1-1C1D-4A84-8D47-5754C74B5A5E}" = Junk Mail filter update
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Akamai" = Akamai NetSession Interface Service
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX-Setup
"EPSON Scanner" = EPSON Scan
"EPSON SX130 Series Useg" = Benutzerhandbuch EPSON SX130 Series
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Download Manager_is1" = Free Download Manager 3.0
"Free Studio_is1" = Free Studio version 5.7.4.918
"Free YouTube Download_is1" = Free YouTube Download 2.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Game Booster_is1" = Game Booster 3
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OnlineControl_is1" = OnlineControl 1.2
"SpeedFan" = SpeedFan (remove only)
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 1250" = Killing Floor
"Steam App 200710" = Torchlight II
"Steam App 240" = Counter-Strike: Source
"Steam App 41500" = Torchlight
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 550" = Left 4 Dead 2
"Steam App 570" = Dota 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Uninstall_is1" = Uninstall 1.0.0.1
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"SkyDriveSetup.exe" = Microsoft SkyDrive
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 28.07.2011 23:17:44 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.07.2011 06:53:33 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.07.2011 08:49:20 | Computer Name = xAnTiViiRuSx | Source = BugSplat | ID = 1
Description =
 
Error - 29.07.2011 20:51:59 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.07.2011 21:36:10 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.07.2011 21:36:10 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.07.2011 21:38:10 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 30.07.2011 10:11:38 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 30.07.2011 19:00:00 | Computer Name = xAnTiViiRuSx | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 31.07.2011 06:10:29 | Computer Name = xAnTiViiRuSx | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
[ Media Center Events ]
Error - 10.11.2010 12:38:40 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0
Description = 17:38:38 - Fehler beim Herstellen der Internetverbindung.  17:38:38
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 10.11.2010 13:39:08 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0
Description = 18:39:08 - Fehler beim Herstellen der Internetverbindung.  18:39:08
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 10.11.2010 13:39:38 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0
Description = 18:39:37 - Fehler beim Herstellen der Internetverbindung.  18:39:37
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 10.11.2010 14:40:08 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0
Description = 19:40:08 - Fehler beim Herstellen der Internetverbindung.  19:40:08
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 10.11.2010 14:40:38 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0
Description = 19:40:37 - Fehler beim Herstellen der Internetverbindung.  19:40:37
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 12.11.2010 04:38:55 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0
Description = 09:38:54 - Fehler beim Herstellen der Internetverbindung.  09:38:55
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 12.11.2010 04:39:28 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0
Description = 09:39:24 - Fehler beim Herstellen der Internetverbindung.  09:39:24
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 19.11.2010 14:18:02 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0
Description = 19:18:01 - Fehler beim Herstellen der Internetverbindung.  19:18:02
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 19.11.2010 14:18:36 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0
Description = 19:18:31 - Fehler beim Herstellen der Internetverbindung.  19:18:31
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 19.11.2010 15:19:04 | Computer Name = xAnTiViiRuSx | Source = MCUpdate | ID = 0
Description = 20:19:04 - Fehler beim Herstellen der Internetverbindung.  20:19:04
-    Serververbindung konnte nicht hergestellt werden.. 
 
[ System Events ]
Error - 13.10.2012 11:46:07 | Computer Name = Noel | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Update-Service-Installer-Service" wurde mit folgendem
Fehler beendet:  %%2
 
Error - 13.10.2012 11:46:13 | Computer Name = Noel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde:  %%-2140993535
 
Error - 13.10.2012 11:46:14 | Computer Name = Noel | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SBSD Security Center Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%2
 
Error - 13.10.2012 11:46:31 | Computer Name = Noel | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:  %%2
 
Error - 13.10.2012 11:46:34 | Computer Name = Noel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1058
 
Error - 13.10.2012 11:46:34 | Computer Name = Noel | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:  %%2
 
Error - 13.10.2012 11:49:24 | Computer Name = Noel | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 13.10.2012 11:49:24 | Computer Name = Noel | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 13.10.2012 12:14:21 | Computer Name = Noel | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
 
Error - 13.10.2012 12:14:24 | Computer Name = Noel | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
 
 
< End of report >

cosinus 14.10.2012 19:24
Nein :)
Das ist ein neues OTL-Log aber nicht das Fixlog ;)

Valentice94 14.10.2012 21:08
Ich finde das Log nicht mehr x.x Wie kann man das wieder finden? :o :s

cosinus 14.10.2012 22:07
Schau bitte in C:\_OTL nach

Valentice94 14.10.2012 23:07
Okay das ist es bestimmt auch nicht oder?

Teil 1 :

Code:
Error: Unable to interpret <OTL logfile created on: 13.10.2012 18:12:32 - Run 1> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\MaxMustermann\Desktop> in the current context!
Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <3,75 Gb Total Physical Memory | 2,63 Gb Available Physical Memory | 70,14% Memory free> in the current context!
Error: Unable to interpret <7,50 Gb Paging File | 6,14 Gb Available in Paging File | 81,89% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 465,66 Gb Total Space | 317,86 Gb Free Space | 68,26% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Unable to calculate disk information.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: MaxMustermann | User Name: MaxMustermann | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans> in the current context!
Error: Unable to interpret <Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - [2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MaxMustermann\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe> in the current context!
Error: Unable to interpret <PRC - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe> in the current context!
Error: Unable to interpret <PRC - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe> in the current context!
Error: Unable to interpret <PRC - [2012.07.18 18:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe> in the current context!
Error: Unable to interpret <PRC - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe> in the current context!
Error: Unable to interpret <PRC - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe> in the current context!
Error: Unable to interpret <PRC - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe> in the current context!
Error: Unable to interpret <PRC - [2005.07.22 09:22:22 | 000,126,976 | ---- | M] (T-Com Bereich Endgeräte) -- C:\Program Files (x86)\OnlineControl\ocontrol.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV:64bit: - [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Update-Service-Installer-Service)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Dnscache)> in the current context!
Error: Unable to interpret <SRV - [2012.10.09 03:51:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)> in the current context!
Error: Unable to interpret <SRV - [2012.10.05 01:28:45 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)> in the current context!
Error: Unable to interpret <SRV - [2012.08.30 21:36:30 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)> in the current context!
Error: Unable to interpret <SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)> in the current context!
Error: Unable to interpret <SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)> in the current context!
Error: Unable to interpret <SRV - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)> in the current context!
Error: Unable to interpret <SRV - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)> in the current context!
Error: Unable to interpret <SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)> in the current context!
Error: Unable to interpret <SRV - [2012.07.14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)> in the current context!
Error: Unable to interpret <SRV - [2012.06.29 05:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)> in the current context!
Error: Unable to interpret <SRV - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)> in the current context!
Error: Unable to interpret <SRV - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)> in the current context!
Error: Unable to interpret <SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)> in the current context!
Error: Unable to interpret <SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)> in the current context!
Error: Unable to interpret <SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)> in the current context!
Error: Unable to interpret <SRV - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)> in the current context!
Error: Unable to interpret <SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)> in the current context!
Error: Unable to interpret <SRV - [2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)> in the current context!
Error: Unable to interpret <SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)> in the current context!
Error: Unable to interpret <SRV - [2009.11.12 19:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)> in the current context!
Error: Unable to interpret <SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)> in the current context!
Error: Unable to interpret <SRV - [2008.02.15 13:08:56 | 000,675,840 | ---- | M] (RapidSolution Software AG) [Disabled | Stopped] -- C:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe -- (ScrambyServer)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012.07.28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012.07.18 18:04:42 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012.07.18 18:04:42 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012.07.18 18:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012.05.21 15:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010.11.20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010.09.26 20:32:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010.08.12 13:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010.07.01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010.02.14 17:06:19 | 000,575,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2008.11.11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2008.11.11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2008.11.11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2007.08.08 08:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scramby_out.sys -- (scramby_out)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2006.12.05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)> in the current context!
Error: Unable to interpret <DRV - [2011.12.12 19:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)> in the current context!
Error: Unable to interpret <DRV - [2010.11.01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)> in the current context!
Error: Unable to interpret <DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)> in the current context!
Error: Unable to interpret <DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Internet Explorer ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes,DefaultScope = > in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank> in the current context!
Error: Unable to interpret <IE - HKLM\..\URLSearchHook:  - No CLSID value found> in the current context!
Error: Unable to interpret <IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = > in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp> in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE> in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01  [binary data]> in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found> in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found> in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = > in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01  [binary data]> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes,DefaultScope = > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{5E4D3DCE-F4DD-433C-A690-3EF511A532F2}: "URL" = hxxp://www.google.de/search?q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{9ECAE799-1810-47F9-AA0D-74B6C39860CF}: "URL" = hxxp://www.ricardo.ch/search/search.asp?txtSearch={searchTerms}&Catg=1&InTitleAndDesc=1> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{EE232B47-5DB3-4AA9-87BD-51DD6FA63286}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== FireFox ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "Yahoo"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.selectedEngine: "Yahoo"> in the current context!
Error: Unable to interpret <FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p="> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=685749"> in the current context!
Error: Unable to interpret <FF - user.js - File not found> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DragoTheOwner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DragoTheOwner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 04:57:40 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.01 12:37:43 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\DragoTheOwner\AppData\Roaming\IDM\idmmzcc3> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.07.22 04:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Extensions> in the current context!
Error: Unable to interpret <[2012.10.12 18:11:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions> in the current context!
Error: Unable to interpret <[2012.09.17 19:22:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}> in the current context!
Error: Unable to interpret <[2012.09.18 17:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions> in the current context!
Error: Unable to interpret <[2011.07.17 20:51:18 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}> in the current context!
Error: Unable to interpret <[2011.05.09 17:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\ffxtlbr@babylon.com> in the current context!
Error: Unable to interpret <[2012.08.07 18:04:54 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\MaxMustermann\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi> in the current context!
Error: Unable to interpret <[2012.10.12 18:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions> in the current context!
Error: Unable to interpret <[2012.08.24 22:46:49 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}> in the current context!
Error: Unable to interpret <[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll> in the current context!
Error: Unable to interpret <[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context!
Error: Unable to interpret <[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml> in the current context!
Error: Unable to interpret <[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml> in the current context!
Error: Unable to interpret <[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context!
Error: Unable to interpret <[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context!
Error: Unable to interpret <[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Chrome  ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <CHR - default_search_provider: Conduit (Enabled)> in the current context!
Error: Unable to interpret <CHR - default_search_provider: search_url = hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050> in the current context!
Error: Unable to interpret <CHR - default_search_provider: suggest_url = > in the current context!
Error: Unable to interpret <CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer> in the current context!
Error: Unable to interpret <CHR - plugin: Native Client (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Free Studio (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/ConduitChromeApiPlugin.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/np-cwmp.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll> in the current context!
Error: Unable to interpret <CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll> in the current context!
Error: Unable to interpret <CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll> in the current context!
Error: Unable to interpret <CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll> in the current context!
Error: Unable to interpret <CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll> in the current context!
Error: Unable to interpret <CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2012.08.07 19:07:25 | 000,444,231 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O1 - Hosts: hxxp://legendmt2.eu/ l2testauthd.lineage2.com> in the current context!
Error: Unable to interpret <O1 - Hosts: hxxp://legendmt2.eu/ l2authd.lineage2.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        www.007guard.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        007guard.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        008i.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        www.008k.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        008k.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        www.00hq.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        00hq.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        010402.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        www.032439.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        032439.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        www.0scan.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        0scan.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        www.1000gratisproben.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        1000gratisproben.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        1001namen.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        www.1001namen.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        100888290cs.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        www.100888290cs.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        www.100sexlinks.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        100sexlinks.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        www.10sek.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        10sek.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1        www.1-2005-search.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 15246 more lines...> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)> in the current context!
Error: Unable to interpret <O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found.> in the current context!
Error: Unable to interpret <O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)> in the current context!
Error: Unable to interpret <O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.> in the current context!
Error: Unable to interpret <O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)> in the current context!
Error: Unable to interpret <O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: []  File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0> in the current context!
Error: Unable to interpret <O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145> in the current context!
Error: Unable to interpret <O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145> in the current context!
Error: Unable to interpret <O7 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)> in the current context!
Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\system32\d3dywzbtg.dll File not found> in the current context!
Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context!
Error: Unable to interpret <O1364bit: - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri64_4.4.26.0.cab (SysInfo Class)> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.7.2)> in the current context!
Error: Unable to interpret <O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47dda526-fe72-4f24-ae70-b0681e2df27d}: DhcpNameServer = 192.168.2.1> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\livecall - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\msnim - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\skype4com - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\wlpg - No CLSID value found> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O27:64bit: - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)> in the current context!
Error: Unable to interpret <O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software)> in the current context!
Error: Unable to interpret <O27:64bit: - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)> in the current context!
Error: Unable to interpret <O27 - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)> in the current context!
Error: Unable to interpret <O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software)> in the current context!
Error: Unable to interpret <O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Seite1.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\E\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Startme.exe> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk -  - File not found> in the current context!
Error: Unable to interpret <MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk -  - File not found> in the current context!
Error: Unable to interpret <MsConfig:64bit - StartUpReg: BabylonToolbar - hkey= - key= -  File not found> in the current context!
Error: Unable to interpret <MsConfig:64bit - StartUpReg: Free Download Manager - hkey= - key= - C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)> in the current context!
Error: Unable to interpret <MsConfig:64bit - StartUpReg: HBLiteSA - hkey= - key= -  File not found> in the current context!
Error: Unable to interpret <MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= -  File not found> in the current context!
Error: Unable to interpret <MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)> in the current context!
Error: Unable to interpret <MsConfig:64bit - StartUpReg: Windows Game Service - hkey= - key= -  File not found> in the current context!
Error: Unable to interpret <MsConfig:64bit - State: "bootini" - Reg Error: Key error.> in the current context!
Error: Unable to interpret <MsConfig:64bit - State: "startup" - Reg Error: Key error.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SafeBootMin:64bit: AppMgmt - Service> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: Base - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: Boot Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: Boot file system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: File system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: HelpSvc - Service> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: PCI Configuration - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: PNP Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: Primary disk - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: sacsvr - Service> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: SCSI Class - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: System Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: vmms - Service> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices> in the current context!
Error: Unable to interpret <SafeBootMin: AppMgmt - Service> in the current context!
Error: Unable to interpret <SafeBootMin: Base - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: Boot Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: Boot file system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: File system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: HelpSvc - Service> in the current context!
Error: Unable to interpret <SafeBootMin: PCI Configuration - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: PNP Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: Primary disk - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: sacsvr - Service> in the current context!
Error: Unable to interpret <SafeBootMin: SCSI Class - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: System Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: vmms - Service> in the current context!
Error: Unable to interpret <SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive> in the current context!
Error: Unable to interpret <SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy> in the current context!
Error: Unable to interpret <SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers> in the current context!
Error: Unable to interpret <SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume> in the current context!
Error: Unable to interpret <SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices> in the current context!
Error: Unable to interpret <SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices> in the current context!
Error: Unable to interpret <SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SafeBootNet:64bit: AppMgmt - Service> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Base - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Boot Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Boot file system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: DnsCache - C:\Windows\SysNative\svchost.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: File system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: HelpSvc - Service> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Messenger - Service> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: NDIS Wrapper - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: NetBIOSGroup - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: NetDDEGroup - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Network - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: NetworkProvider - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: PCI Configuration - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: PNP Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: PNP_TDI - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Primary disk - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: rdsessmgr - Service> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: sacsvr - Service> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: SCSI Class - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Streams Drivers - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: System Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: TDI - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: vmms - Service> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: WudfUsbccidDriver - Driver> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices> in the current context!
Error: Unable to interpret <SafeBootNet: AppMgmt - Service> in the current context!
Error: Unable to interpret <SafeBootNet: Base - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: Boot Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: Boot file system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: File system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: HelpSvc - Service> in the current context!
Error: Unable to interpret <SafeBootNet: Messenger - Service> in the current context!
Error: Unable to interpret <SafeBootNet: NDIS Wrapper - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: NetBIOSGroup - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: NetDDEGroup - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: Network - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: NetworkProvider - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: PCI Configuration - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: PNP Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: PNP_TDI - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: Primary disk - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: rdsessmgr - Service> in the current context!
Error: Unable to interpret <SafeBootNet: sacsvr - Service> in the current context!
Error: Unable to interpret <SafeBootNet: SCSI Class - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: Streams Drivers - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: System Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: TDI - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: vmms - Service> in the current context!
Error: Unable to interpret <SafeBootNet: WudfUsbccidDriver - Driver> in the current context!
Error: Unable to interpret <SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive> in the current context!
Error: Unable to interpret <SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers> in the current context!
Error: Unable to interpret <SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy> in the current context!
Error: Unable to interpret <SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers> in the current context!
Error: Unable to interpret <SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume> in the current context!
Error: Unable to interpret <SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices> in the current context!
Error: Unable to interpret <SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices> in the current context!
Error: Unable to interpret <SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices> in the current context!
Error: Unable to interpret < > in the current context!

Valentice94 14.10.2012 23:08
Teil 2 :

Code:
Error: Unable to interpret <ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0> in the current context!
Error: Unable to interpret <ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> in the current context!
Error: Unable to interpret <ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack> in the current context!
Error: Unable to interpret <ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> in the current context!
Error: Unable to interpret <ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx> in the current context!
Error: Unable to interpret <ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help> in the current context!
Error: Unable to interpret <ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6> in the current context!
Error: Unable to interpret <ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools> in the current context!
Error: Unable to interpret <ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements> in the current context!
Error: Unable to interpret <ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player> in the current context!
Error: Unable to interpret <ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access> in the current context!
Error: Unable to interpret <ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7> in the current context!
Error: Unable to interpret <ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll> in the current context!
Error: Unable to interpret <ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings> in the current context!
Error: Unable to interpret <ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install> in the current context!
Error: Unable to interpret <ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding> in the current context!
Error: Unable to interpret <ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts> in the current context!
Error: Unable to interpret <ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help> in the current context!
Error: Unable to interpret <ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface> in the current context!
Error: Unable to interpret <ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework> in the current context!
Error: Unable to interpret <ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework> in the current context!
Error: Unable to interpret <ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP> in the current context!
Error: Unable to interpret <ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig> in the current context!
Error: Unable to interpret <ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> in the current context!
Error: Unable to interpret <ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)> in the current context!
Error: Unable to interpret <ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0> in the current context!
Error: Unable to interpret <ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework> in the current context!
Error: Unable to interpret <ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> in the current context!
Error: Unable to interpret <ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack> in the current context!
Error: Unable to interpret <ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> in the current context!
Error: Unable to interpret <ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx> in the current context!
Error: Unable to interpret <ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help> in the current context!
Error: Unable to interpret <ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6> in the current context!
Error: Unable to interpret <ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools> in the current context!
Error: Unable to interpret <ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements> in the current context!
Error: Unable to interpret <ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player> in the current context!
Error: Unable to interpret <ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access> in the current context!
Error: Unable to interpret <ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7> in the current context!
Error: Unable to interpret <ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework> in the current context!
Error: Unable to interpret <ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll> in the current context!
Error: Unable to interpret <ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings> in the current context!
Error: Unable to interpret <ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install> in the current context!
Error: Unable to interpret <ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding> in the current context!
Error: Unable to interpret <ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts> in the current context!
Error: Unable to interpret <ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player> in the current context!
Error: Unable to interpret <ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help> in the current context!
Error: Unable to interpret <ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface> in the current context!
Error: Unable to interpret <ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework> in the current context!
Error: Unable to interpret <ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP> in the current context!
Error: Unable to interpret <ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig> in the current context!
Error: Unable to interpret <ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)> in the current context!
Error: Unable to interpret <Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)> in the current context!
Error: Unable to interpret <Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()> in the current context!
Error: Unable to interpret <Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)> in the current context!
Error: Unable to interpret <Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)> in the current context!
Error: Unable to interpret <Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <CREATERESTOREPOINT> in the current context!
Error: Unable to interpret <Restore point Set: OTL Restore Point> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.10.13 18:03:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <[2012.10.12 22:59:07 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Shizuka3-Client-2012-v3> in the current context!
Error: Unable to interpret <[2012.10.10 18:29:00 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\CRE> in the current context!
Error: Unable to interpret <[2012.10.09 15:21:06 | 000,024,960 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe> in the current context!
Error: Unable to interpret <[2012.10.09 15:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Toolbar> in the current context!
Error: Unable to interpret <[2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit> in the current context!
Error: Unable to interpret <[2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5> in the current context!
Error: Unable to interpret <[2012.09.23 21:16:38 | 000,000,000 | ---D | C] -- C:\Windows\de> in the current context!
Error: Unable to interpret <[2012.09.23 21:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive> in the current context!
Error: Unable to interpret <[2012.09.23 21:07:37 | 000,000,000 | R--D | C] -- C:\Users\DragoTheOwner\SkyDrive> in the current context!
Error: Unable to interpret <[2012.09.23 21:07:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive> in the current context!
Error: Unable to interpret <[2012.09.23 17:44:28 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple Computer> in the current context!
Error: Unable to interpret <[2012.09.23 17:44:27 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer> in the current context!
Error: Unable to interpret <[2012.09.23 17:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes> in the current context!
Error: Unable to interpret <[2012.09.23 17:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod> in the current context!
Error: Unable to interpret <[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes> in the current context!
Error: Unable to interpret <[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes> in the current context!
Error: Unable to interpret <[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer> in the current context!
Error: Unable to interpret <[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69> in the current context!
Error: Unable to interpret <[2012.09.23 17:41:50 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple> in the current context!
Error: Unable to interpret <[2012.09.23 17:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update> in the current context!
Error: Unable to interpret <[2012.09.23 17:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple> in the current context!
Error: Unable to interpret <[2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour> in the current context!
Error: Unable to interpret <[2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour> in the current context!
Error: Unable to interpret <[2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple> in the current context!
Error: Unable to interpret <[2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple> in the current context!
Error: Unable to interpret <[2012.09.18 17:54:25 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes> in the current context!
Error: Unable to interpret <[2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context!
Error: Unable to interpret <[2012.09.18 17:54:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys> in the current context!
Error: Unable to interpret <[2012.09.18 17:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2012.09.18 17:31:19 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Drum & Bass und DubStep> in the current context!
Error: Unable to interpret <[2012.09.15 22:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3> in the current context!
Error: Unable to interpret <[2012.09.15 22:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit> in the current context!
Error: Unable to interpret <[2012.09.15 22:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit> in the current context!
Error: Unable to interpret <[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context!
Error: Unable to interpret <[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.10.13 18:13:01 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job> in the current context!
Error: Unable to interpret <[2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <[2012.10.13 17:54:27 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2012.10.13 17:54:27 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2012.10.13 17:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job> in the current context!
Error: Unable to interpret <[2012.10.13 17:46:05 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl> in the current context!
Error: Unable to interpret <[2012.10.13 17:46:03 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job> in the current context!
Error: Unable to interpret <[2012.10.13 17:45:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2012.10.13 15:13:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job> in the current context!
Error: Unable to interpret <[2012.10.12 23:34:29 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2012.10.12 23:34:29 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat> in the current context!
Error: Unable to interpret <[2012.10.12 23:34:29 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat> in the current context!
Error: Unable to interpret <[2012.10.12 23:34:29 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat> in the current context!
Error: Unable to interpret <[2012.10.12 23:34:29 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat> in the current context!
Error: Unable to interpret <[2012.10.12 23:00:14 | 000,000,707 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk> in the current context!
Error: Unable to interpret <[2012.10.12 16:05:43 | 000,284,749 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg> in the current context!
Error: Unable to interpret <[2012.10.12 15:52:22 | 000,538,327 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe> in the current context!
Error: Unable to interpret <[2012.10.11 20:38:17 | 000,577,076 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5466_kimmundo_leblanc_league_of_legends.png> in the current context!
Error: Unable to interpret <[2012.10.11 18:07:17 | 000,263,365 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\615911_538994196117062_708083328_o.jpg> in the current context!
Error: Unable to interpret <[2012.10.11 01:18:36 | 000,002,523 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Google Chrome.lnk> in the current context!
Error: Unable to interpret <[2012.10.10 18:46:08 | 046,796,570 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Entdecke die Schönen Seiten im Leben.mp4> in the current context!
Error: Unable to interpret <[2012.10.10 18:29:09 | 000,000,009 | ---- | M] () -- C:\END> in the current context!
Error: Unable to interpret <[2012.10.10 15:34:18 | 000,212,245 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg> in the current context!
Error: Unable to interpret <[2012.10.09 15:10:14 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk> in the current context!
Error: Unable to interpret <[2012.10.08 18:36:38 | 003,256,058 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a> in the current context!
Error: Unable to interpret <[2012.10.08 11:35:33 | 000,009,216 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context!
Error: Unable to interpret <[2012.10.07 18:43:08 | 000,000,220 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url> in the current context!
Error: Unable to interpret <[2012.09.29 23:42:11 | 000,000,219 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url> in the current context!
Error: Unable to interpret <[2012.09.29 22:59:13 | 000,001,243 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk> in the current context!
Error: Unable to interpret <[2012.09.26 04:32:38 | 000,029,114 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\Folder.jpg> in the current context!
Error: Unable to interpret <[2012.09.26 04:32:38 | 000,006,205 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\AlbumArtSmall.jpg> in the current context!
Error: Unable to interpret <[2012.09.26 04:25:54 | 000,433,908 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg> in the current context!
Error: Unable to interpret <[2012.09.26 03:20:32 | 057,228,076 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Ich kann nicht ohne dich...mp4> in the current context!
Error: Unable to interpret <[2012.09.23 21:23:02 | 000,349,777 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg> in the current context!
Error: Unable to interpret <[2012.09.23 21:15:54 | 000,001,305 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk> in the current context!
Error: Unable to interpret <[2012.09.23 17:44:17 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk> in the current context!
Error: Unable to interpret <[2012.09.20 19:36:36 | 000,000,222 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url> in the current context!
Error: Unable to interpret <[2012.09.19 21:25:16 | 002,311,218 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov> in the current context!
Error: Unable to interpret <[2012.09.18 17:54:10 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk> in the current context!
Error: Unable to interpret <[2012.09.18 17:37:47 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img> in the current context!
Error: Unable to interpret <[2012.09.18 05:57:42 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img.bak> in the current context!
Error: Unable to interpret <[2012.09.17 09:41:33 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context!
Error: Unable to interpret <[2012.09.15 22:25:16 | 000,001,186 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk> in the current context!
Error: Unable to interpret <[2012.09.15 22:25:16 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk> in the current context!
Error: Unable to interpret <[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context!
Error: Unable to interpret <[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.10.12 23:00:14 | 000,000,707 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk> in the current context!
Error: Unable to interpret <[2012.10.12 16:05:41 | 000,284,749 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg> in the current context!
Error: Unable to interpret <[2012.10.12 15:52:20 | 000,538,327 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe> in the current context!
Error: Unable to interpret <[2012.10.11 20:38:16 | 000,577,076 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5466_kimmundo_leblanc_league_of_legends.png> in the current context!
Error: Unable to interpret <[2012.10.11 18:07:17 | 000,263,365 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\615911_538994196117062_708083328_o.jpg> in the current context!
Error: Unable to interpret <[2012.10.10 18:43:10 | 046,796,570 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Entdecke die Schönen Seiten im Leben.mp4> in the current context!
Error: Unable to interpret <[2012.10.10 18:29:07 | 000,000,009 | ---- | C] () -- C:\END> in the current context!
Error: Unable to interpret <[2012.10.10 15:34:18 | 000,212,245 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg> in the current context!
Error: Unable to interpret <[2012.10.09 15:10:14 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk> in the current context!
Error: Unable to interpret <[2012.10.08 18:36:35 | 003,256,058 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a> in the current context!
Error: Unable to interpret <[2012.10.07 18:43:08 | 000,000,220 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url> in the current context!
Error: Unable to interpret <[2012.09.29 23:42:11 | 000,000,219 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url> in the current context!
Error: Unable to interpret <[2012.09.26 04:26:54 | 000,433,908 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg> in the current context!
Error: Unable to interpret <[2012.09.26 03:13:15 | 057,228,076 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Ich kann nicht ohne dich...mp4> in the current context!
Error: Unable to interpret <[2012.09.24 05:01:33 | 000,000,617 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\League of Legends spielen .lnk> in the current context!
Error: Unable to interpret <[2012.09.23 21:23:08 | 000,349,777 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg> in the current context!
Error: Unable to interpret <[2012.09.23 21:15:54 | 000,001,305 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk> in the current context!
Error: Unable to interpret <[2012.09.23 21:15:42 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk> in the current context!
Error: Unable to interpret <[2012.09.23 21:14:59 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk> in the current context!
Error: Unable to interpret <[2012.09.23 21:07:35 | 000,002,200 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk> in the current context!
Error: Unable to interpret <[2012.09.23 17:44:17 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk> in the current context!
Error: Unable to interpret <[2012.09.23 17:41:47 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk> in the current context!
Error: Unable to interpret <[2012.09.20 19:36:36 | 000,000,222 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url> in the current context!
Error: Unable to interpret <[2012.09.19 21:23:33 | 002,311,218 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov> in the current context!
Error: Unable to interpret <[2012.09.18 17:54:10 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk> in the current context!
Error: Unable to interpret <[2012.09.17 19:22:41 | 000,001,243 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk> in the current context!
Error: Unable to interpret <[2012.09.15 22:25:16 | 000,001,186 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk> in the current context!
Error: Unable to interpret <[2012.09.15 22:25:16 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk> in the current context!
Error: Unable to interpret <[2012.09.07 06:01:03 | 000,008,976 | ---- | C] () -- C:\Users\DragoTheOwner\.recently-used.xbel> in the current context!
Error: Unable to interpret <[2012.07.27 14:11:05 | 000,003,551 | ---- | C] () -- C:\Windows\wininit.ini> in the current context!
Error: Unable to interpret <[2012.07.23 00:33:25 | 000,009,216 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context!
Error: Unable to interpret <[2012.06.28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe> in the current context!
Error: Unable to interpret <[2012.05.01 21:50:14 | 922,460,208 | ---- | C] () -- C:\Users\DragoTheOwner\War_Rock_10182011_G1_Xfire.exe> in the current context!
Error: Unable to interpret <[2012.03.21 18:54:48 | 000,000,000 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\{30DEB4EF-7BA3-4C31-B2F1-2D0414B6C43D}> in the current context!
Error: Unable to interpret <[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat> in the current context!
Error: Unable to interpret <[2011.09.25 01:58:18 | 000,282,472 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe> in the current context!
Error: Unable to interpret <[2011.09.25 01:58:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe> in the current context!
Error: Unable to interpret <[2011.05.24 18:06:10 | 000,150,184 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat> in the current context!
Error: Unable to interpret <[2011.04.18 23:30:47 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2011.03.10 16:58:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat> in the current context!
Error: Unable to interpret <[2010.11.22 12:00:06 | 004,269,056 | ---- | C] () -- C:\Windows\SysWow64\system.dll> in the current context!
Error: Unable to interpret <[2010.11.16 15:33:06 | 000,021,220 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\UserTile.png> in the current context!
Error: Unable to interpret <[2010.03.01 20:09:42 | 000,007,606 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\Resmon.ResmonCfg> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== ZeroAccess Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64> in the current context!
Error: Unable to interpret <"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Apartment> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]> in the current context!
Error: Unable to interpret <"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Apartment> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64> in the current context!
Error: Unable to interpret <"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Free> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]> in the current context!
Error: Unable to interpret <"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Free> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64> in the current context!
Error: Unable to interpret <"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Both> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== LOP Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.09.10 03:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft> in the current context!
Error: Unable to interpret <[2011.12.17 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics> in the current context!
Error: Unable to interpret <[2011.05.22 11:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux> in the current context!
Error: Unable to interpret <[2010.01.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener> in the current context!
Error: Unable to interpret <[2011.02.10 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache> in the current context!
Error: Unable to interpret <[2012.06.15 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations> in the current context!
Error: Unable to interpret <[2012.07.06 17:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB> in the current context!
Error: Unable to interpret <[2012.10.10 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft> in the current context!
Error: Unable to interpret <[2012.09.17 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers> in the current context!
Error: Unable to interpret <[2010.01.27 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner> in the current context!
Error: Unable to interpret <[2012.05.17 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson> in the current context!
Error: Unable to interpret <[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen> in the current context!
Error: Unable to interpret <[2011.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader> in the current context!
Error: Unable to interpret <[2012.10.09 15:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager> in the current context!
Error: Unable to interpret <[2010.06.10 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo> in the current context!
Error: Unable to interpret <[2012.09.07 06:01:03 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0> in the current context!
Error: Unable to interpret <[2011.06.18 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios> in the current context!
Error: Unable to interpret <[2011.11.03 11:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ> in the current context!
Error: Unable to interpret <[2011.01.15 00:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM> in the current context!
Error: Unable to interpret <[2012.10.09 15:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit> in the current context!
Error: Unable to interpret <[2010.07.15 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics> in the current context!
Error: Unable to interpret <[2010.08.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient> in the current context!
Error: Unable to interpret <[2012.05.24 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2> in the current context!
Error: Unable to interpret <[2010.10.11 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX> in the current context!
Error: Unable to interpret <[2011.10.30 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut> in the current context!
Error: Unable to interpret <[2011.04.03 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World> in the current context!
Error: Unable to interpret <[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF> in the current context!
Error: Unable to interpret <[2011.07.10 21:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++> in the current context!
Error: Unable to interpret <[2012.06.15 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org> in the current context!
Error: Unable to interpret <[2010.06.27 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape> in the current context!
Error: Unable to interpret <[2012.07.03 20:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games> in the current context!
Error: Unable to interpret <[2011.10.08 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee> in the current context!
Error: Unable to interpret <[2011.05.14 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot> in the current context!
Error: Unable to interpret <[2012.07.20 02:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater> in the current context!
Error: Unable to interpret <[2012.06.28 20:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync> in the current context!
Error: Unable to interpret <[2010.12.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat> in the current context!
Error: Unable to interpret <[2012.08.07 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer> in the current context!
Error: Unable to interpret <[2011.05.10 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds> in the current context!
Error: Unable to interpret <[2012.09.17 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client> in the current context!
Error: Unable to interpret <[2012.04.20 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software> in the current context!
Error: Unable to interpret <[2012.09.18 17:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue> in the current context!
Error: Unable to interpret <[2011.10.15 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Purity Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Custom Scans ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %ALLUSERSPROFILE%\Application Data\*. >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %ALLUSERSPROFILE%\Application Data\*.exe /s >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %APPDATA%\*. >> in the current context!
Error: Unable to interpret <[2012.09.10 03:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft> in the current context!
Error: Unable to interpret <[2012.06.15 10:44:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Adobe> in the current context!
Error: Unable to interpret <[2012.09.23 17:45:20 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer> in the current context!
Error: Unable to interpret <[2010.10.08 21:44:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ArcSoft> in the current context!
Error: Unable to interpret <[2011.12.17 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics> in the current context!
Error: Unable to interpret <[2011.05.22 11:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux> in the current context!
Error: Unable to interpret <[2012.07.27 15:44:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Avira> in the current context!
Error: Unable to interpret <[2011.01.08 00:17:15 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\AVS4YOU> in the current context!
Error: Unable to interpret <[2010.01.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener> in the current context!
Error: Unable to interpret <[2011.01.08 17:15:16 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DivX> in the current context!
Error: Unable to interpret <[2011.02.10 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache> in the current context!
Error: Unable to interpret <[2012.06.15 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations> in the current context!
Error: Unable to interpret <[2012.07.06 17:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB> in the current context!
Error: Unable to interpret <[2012.10.10 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft> in the current context!
Error: Unable to interpret <[2012.09.17 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers> in the current context!
Error: Unable to interpret <[2010.01.27 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner> in the current context!
Error: Unable to interpret <[2012.05.17 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson> in the current context!
Error: Unable to interpret <[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen> in the current context!
Error: Unable to interpret <[2011.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader> in the current context!
Error: Unable to interpret <[2012.10.09 15:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager> in the current context!
Error: Unable to interpret <[2010.06.10 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo> in the current context!
Error: Unable to interpret <[2012.09.07 06:01:03 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0> in the current context!
Error: Unable to interpret <[2010.09.18 16:21:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hamachi> in the current context!
Error: Unable to interpret <[2011.06.18 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios> in the current context!
Error: Unable to interpret <[2011.11.03 11:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ> in the current context!
Error: Unable to interpret <[2010.01.27 16:55:55 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Identities> in the current context!
Error: Unable to interpret <[2011.01.15 00:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM> in the current context!
Error: Unable to interpret <[2010.02.14 17:06:21 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\InstallShield> in the current context!
Error: Unable to interpret <[2012.10.09 15:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit> in the current context!
Error: Unable to interpret <[2010.07.15 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics> in the current context!
Error: Unable to interpret <[2010.08.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient> in the current context!
Error: Unable to interpret <[2012.05.24 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2> in the current context!
Error: Unable to interpret <[2010.01.27 20:28:38 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia> in the current context!
Error: Unable to interpret <[2010.10.11 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX> in the current context!
Error: Unable to interpret <[2012.09.18 17:54:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes> in the current context!
Error: Unable to interpret <[2009.07.14 20:18:18 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Media Center Programs> in the current context!
Error: Unable to interpret <[2012.09.30 01:10:48 | 000,000,000 | --SD | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft> in the current context!
Error: Unable to interpret <[2012.07.22 04:58:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Mozilla> in the current context!
Error: Unable to interpret <[2011.10.30 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut> in the current context!
Error: Unable to interpret <[2011.04.03 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World> in the current context!
Error: Unable to interpret <[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF> in the current context!
Error: Unable to interpret <[2011.07.10 21:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++> in the current context!
Error: Unable to interpret <[2012.04.22 15:31:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\NVIDIA> in the current context!
Error: Unable to interpret <[2012.06.15 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org> in the current context!
Error: Unable to interpret <[2010.06.27 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape> in the current context!
Error: Unable to interpret <[2012.07.03 20:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games> in the current context!
Error: Unable to interpret <[2011.10.08 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee> in the current context!
Error: Unable to interpret <[2011.05.14 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot> in the current context!
Error: Unable to interpret <[2012.07.20 02:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater> in the current context!
Error: Unable to interpret <[2012.06.28 20:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync> in the current context!
Error: Unable to interpret <[2012.10.13 18:12:37 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Skype> in the current context!
Error: Unable to interpret <[2011.07.24 00:03:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\skypePM> in the current context!
Error: Unable to interpret <[2010.12.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat> in the current context!
Error: Unable to interpret <[2010.08.10 13:36:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\teamspeak2> in the current context!
Error: Unable to interpret <[2012.08.07 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer> in the current context!
Error: Unable to interpret <[2011.05.10 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds> in the current context!
Error: Unable to interpret <[2012.09.17 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client> in the current context!
Error: Unable to interpret <[2012.04.20 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software> in the current context!
Error: Unable to interpret <[2012.09.18 17:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue> in the current context!
Error: Unable to interpret <[2011.10.15 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer> in the current context!
Error: Unable to interpret <[2010.01.27 17:09:32 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\WinRAR> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %APPDATA%\*.exe /s >> in the current context!
Error: Unable to interpret <[2011.01.29 17:45:25 | 079,043,646 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe7> in the current context!
Error: Unable to interpret <[2011.01.29 17:45:25 | 087,148,709 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe5> in the current context!
Error: Unable to interpret <[2011.01.29 17:45:25 | 074,667,317 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe6> in the current context!
Error: Unable to interpret <[2011.01.29 17:45:25 | 079,551,845 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe4> in the current context!
Error: Unable to interpret <[2011.01.29 17:45:25 | 068,507,997 | ---- | M] (Igor Pavlov) -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe> in the current context!
Error: Unable to interpret <[2011.01.29 17:45:25 | 064,054,648 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe1> in the current context!
Error: Unable to interpret <[2011.01.29 17:45:25 | 075,811,492 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe2> in the current context!
Error: Unable to interpret <[2011.01.29 17:45:25 | 074,545,348 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe3> in the current context!
Error: Unable to interpret <[2010.11.27 04:01:28 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe> in the current context!
Error: Unable to interpret <[2012.04.12 13:33:48 | 008,738,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe> in the current context!
Error: Unable to interpret <[2011.01.16 16:07:29 | 000,348,160 | ---- | M] (Octoshape ApS) -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %SYSTEMDRIVE%\*.exe >> in the current context!
Error: Unable to interpret <[2008.04.11 08:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: AGP440.SYS  >> in the current context!
Error: Unable to interpret <[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys> in the current context!
Error: Unable to interpret <[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys> in the current context!
Error: Unable to interpret <[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: ATAPI.SYS  >> in the current context!
Error: Unable to interpret <[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys> in the current context!
Error: Unable to interpret <[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys> in the current context!
Error: Unable to interpret <[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: CNGAUDIT.DLL  >> in the current context!
Error: Unable to interpret <[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll> in the current context!
Error: Unable to interpret <[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll> in the current context!
Error: Unable to interpret <[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll> in the current context!
Error: Unable to interpret <[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: IASTORV.SYS  >> in the current context!
Error: Unable to interpret <[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys> in the current context!
Error: Unable to interpret <[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys> in the current context!
Error: Unable to interpret <[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys> in the current context!
Error: Unable to interpret <[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys> in the current context!
Error: Unable to interpret <[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys> in the current context!
Error: Unable to interpret <[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: NETLOGON.DLL  >> in the current context!
Error: Unable to interpret <[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll> in the current context!
Error: Unable to interpret <[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll> in the current context!
Error: Unable to interpret <[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll> in the current context!
Error: Unable to interpret <[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: NVSTOR.SYS  >> in the current context!
Error: Unable to interpret <[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys> in the current context!
Error: Unable to interpret <[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys> in the current context!
Error: Unable to interpret <[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys> in the current context!
Error: Unable to interpret <[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys> in the current context!
Error: Unable to interpret <[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys> in the current context!
Error: Unable to interpret <[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: SCECLI.DLL  >> in the current context!
Error: Unable to interpret <[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll> in the current context!
Error: Unable to interpret <[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll> in the current context!
Error: Unable to interpret <[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll> in the current context!
Error: Unable to interpret <[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: USER32.DLL  >> in the current context!
Error: Unable to interpret <[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll> in the current context!
Error: Unable to interpret <[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll> in the current context!
Error: Unable to interpret <[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll> in the current context!
Error: Unable to interpret <[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: USERINIT.EXE  >> in the current context!
Error: Unable to interpret <[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe> in the current context!
Error: Unable to interpret <[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe> in the current context!
Error: Unable to interpret <[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe> in the current context!
Error: Unable to interpret <[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: WININIT.EXE  >> in the current context!
Error: Unable to interpret <[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe> in the current context!
Error: Unable to interpret <[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe> in the current context!
Error: Unable to interpret <[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe> in the current context!
Error: Unable to interpret <[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: WINLOGON.EXE  >> in the current context!
Error: Unable to interpret <[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe> in the current context!
Error: Unable to interpret <[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe> in the current context!
Error: Unable to interpret <[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: WS2IFSL.SYS  >> in the current context!
Error: Unable to interpret <[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys> in the current context!
Error: Unable to interpret <[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\drivers\*.sys /lockedfiles >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\System32\config\*.sav >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\*. /mp /s >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\*.dll /lockedfiles >> in the current context!
Error: Unable to interpret <[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <<          >> in the current context!
Error: Unable to interpret <[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT> in the current context!
Error: Unable to interpret <[2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT> in the current context!
Error: Unable to interpret <[2010.06.28 21:36:59 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job> in the current context!
Error: Unable to interpret <[2011.10.15 12:41:45 | 000,000,198 | ---- | C] () -- C:\Windows\Tasks\{CD7D28A7-F48B-41CE-B478-5A4BFF4BF3EB}.job> in the current context!
Error: Unable to interpret <[2012.03.27 17:33:15 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core1cd0c2eed37e280.job> in the current context!
Error: Unable to interpret <[2012.04.24 13:09:42 | 000,000,240 | ---- | C] () -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012.job> in the current context!
Error: Unable to interpret <[2012.05.23 18:15:41 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job> in the current context!
Error: Unable to interpret <[2012.06.09 16:06:09 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job> in the current context!
Error: Unable to interpret <[2012.07.13 03:14:16 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job> in the current context!
Error: Unable to interpret <[2012.07.26 17:34:42 | 000,001,152 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Alternate Data Streams ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1> in the current context!
Error: Unable to interpret << End of report >> in the current context!
 
OTL by OldTimer - Version 3.2.69.0 log created on 10132012_214142

cosinus 15.10.2012 10:25
Der Fix wurde falsch ausgeführt!
Bitte nur den Text aus meiner CODE-Box und nichts anderes da einfügen
Du hast ein OTL-Log selbst da eingefügt und dann versucht zu fixen, das ergibt hinten und vorne keinen Sinn - bitte die Anleitungen genauer lesen und sorgfältiger arbeiten

Valentice94 15.10.2012 15:05
ich habe alles aus deiner Box genommen.. nun gut soll ich nochmal die sachen aus deiner box nehmen und neu fixen?

cosinus 15.10.2012 15:10
Zitat:
ich habe alles aus deiner Box genommen..
Nein eben nicht wie man oben sieht!

Zitat:
nun gut soll ich nochmal die sachen aus deiner box nehmen und neu fixen?
ja sicher, der Fix wurde doch falsch ausgeführt!

Valentice94 15.10.2012 15:11
Alles klar tut mir leid ich weiß auch nicht was falsch mit mir war.. Ich Poste es gleich ins Forum

So hier ist es nun.

Code:
All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
File C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/ConduitChromeApiPlugin.dll not found.
File C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/np-cwmp.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27d7b987-0b4e-11df-85da-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27d7b987-0b4e-11df-85da-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27d7b987-0b4e-11df-85da-806e6f6e6963}\ not found.
File D:\Seite1.exe not found.
ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully.
========== FILES ==========
C:\install.exe moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache konnte nicht geleert werden: Beim Ausfhren der Funktion ist ein Fehler aufgetreten.
C:\Users\DragoTheOwner\Desktop\cmd.bat deleted successfully.
C:\Users\DragoTheOwner\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: AppData
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: MaxMustermann
->Temp folder emptied: 37370514 bytes
->Temporary Internet Files folder emptied: 33026133 bytes
->Java cache emptied: 27935419 bytes
->FireFox cache emptied: 59873134 bytes
->Google Chrome cache emptied: 459937026 bytes
->Flash cache emptied: 9869620 bytes
 
User: MaxMustermann
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 406457 bytes
%systemroot%\System32 .tmp files removed: 10568269 bytes
%systemroot%\System32 (64bit) .tmp files removed: 1291776 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 140 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36149587 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 645,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 10152012_161333

Files\Folders moved on Reboot...
C:\Users\DragoTheOwner\AppData\Local\Temp\AdobeARM.log moved successfully.
C:\Users\DragoTheOwner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

cosinus 15.10.2012 17:28
Mach bitte einen neuen OTL-CustomScan, da dein Rechner mit dem mediyes infiziert ist, braucht der eine etwas besondere Behandlung - Log wie immer in CODE-Tags posten

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers
HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\Windows\CurrentVersion\Telephony\Providers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost
HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost
HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com
%SystemRoot%\system32\*.tsp
%SystemRoot%\system32\*.tsp /64
C:\Windows\system32\*.dll /360
C:\Windows\SysNative\*.dll /360
C:\Windows\SysWOW64\*.dll /360

Valentice94 16.10.2012 12:35
Das ist der Report :

Code:
OTL logfile created on: 16.10.2012 13:28:41 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\DragoTheOwner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,76 Gb Available Physical Memory | 73,66% Memory free
7,50 Gb Paging File | 6,24 Gb Available in Paging File | 83,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 319,52 Gb Free Space | 68,62% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive E: | 3,67 Gb Total Space | 2,31 Gb Free Space | 62,96% Space Free | Partition Type: FAT32
Drive H: | 16,92 Mb Total Space | 1,50 Mb Free Space | 8,87% Space Free | Partition Type: FAT
Drive I: | 24,86 Mb Total Space | 24,84 Mb Free Space | 99,94% Space Free | Partition Type: FAT
 
Computer Name: NOEL | User Name: DragoTheOwner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.07.18 18:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2005.07.22 09:22:22 | 000,126,976 | ---- | M] (T-Com Bereich Endgeräte) -- C:\Program Files (x86)\OnlineControl\ocontrol.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Update-Service-Installer-Service)
SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Dnscache)
SRV - [2012.10.09 03:51:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.05 01:28:45 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.08.30 21:36:30 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.07.18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2012.07.14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.29 05:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.06.24 15:30:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.05.26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.12 19:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.02.15 13:08:56 | 000,675,840 | ---- | M] (RapidSolution Software AG) [Disabled | Stopped] -- C:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe -- (ScrambyServer)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.07.18 18:04:42 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.07.18 18:04:42 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.07.18 18:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.05.21 15:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.09.26 20:32:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.08.12 13:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010.07.01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010.02.14 17:06:19 | 000,575,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.11.11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008.11.11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008.11.11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007.08.08 08:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scramby_out.sys -- (scramby_out)
DRV:64bit: - [2006.12.05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV - [2011.12.12 19:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.11.01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01  [binary data]
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01  [binary data]
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{5E4D3DCE-F4DD-433C-A690-3EF511A532F2}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{9ECAE799-1810-47F9-AA0D-74B6C39860CF}: "URL" = hxxp://www.ricardo.ch/search/search.asp?txtSearch={searchTerms}&Catg=1&InTitleAndDesc=1
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{EE232B47-5DB3-4AA9-87BD-51DD6FA63286}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=685749"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DragoTheOwner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DragoTheOwner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 04:57:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.01 12:37:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\DragoTheOwner\AppData\Roaming\IDM\idmmzcc3
 
[2012.07.22 04:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Extensions
[2012.10.12 18:11:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions
[2012.09.17 19:22:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.09.18 17:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions
[2011.07.17 20:51:18 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.09 17:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\ffxtlbr@babylon.com
[2012.08.07 18:04:54 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.12 18:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.08.24 22:46:49 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Free Studio (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
 
O1 HOSTS File: ([2012.10.15 16:16:11 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\system32\d3dywzbtg.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri64_4.4.26.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47dda526-fe72-4f24-ae70-b0681e2df27d}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\scramby.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software)
O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.10.16 10:34:36 | 000,000,084 | ---- | M] () - H:\AUTORUN.INF -- [ FAT ]
O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun
O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun
O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.16 01:06:39 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Pickup Bot
[2012.10.16 01:06:29 | 004,094,578 | ---- | C] (Igor Pavlov) -- C:\Users\DragoTheOwner\Desktop\Tools by Unpublished.exe
[2012.10.14 18:36:11 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Switchbot
[2012.10.13 21:41:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.10.13 18:03:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
[2012.10.12 22:59:07 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Shizuka3-Client-2012-v3
[2012.10.10 18:29:00 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\CRE
[2012.10.09 15:21:06 | 000,024,960 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2012.10.09 15:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Toolbar
[2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2012.10.09 15:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5
[2012.09.23 21:16:38 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.09.23 21:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2012.09.23 21:07:37 | 000,000,000 | R--D | C] -- C:\Users\DragoTheOwner\SkyDrive
[2012.09.23 21:07:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2012.09.23 17:44:28 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple Computer
[2012.09.23 17:44:27 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer
[2012.09.23 17:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.09.23 17:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.09.23 17:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.09.23 17:41:50 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Apple
[2012.09.23 17:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.09.23 17:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.09.23 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.09.23 17:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.09.18 17:54:25 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes
[2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.18 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.18 17:54:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.18 17:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.18 17:31:19 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Drum & Bass und DubStep
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.16 13:13:01 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
[2012.10.16 12:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.16 10:36:36 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.16 10:36:36 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.16 10:36:36 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.16 10:36:36 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.16 10:36:36 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.16 10:10:44 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.16 10:10:44 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.16 10:03:44 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2012.10.16 10:03:27 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.10.16 10:03:26 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job
[2012.10.16 10:03:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.16 01:05:43 | 004,094,578 | ---- | M] (Igor Pavlov) -- C:\Users\DragoTheOwner\Desktop\Tools by Unpublished.exe
[2012.10.15 16:16:11 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012.10.15 15:13:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.10.15 10:03:07 | 000,375,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.14 15:02:59 | 000,157,850 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\asdasd.jpg
[2012.10.14 15:02:59 | 000,002,117 | ---- | M] () -- C:\Users\DragoTheOwner\.recently-used.xbel
[2012.10.14 14:57:01 | 000,204,828 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Blood-Lord-Vladimir-Skin.jpg
[2012.10.13 18:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
[2012.10.12 23:00:14 | 000,000,707 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk
[2012.10.12 16:05:43 | 000,284,749 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg
[2012.10.12 15:52:22 | 000,538,327 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
[2012.10.11 01:18:36 | 000,002,523 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Google Chrome.lnk
[2012.10.10 18:29:09 | 000,000,009 | ---- | M] () -- C:\END
[2012.10.10 15:34:18 | 000,212,245 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg
[2012.10.09 15:10:14 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012.10.08 18:36:38 | 003,256,058 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a
[2012.10.08 11:35:33 | 000,009,216 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.07 18:43:08 | 000,000,220 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url
[2012.09.29 23:42:11 | 000,000,219 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url
[2012.09.29 22:59:13 | 000,001,243 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk
[2012.09.26 04:32:38 | 000,029,114 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\Folder.jpg
[2012.09.26 04:32:38 | 000,006,205 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\AlbumArtSmall.jpg
[2012.09.26 04:25:54 | 000,433,908 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg
[2012.09.23 21:23:02 | 000,349,777 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg
[2012.09.23 21:15:54 | 000,001,305 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk
[2012.09.23 17:44:17 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.20 19:36:36 | 000,000,222 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url
[2012.09.19 21:25:16 | 002,311,218 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov
[2012.09.18 17:54:10 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.18 17:37:47 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img
[2012.09.18 05:57:42 | 419,430,400 | ---- | M] () -- C:\RAMDisk.img.bak
[2012.09.17 09:41:33 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
 
========== Files Created - No Company Name ==========
 
[2012.10.14 15:02:59 | 000,002,117 | ---- | C] () -- C:\Users\DragoTheOwner\.recently-used.xbel
[2012.10.14 15:02:58 | 000,157,850 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\asdasd.jpg
[2012.10.14 14:57:00 | 000,204,828 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Blood-Lord-Vladimir-Skin.jpg
[2012.10.12 23:00:14 | 000,000,707 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk
[2012.10.12 16:05:41 | 000,284,749 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg
[2012.10.12 15:52:20 | 000,538,327 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
[2012.10.10 18:29:07 | 000,000,009 | ---- | C] () -- C:\END
[2012.10.10 15:34:18 | 000,212,245 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\2012-10-10_00001.jpg
[2012.10.09 15:10:14 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012.10.08 18:36:35 | 003,256,058 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Electro - Xilent - Let Us Be.m4a
[2012.10.07 18:43:08 | 000,000,220 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url
[2012.09.29 23:42:11 | 000,000,219 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Left 4 Dead 2.url
[2012.09.26 04:26:54 | 000,433,908 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00076.jpg
[2012.09.24 05:01:33 | 000,000,617 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\League of Legends spielen .lnk
[2012.09.23 21:23:08 | 000,349,777 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DSC00083.jpg
[2012.09.23 21:15:54 | 000,001,305 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Movie Maker.lnk
[2012.09.23 21:15:42 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2012.09.23 21:14:59 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012.09.23 21:07:35 | 000,002,200 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2012.09.23 17:44:17 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.23 17:41:47 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.09.20 19:36:36 | 000,000,222 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Torchlight II.url
[2012.09.19 21:23:33 | 002,311,218 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Film 28.mov
[2012.09.18 17:54:10 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.17 19:22:41 | 000,001,243 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\DVDVideoSoft Free Studio.lnk
[2012.07.27 14:11:05 | 000,003,551 | ---- | C] () -- C:\Windows\wininit.ini
[2012.07.23 00:33:25 | 000,009,216 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.05.01 21:50:14 | 922,460,208 | ---- | C] () -- C:\Users\DragoTheOwner\War_Rock_10182011_G1_Xfire.exe
[2012.03.21 18:54:48 | 000,000,000 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\{30DEB4EF-7BA3-4C31-B2F1-2D0414B6C43D}
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.25 01:58:18 | 000,282,472 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.09.25 01:58:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.24 18:06:10 | 000,150,184 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.04.18 23:30:47 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.03.10 16:58:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.11.22 12:00:06 | 004,269,056 | ---- | C] () -- C:\Windows\SysWow64\system.dll
[2010.11.16 15:33:06 | 000,021,220 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\UserTile.png
[2010.03.01 20:09:42 | 000,007,606 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.09.10 03:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft
[2011.12.17 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics
[2011.05.22 11:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux
[2010.01.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener
[2011.02.10 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache
[2012.06.15 12:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations
[2012.07.06 17:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB
[2012.10.10 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft
[2012.09.17 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.01.27 21:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner
[2012.05.17 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson
[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen
[2011.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader
[2012.10.09 15:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager
[2010.06.10 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo
[2012.10.14 15:02:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0
[2011.06.18 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios
[2011.11.03 11:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ
[2011.01.15 00:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM
[2012.10.09 15:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2010.07.15 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics
[2010.08.24 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient
[2012.05.24 16:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2
[2010.10.11 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX
[2011.10.30 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut
[2011.04.03 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World
[2012.06.15 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF
[2011.07.10 21:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++
[2012.06.15 12:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org
[2010.06.27 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape
[2012.07.03 20:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games
[2011.10.08 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee
[2011.05.14 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot
[2012.07.20 02:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater
[2012.06.28 20:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync
[2010.12.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat
[2012.08.07 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer
[2011.05.10 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds
[2012.09.17 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client
[2012.04.20 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software
[2012.09.18 17:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue
[2011.10.15 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers >
"ProviderID0" = 1
"ProviderID1" = 2
"ProviderID2" = 3
"ProviderID3" = 4
"NextProviderID" = 5
"ProviderFileName0" = unimdm.tsp -- [2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation)
"ProviderFileName1" = kmddsp.tsp -- [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation)
"ProviderFileName2" = ndptsp.tsp -- [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation)
"ProviderFileName3" = hidphone.tsp -- [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation)
"NumProviders" = 4
 
< HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\Windows\CurrentVersion\Telephony\Providers >
"ProviderID0" = 1
"ProviderID1" = 2
"ProviderID2" = 3
"ProviderID3" = 4
"NextProviderID" = 5
"ProviderFileName0" = unimdm.tsp -- [2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation)
"ProviderFileName1" = kmddsp.tsp -- [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation)
"ProviderFileName2" = ndptsp.tsp -- [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation)
"ProviderFileName3" = hidphone.tsp -- [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation)
"NumProviders" = 4
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters >
"ServiceDll" = %SystemRoot%\System32\wkssvc.dll
"ServiceDllUnloadOnStop" = 1
"EnablePlainTextPassword" = 0
"EnableSecuritySignature" = 1
"RequireSecuritySignature" = 0
"OtherDomains" =  [binary data]
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S >
"DisplayName" = @%SystemRoot%\System32\dnsapi.dll,-101
"Group" = TDI
"ImagePath" = %SystemRoot%\system32\svchost.exe -k NetworkService -- [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\System32\dnsapi.dll,-102
"ObjectName" = NT AUTHORITY\NetworkService
"ErrorControl" = 1
"Start" = 2
"Type" = 32
"DependOnService" = Tdxnsi [binary data]
"ServiceSidType" = 1
"RequiredPrivileges" = SeChangeNotifyPrivilegeSeCreateGlobalPrivilege [binary data]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 C0 D4 01 00 01 00 00 00 E0 93 04 00 00 00 00 00 00 00 00 00  [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Security]
"Security" = 01 00 14 80 F8 00 00 00 04 01 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 C8 00 08 00 00 00 00 02 18 00 9D 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 21 02 00 00 00 02 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 02 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 02 14 00 8D 00 02 00 01 01 00 00 00 00 00 05 14 00 00 00 00 02 14 00 8D 00 02 00 01 01 00 00 00 00 00 05 13 00 00 00 00 02 18 00 CD 00 02 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 02 28 00 CD 01 02 00 01 06 00 00 00 00 00 05 50 00 00 00 04 C9 44 AF 94 D9 D3 E5 2B E1 B7 1C 17 84 87 13 6E 1A FA 65 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00  [Binary data over 200 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\TriggerInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\TriggerInfo\0]
"Type" = 4
"Action" = 1
"GUID" = 07 9E 56 B7 21 84 E0 4E AD 10 86 91 5A FD AD 09  [binary data]
"Data0" = 5355UDP [binary data]
"DataType0" = 2
 
< HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost >
"netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes]
"LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes]
"LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes]
"LocalServiceNoNetwork" = PLA [binary data] -- [2010.11.20 14:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation)
"rpcss" = RpcSs [binary data]
"LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data]
"LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data]
"DcomLaunch" = PowerPlugPlayDcomLaunch [binary data]
"NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes]
"imgsvc" = StiSvc [binary data]
"wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation)
"Akamai" = Akamai [binary data]
"Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data]
"Update-Service" = Update-Service [binary data]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc]
 
< HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost >
"netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes]
"LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes]
"LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes]
"LocalServiceNoNetwork" = PLA [binary data] -- [2010.11.20 14:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation)
"rpcss" = RpcSs [binary data]
"LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data]
"LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data]
"DcomLaunch" = PowerPlugPlayDcomLaunch [binary data]
"NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes]
"imgsvc" = StiSvc [binary data]
"wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation)
"Akamai" = Akamai [binary data]
"Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data]
"Update-Service" = Update-Service [binary data]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalService]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\netsvcs]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkService]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\termsvcs]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\wcssvc]
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com >
 
< %SystemRoot%\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
 
< %SystemRoot%\system32\*.tsp /64 >
[2009.07.14 03:38:54 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hidphone.tsp
[2009.07.14 03:38:54 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp
[2009.07.14 03:38:54 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ndptsp.tsp
[2009.07.14 03:38:54 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\remotesp.tsp
[2010.11.20 15:24:24 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
 
< C:\Windows\system32\*.dll /360 >
[2012.03.29 15:44:23 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\admparse.dll
[2012.07.26 19:08:06 | 000,153,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\atl110.dll
[2012.05.29 13:09:50 | 000,021,344 | ---- | M] (TuneUp Software) -- C:\Windows\system32\authuitu.dll
[2012.07.04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browcli.dll
[2012.06.06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cdosys.dll
[2012.04.24 06:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypt32.dll
[2012.04.24 06:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptnet.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsvc.dll
[2012.08.02 18:57:20 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll
[2012.10.01 12:37:53 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\deployJava1.dll
[2012.03.03 07:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll
[2012.03.29 15:44:27 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2012.03.29 15:44:27 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2012.08.21 13:01:20 | 000,106,928 | ---- | M] (GEAR Software Inc.) -- C:\Windows\system32\GEARAspi.dll
[2012.03.29 15:44:26 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2012.03.29 15:44:30 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2012.03.29 15:44:30 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakeng.dll
[2012.03.29 15:44:23 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieaksie.dll
[2012.03.29 15:44:23 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakui.dll
[2012.03.29 15:44:26 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2012.03.29 15:44:26 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2012.10.09 15:25:33 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2012.03.29 15:44:30 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2012.03.29 15:44:26 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2012.10.09 15:25:32 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2012.03.29 15:44:26 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2012.03.29 15:44:29 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2012.10.09 15:25:33 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2012.03.01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll
[2012.03.29 15:44:23 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2012.03.29 15:44:26 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2011.11.11 10:04:05 | 000,208,208 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\system32\install1.dll
[2012.10.09 15:25:33 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2012.10.09 15:25:33 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2012.10.09 15:25:33 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2012.03.29 15:44:26 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2012.07.17 14:49:00 | 000,209,648 | ---- | M] (Microsoft Corp.) -- C:\Windows\system32\LIVESSP.DLL
[2012.04.18 11:29:20 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msclmd.dll
[2012.10.09 15:25:33 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2012.03.29 15:44:30 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2012.10.09 15:25:33 | 012,319,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2012.10.09 15:25:33 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2012.03.29 15:44:29 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2012.04.07 13:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msi.dll
[2012.03.29 15:44:33 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2012.03.29 15:44:31 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2012.07.26 19:08:06 | 000,534,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp110.dll
[2012.07.26 19:08:06 | 000,862,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr110.dll
[2011.12.16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcrt.dll
[2012.06.06 07:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll
[2012.06.06 07:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll
[2012.06.02 06:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll
[2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi32.dll
[2012.10.01 12:37:53 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\npDeployJava1.dll
[2011.11.17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntdll.dll
[2012.01.04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntshrui.dll
[2012.06.29 05:37:00 | 002,422,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvapi.dll
[2012.06.29 05:37:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcompiler.dll
[2012.06.29 05:37:00 | 007,699,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuda.dll
[2012.06.29 05:37:00 | 001,865,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuvenc.dll
[2012.06.29 05:37:00 | 002,573,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuvid.dll
[2012.06.29 05:37:00 | 015,290,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvd3dum.dll
[2012.06.29 05:37:00 | 019,828,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvoglv32.dll
[2012.06.29 05:37:00 | 012,388,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvwgf2um.dll
[2012.03.29 15:44:23 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2012.06.29 05:37:00 | 000,052,584 | ---- | M] (Khronos Group) -- C:\Windows\system32\OpenCL.dll
[2011.11.19 16:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\packager.dll
[2012.03.29 15:44:25 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2012.10.09 15:23:35 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qdvd.dll
[2011.10.26 06:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\quartz.dll
[2012.02.17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpcore.dll
[2012.06.02 06:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll
[2012.06.02 06:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secur32.dll
[2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll
[2012.07.28 03:09:02 | 000,057,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sirenacm.dll
[2012.05.05 09:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srclient.dll
[2012.06.02 06:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sspicli.dll
[2011.11.05 06:26:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll
[2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\system32\UpdSvc.dll
[2012.10.09 15:25:32 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2012.10.09 15:25:32 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) -- C:\Windows\system32\uxtuneup.dll
[2012.10.09 15:25:33 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2012.07.26 19:08:06 | 000,251,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vccorlib110.dll
[2012.07.26 19:08:06 | 000,115,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vcomp110.dll
[2012.03.29 15:44:25 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2011.11.17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webio.dll
[2012.02.11 07:43:49 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32spl.dll
[2012.10.01 12:37:53 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\WindowsAccessBridge-32.dll
[2012.10.09 15:25:33 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
[2012.03.01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wintrust.dll
[2012.03.01 07:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmi.dll
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.06.28 21:36:59 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.10.15 12:41:45 | 000,000,198 | ---- | C] () -- C:\Windows\Tasks\{CD7D28A7-F48B-41CE-B478-5A4BFF4BF3EB}.job
[2012.03.27 17:33:15 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core1cd0c2eed37e280.job
[2012.04.24 13:09:42 | 000,000,240 | ---- | C] () -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012.job
[2012.05.23 18:15:41 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.06.09 16:06:09 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.07.13 03:14:16 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job
[2012.07.26 17:34:42 | 000,001,152 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
 
< C:\Windows\SysNative\*.dll /360 >
[2012.03.29 15:44:14 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.07.26 15:22:10 | 000,177,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\atl110.dll
[2012.05.29 13:09:50 | 000,025,952 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.07.05 00:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.07.05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browser.dll
[2012.06.06 08:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.04.24 07:37:36 | 001,462,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.04.24 07:37:37 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsvc.dll
[2011.10.26 07:21:20 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.08.02 19:58:52 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.03.03 08:35:38 | 001,544,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.03.29 15:44:09 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.03.29 15:44:09 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.08.21 13:01:20 | 000,125,872 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012.03.29 15:44:07 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.03.29 15:44:13 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.03.29 15:44:13 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.03.29 15:44:14 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.03.29 15:44:14 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.03.29 15:44:07 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.03.29 15:44:07 | 000,403,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2012.10.09 15:25:33 | 010,925,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2012.03.29 15:44:13 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.03.29 15:44:07 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.10.09 15:25:32 | 002,144,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2012.03.29 15:44:07 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.03.29 15:44:12 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.10.09 15:25:33 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.03.01 08:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.03.29 15:44:13 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.03.29 15:44:05 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.10.09 15:25:33 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.10.09 15:25:33 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.10.09 15:25:32 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll
[2012.03.29 15:44:06 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.07.17 15:14:44 | 000,253,184 | ---- | M] (Microsoft Corp.) -- C:\Windows\SysNative\LIVESSP.DLL
[2012.05.14 07:26:34 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2011.11.17 08:35:19 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.04.18 11:29:20 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2012.10.09 15:25:33 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.03.29 15:44:13 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2012.10.09 15:25:33 | 017,810,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2012.10.09 15:25:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.03.29 15:44:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.04.07 14:31:40 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.03.29 15:44:21 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.03.29 15:44:19 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.07.26 15:22:10 | 000,661,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp110.dll
[2012.07.26 15:22:10 | 000,828,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr110.dll
[2011.12.16 10:46:06 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.06.06 08:06:16 | 001,881,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3.dll
[2012.06.06 08:06:16 | 002,004,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6.dll
[2012.06.02 07:44:21 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.05 00:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2011.11.17 08:41:18 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.04 12:44:20 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.06.29 05:37:00 | 002,723,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.05.21 15:10:54 | 000,072,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapo64v.dll
[2012.06.29 05:37:00 | 025,256,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.06.29 01:55:46 | 006,193,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.06.29 05:37:00 | 009,164,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.06.29 05:37:00 | 002,216,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.06.29 05:37:00 | 002,744,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.06.29 05:37:00 | 018,228,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.06.29 05:37:00 | 001,758,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.06.29 05:37:00 | 001,472,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012.05.15 12:48:00 | 001,468,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012.05.21 09:34:41 | 001,468,264 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2012.05.21 15:10:56 | 000,031,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012.06.29 01:55:40 | 000,118,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.06.29 05:37:00 | 026,226,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.06.29 01:55:39 | 000,063,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.06.29 01:55:57 | 003,266,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.06.29 01:55:40 | 002,557,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.06.29 05:37:00 | 014,806,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.03.29 15:44:15 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.06.29 05:37:00 | 000,060,776 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.11.19 16:58:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.03.29 15:44:14 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.05.01 07:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\profsvc.dll
[2012.10.09 15:23:35 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2011.10.26 07:25:16 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.02.17 08:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.04.26 07:41:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.04.26 07:41:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.02 07:45:31 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\schannel.dll
[2011.11.17 08:35:25 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shell32.dll
[2012.05.05 10:36:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2011.11.17 08:35:26 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2011.11.17 08:35:26 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2011.11.05 07:32:50 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tzres.dll
[2012.10.09 15:25:32 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.10.09 15:25:32 | 001,346,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll
[2012.07.09 13:42:56 | 004,547,984 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012.10.09 15:25:33 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.07.26 15:22:10 | 000,354,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vccorlib110.dll
[2012.07.26 15:22:10 | 000,124,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vcomp110.dll
[2012.03.29 15:44:06 | 000,249,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webcheck.dll
[2011.11.17 08:35:28 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.02.11 08:43:47 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.10.09 15:25:33 | 001,392,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2012.03.01 08:38:27 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.03.01 08:28:47 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmi.dll
[2012.06.03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.03 00:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll
[2012.06.03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
 
< C:\Windows\SysWOW64\*.dll /360 >
[2012.03.29 15:44:23 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\admparse.dll
[2012.07.26 19:08:06 | 000,153,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl110.dll
[2012.05.29 13:09:50 | 000,021,344 | ---- | M] (TuneUp Software) -- C:\Windows\SysWOW64\authuitu.dll
[2012.07.04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\browcli.dll
[2012.06.06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cdosys.dll
[2012.04.24 06:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
[2012.04.24 06:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.08.02 18:57:20 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10level9.dll
[2012.10.01 12:37:53 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWOW64\deployJava1.dll
[2012.03.03 07:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
[2012.03.29 15:44:27 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
[2012.03.29 15:44:27 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
[2012.08.21 13:01:20 | 000,106,928 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysWOW64\GEARAspi.dll
[2012.03.29 15:44:26 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icardie.dll
[2012.03.29 15:44:30 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IEAdvpack.dll
[2012.03.29 15:44:30 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieakeng.dll
[2012.03.29 15:44:23 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieaksie.dll
[2012.03.29 15:44:23 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieakui.dll
[2012.03.29 15:44:26 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
[2012.03.29 15:44:26 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iedkcs32.dll
[2012.10.09 15:25:33 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
[2012.03.29 15:44:30 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iepeers.dll
[2012.03.29 15:44:26 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iernonce.dll
[2012.10.09 15:25:32 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
[2012.03.29 15:44:26 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iesetup.dll
[2012.03.29 15:44:29 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iesysprep.dll
[2012.10.09 15:25:33 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
[2012.03.01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
[2012.03.29 15:44:23 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll
[2012.03.29 15:44:26 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\inseng.dll
[2011.11.11 10:04:05 | 000,208,208 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\SysWOW64\install1.dll
[2012.10.09 15:25:33 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
[2012.10.09 15:25:33 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
[2012.10.09 15:25:33 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
[2012.03.29 15:44:26 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\licmgr10.dll
[2012.07.17 14:49:00 | 000,209,648 | ---- | M] (Microsoft Corp.) -- C:\Windows\SysWOW64\LIVESSP.DLL
[2012.04.18 11:29:20 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msclmd.dll
[2012.10.09 15:25:33 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msfeeds.dll
[2012.03.29 15:44:30 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msfeedsbs.dll
[2012.10.09 15:25:33 | 012,319,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
[2012.10.09 15:25:33 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmled.dll
[2012.03.29 15:44:29 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmler.dll
[2012.04.07 13:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
[2012.03.29 15:44:33 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
[2012.03.29 15:44:31 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msrating.dll
[2012.07.26 19:08:06 | 000,534,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp110.dll
[2012.07.26 19:08:06 | 000,862,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr110.dll
[2011.12.16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
[2012.06.06 07:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
[2012.06.06 07:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
[2012.06.02 06:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
[2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
[2012.10.01 12:37:53 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWOW64\npDeployJava1.dll
[2011.11.17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
[2012.01.04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
[2012.06.29 05:37:00 | 002,422,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll
[2012.06.29 05:37:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcompiler.dll
[2012.06.29 05:37:00 | 007,699,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuda.dll
[2012.06.29 05:37:00 | 001,865,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuvenc.dll
[2012.06.29 05:37:00 | 002,573,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuvid.dll
[2012.06.29 05:37:00 | 015,290,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
[2012.06.29 05:37:00 | 019,828,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvoglv32.dll
[2012.06.29 05:37:00 | 012,388,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll
[2012.03.29 15:44:23 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\occache.dll
[2012.06.29 05:37:00 | 000,052,584 | ---- | M] (Khronos Group) -- C:\Windows\SysWOW64\OpenCL.dll
[2011.11.19 16:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\packager.dll
[2012.03.29 15:44:25 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pngfilt.dll
[2012.10.09 15:23:35 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qdvd.dll
[2011.10.26 06:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\quartz.dll
[2012.02.17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rdpcore.dll
[2012.06.02 06:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
[2012.06.02 06:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
[2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
[2012.07.28 03:09:02 | 000,057,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sirenacm.dll
[2012.05.05 09:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
[2012.06.02 06:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
[2011.11.05 06:26:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tzres.dll
[2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\SysWOW64\UpdSvc.dll
[2012.10.09 15:25:32 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\url.dll
[2012.10.09 15:25:32 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
[2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) -- C:\Windows\SysWOW64\uxtuneup.dll
[2012.10.09 15:25:33 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll
[2012.07.26 19:08:06 | 000,251,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vccorlib110.dll
[2012.07.26 19:08:06 | 000,115,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vcomp110.dll
[2012.03.29 15:44:25 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webcheck.dll
[2011.11.17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
[2012.02.11 07:43:49 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\win32spl.dll
[2012.10.01 12:37:53 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
[2012.10.09 15:25:33 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
[2012.03.01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
[2012.03.01 07:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmi.dll

< End of report >

cosinus 16.10.2012 14:22
Ok, bevor wir den mediyes gezielt bekämpfen bitte mit ERUNT die Registry sichern:

Downloade und installiere bitte Erunt.
Bitte belasse die Einstellungen wie sie sind.
  • Starte Erunt und bestätige die "Willkommen" Box mit OK
  • Wähle bitte folgende Sicherungsoptionen
    • Systemregistrierung
    • Registrierung des aktuellen Benutzers
    • Andere geöffnete Benutzerregistrierungen
  • Klicke OK und warte bis die Sicherung abgeschlossen ist.

Gibt mir Bescheid wenn das erledigt ist

Valentice94 16.10.2012 16:11
Erledigt. :)

cosinus 17.10.2012 08:28
Beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
SRV - [2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)
[2011.11.11 10:04:05 | 000,208,208 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\system32\install1.dll
[2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\system32\UpdSvc.dll
[2011.11.11 10:04:05 | 000,208,208 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\SysWOW64\install1.dll
[2011.11.11 10:04:22 | 000,114,000 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\SysWOW64\UpdSvc.dll

:Reg
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
"Update-Service-Installer-Service"=-
"Update-Service"=-

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
"Update-Service-Installer-Service"=-
"Update-Service"=-

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  64,00,6e,00,73,00,72,00,73,00,6c,00,76,00,72,00,2e,00,64,00,6c,00,6c,00,00,\
  00
"ServiceDllUnloadOnStop"=dword:00000001
"extension"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,\
  00,6e,00,73,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\DnsCache]
"ShutdownOnIdle"=dword:00000000

:Commands
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!


Anschließend brauch ich den Quarantäneordner von OTL. Bitte folgendes nach dem OTL-Fix und anschließendem Windows-Neustart machen

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen!
2.) Ordner MovedFiles in C:\_OTL in eine Datei zippen
3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten!

4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten

Valentice94 19.10.2012 13:26
Vorgang erfolgreich abgeschlossen.

cosinus 19.10.2012 14:33
Wieso lädst du die Logs hoch? Die Logs solltest du hier posten - hochgeladen werden sollte die ZIP-Datei mit der OTL-Q!

Valentice94 19.10.2012 16:08
ich weiß nicht wie man dateien zu einer zip datei macht ._.

cosinus 19.10.2012 16:44
Und es wäre ja auch zu abwegig da mal nach zu googlen :D

Rechtsklick auf den Ordner MovedFiles, senden an => ZIP komprimierter Ordner

Valentice94 19.10.2012 18:02
So jetz aber :D is hochgeladen

cosinus 21.10.2012 11:00
LSP-Fix

Bitte downloade dir LSPFix
  • Speichere die Datei auf dem Desktop.
  • Starte die LSPFix.exe.
  • Markiere die Box "I know what I'm doing"
  • In der Keep Box solltest eine oder mehrere dieser d3dywzbtg.dll Dateien finden.
  • Wähle jede einzelne vorhandene d3dywzbtg.dll und verschiebe diese in die Remove Box indem du den >> Button drückst.
  • Wenn alle Dateien verschoben wurden klicke Finish>>.

Valentice94 23.10.2012 15:02
Okay hab ich. Achja da war nur eine d3dywzbtg.dll datei.

cosinus 23.10.2012 15:46
Mach bitte einen (neuen) CustomScan mit OTL - das Log davon nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Valentice94 02.11.2012 14:23
Hier ist das Ergebnis.
Code:
OTL logfile created on: 02.11.2012 14:06:32 - Run 3
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\DragoTheOwner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 71,98% Memory free
7,50 Gb Paging File | 6,21 Gb Available in Paging File | 82,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 319,09 Gb Free Space | 68,52% Space Free | Partition Type: NTFS
Drive E: | 7,41 Gb Total Space | 6,82 Gb Free Space | 92,11% Space Free | Partition Type: FAT32
 
Computer Name: NOEL | User Name: DragoTheOwner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.30 13:16:27 | 009,128,944 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2012.10.13 17:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.18 17:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.07.18 17:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.07.18 17:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.06.28 16:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.06.24 14:30:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.05.26 11:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2005.07.22 08:22:22 | 000,126,976 | ---- | M] (T-Com Bereich Endgeräte) -- C:\Program Files (x86)\OnlineControl\ocontrol.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.23 13:26:48 | 000,426,480 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
MOD - [2012.10.23 13:26:48 | 000,414,720 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite4.dll
MOD - [2012.10.23 13:26:48 | 000,236,016 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
MOD - [2012.10.23 13:26:48 | 000,230,384 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
MOD - [2012.10.23 13:26:48 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtSql4.dll
MOD - [2012.10.23 13:26:48 | 000,159,216 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
MOD - [2012.07.16 08:20:16 | 002,210,816 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtCore4.dll
MOD - [2012.07.16 08:20:16 | 000,814,080 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtNetwork4.dll
MOD - [2012.07.16 08:20:16 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg4.dll
MOD - [2012.07.16 08:20:16 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif4.dll
MOD - [2012.07.16 08:20:14 | 007,859,200 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtGui4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.05.29 12:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Update-Service-Installer-Service)
SRV - [2012.10.29 03:37:17 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.10.26 09:17:46 | 004,539,200 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll -- (Akamai)
SRV - [2012.10.09 02:51:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.13 12:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.18 17:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.07.18 17:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.07.17 14:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2012.07.14 01:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.29 04:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.06.28 16:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.06.24 14:30:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.29 12:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 12:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.05.26 11:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012.03.19 12:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.12 18:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.02.15 12:08:56 | 000,675,840 | ---- | M] (RapidSolution Software AG) [Disabled | Stopped] -- C:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe -- (ScrambyServer)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.28 01:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.07.18 17:04:42 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.07.18 17:04:42 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.07.18 17:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.07.09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.05.21 14:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.09.26 19:32:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.08.12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010.07.01 13:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010.02.14 16:06:19 | 000,575,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 15:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.11.11 12:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008.11.11 12:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008.11.11 12:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007.08.08 07:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scramby_out.sys -- (scramby_out)
DRV:64bit: - [2006.12.05 10:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV - [2011.12.12 18:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.11.01 05:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.02 04:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ncr
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01  [binary data]
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ncr
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 FF EA 61 0C 1E CD 01  [binary data]
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{1A3725CF-16C8-4636-87A5-9F01EF82484A}: "URL" = hxxp://www.questbrowse.com/?prt=QUESTBROWSE199&keywords={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ncr
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{5E4D3DCE-F4DD-433C-A690-3EF511A532F2}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{9ECAE799-1810-47F9-AA0D-74B6C39860CF}: "URL" = hxxp://www.ricardo.ch/search/search.asp?txtSearch={searchTerms}&Catg=1&InTitleAndDesc=1
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\{EE232B47-5DB3-4AA9-87BD-51DD6FA63286}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..CT2269050.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=685749"
FF - prefs.js..browser.search.selectedEngine: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13"
FF - prefs.js..extensions.enabledAddons: iobit@mybrowserbar.com:6.3
FF - prefs.js..extensions.enabledAddons: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:10.13.1.89
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="
 
FF - user.js..browser.search.defaultenginename: "Google"
FF - user.js..browser.search.selectedEngine: "Google"
FF - user.js..browser.startup.homepage: "hxxp://www.google.de/ncr"
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\DragoTheOwner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DragoTheOwner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DragoTheOwner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\DragoTheOwner\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 03:57:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.01 11:37:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\DragoTheOwner\AppData\Roaming\IDM\idmmzcc3
 
[2012.07.22 03:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Extensions
[2012.10.21 21:45:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions
[2012.10.21 18:49:22 | 000,000,000 | ---D | M] (DVDVideoSoftTB) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012.09.17 18:22:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\onztcf3b.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.09.18 16:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions
[2011.07.17 19:51:18 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.09 16:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\Firefox\Profiles\zoujmba7.default\extensions\ffxtlbr@babylon.com
[2012.08.07 17:04:54 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.21 21:45:28 | 000,001,028 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\searchplugins\dvdvideosofttb-customized-web-search.xml
[2012.10.25 19:20:42 | 000,003,576 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\mozilla\firefox\profiles\onztcf3b.default\searchplugins\Google.xml
[2012.10.12 17:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.08.24 21:46:49 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.09 14:12:08 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES (X86)\IOBIT TOOLBAR\FF
[2012.07.14 01:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 01:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Free Studio (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.13.1.89_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
 
O1 HOSTS File: ([2012.10.15 15:16:11 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [Facebook Update] C:\Users\DragoTheOwner\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\DragoTheOwner\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3495749685-3259519129-3383261289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri64_4.4.26.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47dda526-fe72-4f24-ae70-b0681e2df27d}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun
O33 - MountPoints2\{d4d61c81-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell - "" = AutoRun
O33 - MountPoints2\{d4d61c9b-c984-11df-9f7c-00306727c0a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk -  - File not found
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk -  - File not found
MsConfig:64bit - StartUpReg: BabylonToolbar - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Free Download Manager - hkey= - key= - C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
MsConfig:64bit - StartUpReg: HBLiteSA - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: Windows Game Service - hkey= - key= -  File not found
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.bdmpeg - bdmpega64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.mjpg - bdmjpeg64.dll ()
Drivers32:64bit: vidc.mpeg - bdmpegv64.dll ()
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.23 15:01:31 | 000,186,880 | ---- | C] (CEXX.ORG) -- C:\Users\DragoTheOwner\Desktop\LSPFix (1).exe
[2012.10.22 23:30:43 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Documents\Vindictus EU
[2012.10.22 23:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2012.10.22 23:30:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BandiMPEG1
[2012.10.22 23:27:00 | 000,000,000 | ---D | C] -- C:\Nexon
[2012.10.22 13:44:11 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Neuer Ordner
[2012.10.21 18:49:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012.10.21 18:49:09 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Conduit
[2012.10.21 18:49:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoftTB
[2012.10.19 13:25:29 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\logs
[2012.10.17 10:51:56 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012.10.17 10:37:00 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\Facebook
[2012.10.16 16:09:48 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012.10.16 15:47:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012.10.16 15:47:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012.10.16 00:06:39 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Pickup Bot
[2012.10.16 00:06:29 | 004,094,578 | ---- | C] (Igor Pavlov) -- C:\Users\DragoTheOwner\Desktop\Tools by Unpublished.exe
[2012.10.14 17:36:11 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Switchbot
[2012.10.13 20:41:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.10.13 17:03:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
[2012.10.12 21:59:07 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\Desktop\Shizuka3-Client-2012-v3
[2012.10.10 17:29:00 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Local\CRE
[2012.10.09 14:21:06 | 000,024,960 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2012.10.09 14:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Toolbar
[2012.10.09 14:10:14 | 000,000,000 | ---D | C] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2012.10.09 14:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.02 13:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.02 13:13:00 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
[2012.11.02 11:56:43 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
[2012.11.02 11:56:42 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.11.02 09:15:28 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.02 09:15:28 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.02 09:12:09 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.02 09:12:09 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.02 09:12:09 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.02 09:12:09 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.02 09:12:09 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.02 09:08:27 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2012.11.02 09:08:26 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.11.02 09:07:59 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job
[2012.11.02 09:07:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.01 15:13:01 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.10.31 05:27:48 | 000,812,494 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\sephiroth-347-final-fantasy-jeux-video.jpg
[2012.10.31 05:26:38 | 000,335,515 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Sephiroth-Wing.png
[2012.10.31 05:25:08 | 000,020,780 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\004_sephiroth.jpg
[2012.10.30 21:31:39 | 005,464,881 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Black Eyed Peas - Where is the Love.mp3
[2012.10.30 21:25:39 | 008,411,538 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Scouting for Girls -  This Aint A Love Song.mp3
[2012.10.30 17:55:24 | 000,053,019 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\haschtueberhauptgelernt.jpg
[2012.10.30 17:40:02 | 000,156,354 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\omg.png
[2012.10.28 17:26:56 | 002,481,700 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Take_0003.mov
[2012.10.26 19:04:46 | 000,029,644 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5689029_700b_v2.jpg
[2012.10.24 18:05:43 | 000,029,247 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5664706_700b.jpg
[2012.10.24 14:00:55 | 000,000,183 | ---- | M] () -- C:\Users\Public\Desktop\Vindictus EU.url
[2012.10.23 15:01:28 | 000,186,880 | ---- | M] (CEXX.ORG) -- C:\Users\DragoTheOwner\Desktop\LSPFix (1).exe
[2012.10.22 23:30:42 | 000,001,747 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Launch Vindictus.lnk
[2012.10.21 18:49:44 | 000,000,009 | ---- | M] () -- C:\END
[2012.10.20 01:30:12 | 000,049,169 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\Folder.jpg
[2012.10.20 01:30:12 | 000,009,774 | -HS- | M] () -- C:\Users\DragoTheOwner\Desktop\AlbumArtSmall.jpg
[2012.10.19 18:00:43 | 000,533,757 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\MovedFiles.zip
[2012.10.19 13:20:35 | 000,024,148 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Die Logs.rar
[2012.10.17 10:52:03 | 000,001,324 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2012.10.16 15:47:47 | 000,001,108 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012.10.16 15:47:42 | 000,000,909 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\ERUNT.lnk
[2012.10.16 00:05:43 | 004,094,578 | ---- | M] (Igor Pavlov) -- C:\Users\DragoTheOwner\Desktop\Tools by Unpublished.exe
[2012.10.15 15:16:11 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012.10.15 09:03:07 | 000,375,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.14 14:02:59 | 000,002,117 | ---- | M] () -- C:\Users\DragoTheOwner\.recently-used.xbel
[2012.10.14 13:57:01 | 000,204,828 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Blood-Lord-Vladimir-Skin.jpg
[2012.10.13 17:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DragoTheOwner\Desktop\OTL.exe
[2012.10.12 22:00:14 | 000,000,707 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk
[2012.10.12 15:05:43 | 000,284,749 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg
[2012.10.12 14:52:22 | 000,538,327 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
[2012.10.11 00:18:36 | 000,002,523 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Google Chrome.lnk
[2012.10.09 14:10:14 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012.10.08 10:35:33 | 000,009,216 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.07 17:43:08 | 000,000,220 | ---- | M] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url
 
========== Files Created - No Company Name ==========
 
[2012.10.31 05:27:48 | 000,812,494 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\sephiroth-347-final-fantasy-jeux-video.jpg
[2012.10.31 05:26:38 | 000,335,515 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Sephiroth-Wing.png
[2012.10.31 05:25:07 | 000,020,780 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\004_sephiroth.jpg
[2012.10.30 21:32:04 | 005,464,881 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Black Eyed Peas - Where is the Love.mp3
[2012.10.30 21:25:53 | 008,411,538 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Scouting for Girls -  This Aint A Love Song.mp3
[2012.10.30 17:55:24 | 000,053,019 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\haschtueberhauptgelernt.jpg
[2012.10.30 17:40:01 | 000,156,354 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\omg.png
[2012.10.28 17:22:57 | 002,481,700 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Take_0003.mov
[2012.10.26 19:04:44 | 000,029,644 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5689029_700b_v2.jpg
[2012.10.24 18:05:42 | 000,029,247 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5664706_700b.jpg
[2012.10.24 14:00:55 | 000,000,183 | ---- | C] () -- C:\Users\Public\Desktop\Vindictus EU.url
[2012.10.22 23:30:42 | 000,001,747 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Launch Vindictus.lnk
[2012.10.19 18:00:43 | 000,533,757 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\MovedFiles.zip
[2012.10.19 13:20:35 | 000,024,148 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Die Logs.rar
[2012.10.17 10:51:56 | 000,001,324 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2012.10.17 10:37:11 | 000,000,960 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
[2012.10.17 10:37:08 | 000,000,938 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.10.16 15:47:47 | 000,001,108 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012.10.16 15:47:42 | 000,000,909 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\ERUNT.lnk
[2012.10.14 14:02:59 | 000,002,117 | ---- | C] () -- C:\Users\DragoTheOwner\.recently-used.xbel
[2012.10.14 13:57:00 | 000,204,828 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Blood-Lord-Vladimir-Skin.jpg
[2012.10.12 22:00:14 | 000,000,707 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\ClientStarter - Verknüpfung.lnk
[2012.10.12 15:05:41 | 000,284,749 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\5580371_700b_v1.jpg
[2012.10.12 14:52:20 | 000,538,327 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
[2012.10.10 17:29:07 | 000,000,009 | ---- | C] () -- C:\END
[2012.10.09 14:10:14 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012.10.07 17:43:08 | 000,000,220 | ---- | C] () -- C:\Users\DragoTheOwner\Desktop\Killing Floor.url
[2012.07.27 13:11:05 | 000,003,551 | ---- | C] () -- C:\Windows\wininit.ini
[2012.07.22 23:33:25 | 000,009,216 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.28 16:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.05.01 20:50:14 | 922,460,208 | ---- | C] () -- C:\Users\DragoTheOwner\War_Rock_10182011_G1_Xfire.exe
[2012.03.21 17:54:48 | 000,000,000 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\{30DEB4EF-7BA3-4C31-B2F1-2D0414B6C43D}
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.25 00:58:18 | 000,282,472 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.09.25 00:58:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011.05.31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011.05.24 17:06:10 | 000,150,184 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.04.18 22:30:47 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.03.10 15:58:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.11.22 11:00:06 | 004,269,056 | ---- | C] () -- C:\Windows\SysWow64\system.dll
[2010.11.16 14:33:06 | 000,021,220 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Roaming\UserTile.png
[2010.03.01 19:09:42 | 000,007,606 | ---- | C] () -- C:\Users\DragoTheOwner\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.09.10 02:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft
[2011.12.17 10:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics
[2011.05.22 10:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux
[2010.01.27 20:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener
[2011.02.10 03:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache
[2012.06.15 11:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations
[2012.07.06 16:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB
[2012.10.10 17:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft
[2012.09.17 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.01.27 20:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner
[2012.05.17 06:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson
[2012.06.15 11:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen
[2011.05.18 18:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader
[2012.10.09 14:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager
[2010.06.10 18:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo
[2012.10.14 14:02:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0
[2011.06.18 16:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios
[2011.11.03 10:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ
[2011.01.14 23:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM
[2012.10.09 14:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2010.07.15 08:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics
[2010.08.24 13:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient
[2012.05.24 15:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2
[2010.10.11 21:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX
[2011.10.30 20:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut
[2011.04.03 00:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World
[2012.06.15 11:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF
[2011.07.10 20:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++
[2012.06.15 11:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org
[2010.06.27 20:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape
[2012.07.03 19:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games
[2011.10.08 09:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee
[2011.05.14 18:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot
[2012.07.20 01:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater
[2012.06.28 19:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync
[2010.12.18 20:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat
[2012.08.07 17:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer
[2011.05.10 19:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds
[2012.11.02 14:06:42 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client
[2012.04.20 22:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software
[2012.09.18 16:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue
[2011.10.15 18:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.09.10 02:54:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\.minecraft
[2012.06.15 09:44:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Adobe
[2012.09.23 16:45:20 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Apple Computer
[2010.10.08 20:44:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ArcSoft
[2011.12.17 10:40:57 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Auslogics
[2011.05.22 10:51:28 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\avidemux
[2012.07.27 14:44:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Avira
[2011.01.07 23:17:15 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\AVS4YOU
[2010.01.27 20:21:46 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Degener
[2011.01.08 16:15:16 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DivX
[2011.02.10 03:21:33 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DMCache
[2012.06.15 11:26:19 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Downloaded Installations
[2012.07.06 16:11:52 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DragonicaECB
[2012.10.10 17:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoft
[2012.09.17 18:22:51 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.01.27 20:21:56 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Ebner
[2012.05.17 06:47:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Epson
[2012.06.15 11:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FileOpen
[2011.05.18 18:28:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\FOG Downloader
[2012.10.09 14:21:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Free Download Manager
[2010.06.10 18:40:43 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\GetRightToGo
[2012.10.14 14:02:59 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\gtk-2.0
[2010.09.18 15:21:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hamachi
[2011.06.18 16:05:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Hi-Rez Studios
[2011.11.03 10:28:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\ICQ
[2010.01.27 15:55:55 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Identities
[2011.01.14 23:21:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IDM
[2010.02.14 16:06:21 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\InstallShield
[2012.10.09 14:10:14 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\IObit
[2010.07.15 08:44:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LG Electronics
[2010.08.24 13:01:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient
[2012.05.24 15:02:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\LolClient2
[2010.01.27 19:28:38 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Macromedia
[2010.10.11 21:42:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\MAGIX
[2012.09.18 16:54:25 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Malwarebytes
[2009.07.14 19:18:18 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Media Center Programs
[2012.10.17 10:51:56 | 000,000,000 | --SD | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Microsoft
[2012.07.22 03:58:26 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Mozilla
[2011.10.30 20:30:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\mp3DirectCut
[2011.04.03 00:20:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Need for Speed World
[2012.06.15 11:27:39 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Nitro PDF
[2011.07.10 20:48:53 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Notepad++
[2012.04.22 14:31:58 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\NVIDIA
[2012.06.15 11:50:09 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\OpenOffice.org
[2010.06.27 20:43:41 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\PhotoScape
[2012.07.03 19:23:35 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\runic games
[2011.10.08 09:17:27 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Screaming Bee
[2011.05.14 18:00:34 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\SFBot
[2012.07.20 01:20:12 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-updater
[2012.06.28 19:38:45 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\six-zsync
[2012.11.02 14:06:06 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Skype
[2011.07.23 23:03:22 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\skypePM
[2010.12.18 20:34:04 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Soldat
[2010.08.10 12:36:36 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\teamspeak2
[2012.08.07 17:29:10 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TeamViewer
[2011.05.10 19:18:50 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Teeworlds
[2012.11.02 14:06:42 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TS3Client
[2012.04.20 22:31:08 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\TuneUp Software
[2012.09.18 16:36:54 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Uniblue
[2011.10.15 18:16:40 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\Windows Live Writer
[2010.01.27 16:09:32 | 000,000,000 | ---D | M] -- C:\Users\DragoTheOwner\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.01.29 16:45:25 | 079,043,646 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe7
[2011.01.29 16:45:25 | 087,148,709 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe5
[2011.01.29 16:45:25 | 074,667,317 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe6
[2011.01.29 16:45:25 | 079,551,845 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe4
[2011.01.29 16:45:25 | 068,507,997 | ---- | M] (Igor Pavlov) -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe
[2011.01.29 16:45:25 | 064,054,648 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe1
[2011.01.29 16:45:25 | 075,811,492 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe2
[2011.01.29 16:45:25 | 074,545,348 | ---- | M] () -- C:\Users\DragoTheOwner\AppData\Roaming\IDM\DwnlData\DragoTheOwner\WhiteLotusMT2_36\WhiteLotusMT2.exe3
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.09.07 16:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<          >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.06.28 20:36:59 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.10.15 11:41:45 | 000,000,198 | ---- | C] () -- C:\Windows\Tasks\{CD7D28A7-F48B-41CE-B478-5A4BFF4BF3EB}.job
[2012.03.27 16:33:15 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core1cd0c2eed37e280.job
[2012.04.24 12:09:42 | 000,000,240 | ---- | C] () -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012.job
[2012.05.23 17:15:41 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.06.09 15:06:09 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.07.13 02:14:16 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd6094d21edffc.job
[2012.07.26 16:34:42 | 000,001,152 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
[2012.10.17 10:37:08 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000Core.job
[2012.10.17 10:37:11 | 000,000,960 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3495749685-3259519129-3383261289-1000UA.job
 
========== Files - Unicode (All) ==========
[2012.10.29 20:35:35 | 074,685,268 | ---- | M] ()(C:\Users\DragoTheOwner\Desktop\vBestamvsofalltime ? Magic Eye AMV.mp4) -- C:\Users\DragoTheOwner\Desktop\√Bestamvsofalltime ▪ Magic Eye AMV.mp4
[2012.10.29 20:34:59 | 074,685,268 | ---- | C] ()(C:\Users\DragoTheOwner\Desktop\vBestamvsofalltime ? Magic Eye AMV.mp4) -- C:\Users\DragoTheOwner\Desktop\√Bestamvsofalltime ▪ Magic Eye AMV.mp4
[2012.10.29 20:34:57 | 060,899,413 | ---- | M] ()(C:\Users\DragoTheOwner\Desktop\vBestamvsofalltime ? Our Tapes AMV.mp4) -- C:\Users\DragoTheOwner\Desktop\√Bestamvsofalltime ▪ Our Tapes AMV.mp4
[2012.10.29 20:33:05 | 060,899,413 | ---- | C] ()(C:\Users\DragoTheOwner\Desktop\vBestamvsofalltime ? Our Tapes AMV.mp4) -- C:\Users\DragoTheOwner\Desktop\√Bestamvsofalltime ▪ Our Tapes AMV.mp4

< End of report >
Es tut mir leid das ich solange gebraucht habe. Ich hatte in letzter Zeit ne menge zu tun.

Valentice94 02.11.2012 14:24
ups! :D Doppelgemoppelt

cosinus 03.11.2012 16:26
Gut, mediyes dürfte erlegt sein

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

Valentice94 04.11.2012 18:44
TDSSKiller Report:

Code:
18:41:59.0754 1360  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:41:59.0877 1360  ============================================================
18:41:59.0877 1360  Current date / time: 2012/11/04 18:41:59.0877
18:41:59.0877 1360  SystemInfo:
18:41:59.0877 1360 
18:41:59.0877 1360  OS Version: 6.1.7601 ServicePack: 1.0
18:41:59.0877 1360  Product type: Workstation
18:41:59.0877 1360  ComputerName: NOEL
18:41:59.0879 1360  UserName: DragoTheOwner
18:41:59.0879 1360  Windows directory: C:\Windows
18:41:59.0879 1360  System windows directory: C:\Windows
18:41:59.0879 1360  Running under WOW64
18:41:59.0879 1360  Processor architecture: Intel x64
18:41:59.0879 1360  Number of processors: 2
18:41:59.0879 1360  Page size: 0x1000
18:41:59.0879 1360  Boot type: Normal boot
18:41:59.0879 1360  ============================================================
18:42:00.0885 1360  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:42:00.0891 1360  ============================================================
18:42:00.0891 1360  \Device\Harddisk0\DR0:
18:42:00.0891 1360  MBR partitions:
18:42:00.0891 1360  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:42:00.0891 1360  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
18:42:00.0891 1360  ============================================================
18:42:00.0919 1360  C: <-> \Device\Harddisk0\DR0\Partition2
18:42:00.0919 1360  ============================================================
18:42:00.0919 1360  Initialize success
18:42:00.0920 1360  ============================================================
18:42:25.0966 4968  ============================================================
18:42:25.0966 4968  Scan started
18:42:25.0966 4968  Mode: Manual; SigCheck; TDLFS;
18:42:25.0966 4968  ============================================================
18:42:26.0582 4968  ================ Scan system memory ========================
18:42:26.0582 4968  System memory - ok
18:42:26.0583 4968  ================ Scan services =============================
18:42:26.0702 4968  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:42:26.0791 4968  1394ohci - ok
18:42:26.0817 4968  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:42:26.0832 4968  ACPI - ok
18:42:26.0844 4968  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
18:42:26.0907 4968  AcpiPmi - ok
18:42:26.0977 4968  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:42:26.0986 4968  AdobeARMservice - ok
18:42:27.0081 4968  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:42:27.0091 4968  AdobeFlashPlayerUpdateSvc - ok
18:42:27.0126 4968  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
18:42:27.0144 4968  adp94xx - ok
18:42:27.0161 4968  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
18:42:27.0176 4968  adpahci - ok
18:42:27.0189 4968  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
18:42:27.0201 4968  adpu320 - ok
18:42:27.0280 4968  [ 96D6CDD0B32846E8CFBE592F4F32E608 ] AdvancedSystemCareService5 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
18:42:27.0316 4968  AdvancedSystemCareService5 - ok
18:42:27.0357 4968  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
18:42:27.0501 4968  AeLookupSvc - ok
18:42:27.0554 4968  [ 0D0E5281784C2C526BA43C2ECD374288 ] Afc            C:\Windows\syswow64\drivers\Afc.sys
18:42:27.0566 4968  Afc - ok
18:42:27.0600 4968  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
18:42:27.0647 4968  AFD - ok
18:42:27.0683 4968  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:42:27.0694 4968  agp440 - ok
18:42:27.0816 4968  [ E1B1F152C4E82C85E846D25C9E6E6CC8 ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll
18:42:27.0817 4968  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll. md5: E1B1F152C4E82C85E846D25C9E6E6CC8
18:42:27.0826 4968  Akamai ( HiddenFile.Multi.Generic ) - warning
18:42:27.0826 4968  Akamai - detected HiddenFile.Multi.Generic (1)
18:42:27.0837 4968  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
18:42:27.0892 4968  ALG - ok
18:42:27.0910 4968  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:42:27.0919 4968  aliide - ok
18:42:27.0933 4968  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:42:27.0943 4968  amdide - ok
18:42:27.0972 4968  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
18:42:28.0012 4968  AmdK8 - ok
18:42:28.0017 4968  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:42:28.0028 4968  AmdPPM - ok
18:42:28.0067 4968  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
18:42:28.0078 4968  amdsata - ok
18:42:28.0093 4968  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:42:28.0106 4968  amdsbs - ok
18:42:28.0123 4968  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
18:42:28.0133 4968  amdxata - ok
18:42:28.0168 4968  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:42:28.0177 4968  AntiVirSchedulerService - ok
18:42:28.0203 4968  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:42:28.0212 4968  AntiVirService - ok
18:42:28.0250 4968  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
18:42:28.0356 4968  AppID - ok
18:42:28.0391 4968  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:42:28.0430 4968  AppIDSvc - ok
18:42:28.0459 4968  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo        C:\Windows\System32\appinfo.dll
18:42:28.0508 4968  Appinfo - ok
18:42:28.0563 4968  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:42:28.0572 4968  Apple Mobile Device - ok
18:42:28.0590 4968  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\DRIVERS\arc.sys
18:42:28.0602 4968  arc - ok
18:42:28.0615 4968  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:42:28.0626 4968  arcsas - ok
18:42:28.0717 4968  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:42:28.0727 4968  aspnet_state - ok
18:42:28.0752 4968  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:42:28.0794 4968  AsyncMac - ok
18:42:28.0820 4968  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
18:42:28.0829 4968  atapi - ok
18:42:28.0860 4968  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:42:28.0920 4968  AudioEndpointBuilder - ok
18:42:28.0930 4968  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:42:28.0964 4968  AudioSrv - ok
18:42:28.0984 4968  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:42:28.0995 4968  avgntflt - ok
18:42:29.0014 4968  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:42:29.0025 4968  avipbb - ok
18:42:29.0030 4968  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:42:29.0040 4968  avkmgr - ok
18:42:29.0074 4968  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:42:29.0140 4968  AxInstSV - ok
18:42:29.0179 4968  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
18:42:29.0226 4968  b06bdrv - ok
18:42:29.0261 4968  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:42:29.0301 4968  b57nd60a - ok
18:42:29.0331 4968  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:42:29.0359 4968  BDESVC - ok
18:42:29.0366 4968  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:42:29.0416 4968  Beep - ok
18:42:29.0459 4968  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
18:42:29.0496 4968  BFE - ok
18:42:29.0536 4968  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:42:29.0590 4968  BITS - ok
18:42:29.0612 4968  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:42:29.0637 4968  blbdrive - ok
18:42:29.0701 4968  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:42:29.0715 4968  Bonjour Service - ok
18:42:29.0750 4968  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:42:29.0774 4968  bowser - ok
18:42:29.0791 4968  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:42:29.0804 4968  BrFiltLo - ok
18:42:29.0819 4968  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:42:29.0831 4968  BrFiltUp - ok
18:42:29.0869 4968  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
18:42:29.0890 4968  Browser - ok
18:42:29.0918 4968  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
18:42:29.0966 4968  Brserid - ok
18:42:29.0992 4968  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:42:30.0021 4968  BrSerWdm - ok
18:42:30.0058 4968  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:42:30.0083 4968  BrUsbMdm - ok
18:42:30.0099 4968  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:42:30.0109 4968  BrUsbSer - ok
18:42:30.0119 4968  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:42:30.0143 4968  BTHMODEM - ok
18:42:30.0182 4968  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
18:42:30.0228 4968  bthserv - ok
18:42:30.0255 4968  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:42:30.0285 4968  cdfs - ok
18:42:30.0318 4968  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\drivers\cdrom.sys
18:42:30.0351 4968  cdrom - ok
18:42:30.0379 4968  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
18:42:30.0426 4968  CertPropSvc - ok
18:42:30.0455 4968  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:42:30.0482 4968  circlass - ok
18:42:30.0520 4968  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:42:30.0535 4968  CLFS - ok
18:42:30.0583 4968  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:42:30.0593 4968  clr_optimization_v2.0.50727_32 - ok
18:42:30.0636 4968  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:42:30.0673 4968  clr_optimization_v2.0.50727_64 - ok
18:42:30.0786 4968  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:42:30.0812 4968  clr_optimization_v4.0.30319_32 - ok
18:42:30.0824 4968  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:42:30.0834 4968  clr_optimization_v4.0.30319_64 - ok
18:42:30.0853 4968  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:42:30.0863 4968  CmBatt - ok
18:42:30.0881 4968  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:42:30.0891 4968  cmdide - ok
18:42:30.0920 4968  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG            C:\Windows\system32\Drivers\cng.sys
18:42:30.0972 4968  CNG - ok
18:42:30.0991 4968  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:42:31.0000 4968  Compbatt - ok
18:42:31.0019 4968  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:42:31.0042 4968  CompositeBus - ok
18:42:31.0047 4968  COMSysApp - ok
18:42:31.0073 4968  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
18:42:31.0082 4968  crcdisk - ok
18:42:31.0115 4968  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:42:31.0143 4968  CryptSvc - ok
18:42:31.0185 4968  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:42:31.0234 4968  DcomLaunch - ok
18:42:31.0268 4968  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
18:42:31.0317 4968  defragsvc - ok
18:42:31.0343 4968  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:42:31.0395 4968  DfsC - ok
18:42:31.0429 4968  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:42:31.0480 4968  Dhcp - ok
18:42:31.0495 4968  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:42:31.0538 4968  discache - ok
18:42:31.0562 4968  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:42:31.0573 4968  Disk - ok
18:42:31.0615 4968  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:42:31.0636 4968  Dnscache - ok
18:42:31.0670 4968  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
18:42:31.0701 4968  dot3svc - ok
18:42:31.0737 4968  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
18:42:31.0779 4968  DPS - ok
18:42:31.0806 4968  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
18:42:31.0835 4968  drmkaud - ok
18:42:31.0838 4968  dump_wmimmc - ok
18:42:31.0884 4968  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
18:42:31.0910 4968  DXGKrnl - ok
18:42:31.0914 4968  EagleX64 - ok
18:42:31.0941 4968  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
18:42:31.0972 4968  EapHost - ok
18:42:32.0049 4968  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
18:42:32.0146 4968  ebdrv - ok
18:42:32.0180 4968  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
18:42:32.0233 4968  EFS - ok
18:42:32.0295 4968  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
18:42:32.0359 4968  ehRecvr - ok
18:42:32.0393 4968  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
18:42:32.0415 4968  ehSched - ok
18:42:32.0448 4968  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
18:42:32.0466 4968  elxstor - ok
18:42:32.0480 4968  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:42:32.0509 4968  ErrDev - ok
18:42:32.0548 4968  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
18:42:32.0603 4968  EventSystem - ok
18:42:32.0621 4968  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
18:42:32.0668 4968  exfat - ok
18:42:32.0694 4968  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
18:42:32.0738 4968  fastfat - ok
18:42:32.0778 4968  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
18:42:32.0835 4968  Fax - ok
18:42:32.0857 4968  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
18:42:32.0867 4968  fdc - ok
18:42:32.0889 4968  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
18:42:32.0936 4968  fdPHost - ok
18:42:32.0974 4968  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:42:33.0004 4968  FDResPub - ok
18:42:33.0009 4968  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:42:33.0020 4968  FileInfo - ok
18:42:33.0040 4968  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
18:42:33.0069 4968  Filetrace - ok
18:42:33.0085 4968  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:42:33.0095 4968  flpydisk - ok
18:42:33.0122 4968  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:42:33.0136 4968  FltMgr - ok
18:42:33.0177 4968  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache      C:\Windows\system32\FntCache.dll
18:42:33.0211 4968  FontCache - ok
18:42:33.0260 4968  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:42:33.0269 4968  FontCache3.0.0.0 - ok
18:42:33.0289 4968  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
18:42:33.0299 4968  FsDepends - ok
18:42:33.0336 4968  [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr        C:\Windows\system32\DRIVERS\fssfltr.sys
18:42:33.0349 4968  fssfltr - ok
18:42:33.0457 4968  [ 4E2E6FEDFE4A3445DBD0C623A242362D ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:42:33.0494 4968  fsssvc - ok
18:42:33.0522 4968  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:42:33.0531 4968  Fs_Rec - ok
18:42:33.0562 4968  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:42:33.0578 4968  fvevol - ok
18:42:33.0603 4968  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:42:33.0613 4968  gagp30kx - ok
18:42:33.0646 4968  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:42:33.0654 4968  GEARAspiWDM - ok
18:42:33.0694 4968  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
18:42:33.0750 4968  gpsvc - ok
18:42:33.0806 4968  [ F02A533F517EB38333CB12A9E8963773 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:42:33.0815 4968  gupdate - ok
18:42:33.0819 4968  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:42:33.0827 4968  gupdatem - ok
18:42:33.0855 4968  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi        C:\Windows\system32\DRIVERS\hamachi.sys
18:42:33.0864 4968  hamachi - ok
18:42:33.0875 4968  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:42:33.0914 4968  hcw85cir - ok
18:42:33.0936 4968  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:42:33.0970 4968  HdAudAddService - ok
18:42:34.0004 4968  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:42:34.0037 4968  HDAudBus - ok
18:42:34.0054 4968  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
18:42:34.0064 4968  HidBatt - ok
18:42:34.0087 4968  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:42:34.0100 4968  HidBth - ok
18:42:34.0118 4968  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
18:42:34.0143 4968  HidIr - ok
18:42:34.0169 4968  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
18:42:34.0199 4968  hidserv - ok
18:42:34.0217 4968  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:42:34.0227 4968  HidUsb - ok
18:42:34.0252 4968  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:42:34.0296 4968  hkmsvc - ok
18:42:34.0332 4968  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:42:34.0359 4968  HomeGroupListener - ok
18:42:34.0384 4968  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:42:34.0408 4968  HomeGroupProvider - ok
18:42:34.0424 4968  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:42:34.0435 4968  HpSAMD - ok
18:42:34.0485 4968  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:42:34.0540 4968  HTTP - ok
18:42:34.0598 4968  [ CDAA8E257BB625B2387219E605DDE37D ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
18:42:34.0603 4968  hwdatacard ( UnsignedFile.Multi.Generic ) - warning
18:42:34.0603 4968  hwdatacard - detected UnsignedFile.Multi.Generic (1)
18:42:34.0630 4968  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:42:34.0639 4968  hwpolicy - ok
18:42:34.0658 4968  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:42:34.0670 4968  i8042prt - ok
18:42:34.0693 4968  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
18:42:34.0710 4968  iaStorV - ok
18:42:34.0783 4968  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:42:34.0798 4968  IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:42:34.0798 4968  IDriverT - detected UnsignedFile.Multi.Generic (1)
18:42:34.0840 4968  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:42:34.0863 4968  idsvc - ok
18:42:34.0902 4968  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
18:42:34.0912 4968  iirsp - ok
18:42:34.0943 4968  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:42:34.0997 4968  IKEEXT - ok
18:42:35.0024 4968  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:42:35.0037 4968  intelide - ok
18:42:35.0050 4968  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:42:35.0075 4968  intelppm - ok
18:42:35.0116 4968  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
18:42:35.0165 4968  IPBusEnum - ok
18:42:35.0226 4968  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:42:35.0269 4968  IpFilterDriver - ok
18:42:35.0309 4968  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:42:35.0358 4968  iphlpsvc - ok
18:42:35.0394 4968  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
18:42:35.0405 4968  IPMIDRV - ok
18:42:35.0428 4968  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
18:42:35.0471 4968  IPNAT - ok
18:42:35.0515 4968  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:42:35.0540 4968  iPod Service - ok
18:42:35.0556 4968  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:42:35.0588 4968  IRENUM - ok
18:42:35.0611 4968  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:42:35.0620 4968  isapnp - ok
18:42:35.0653 4968  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:42:35.0667 4968  iScsiPrt - ok
18:42:35.0691 4968  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:42:35.0700 4968  kbdclass - ok
18:42:35.0721 4968  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:42:35.0731 4968  kbdhid - ok
18:42:35.0745 4968  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:42:35.0754 4968  KeyIso - ok
18:42:35.0786 4968  [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER      C:\Windows\system32\DRIVERS\KMWDFILTER.sys
18:42:35.0794 4968  KMWDFILTER - ok
18:42:35.0819 4968  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:42:35.0829 4968  KSecDD - ok
18:42:35.0836 4968  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
18:42:35.0847 4968  KSecPkg - ok
18:42:35.0862 4968  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
18:42:35.0909 4968  ksthunk - ok
18:42:35.0957 4968  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
18:42:36.0004 4968  KtmRm - ok
18:42:36.0043 4968  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:42:36.0088 4968  LanmanServer - ok
18:42:36.0118 4968  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:42:36.0161 4968  LanmanWorkstation - ok
18:42:36.0190 4968  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:42:36.0234 4968  lltdio - ok
18:42:36.0278 4968  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
18:42:36.0321 4968  lltdsvc - ok
18:42:36.0345 4968  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
18:42:36.0375 4968  lmhosts - ok
18:42:36.0398 4968  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:42:36.0410 4968  LSI_FC - ok
18:42:36.0427 4968  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
18:42:36.0438 4968  LSI_SAS - ok
18:42:36.0455 4968  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:42:36.0466 4968  LSI_SAS2 - ok
18:42:36.0488 4968  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:42:36.0499 4968  LSI_SCSI - ok
18:42:36.0519 4968  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
18:42:36.0564 4968  luafv - ok
18:42:36.0607 4968  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
18:42:36.0640 4968  Mcx2Svc - ok
18:42:36.0659 4968  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
18:42:36.0670 4968  megasas - ok
18:42:36.0685 4968  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:42:36.0700 4968  MegaSR - ok
18:42:36.0736 4968  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
18:42:36.0783 4968  MMCSS - ok
18:42:36.0809 4968  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
18:42:36.0855 4968  Modem - ok
18:42:36.0881 4968  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
18:42:36.0909 4968  monitor - ok
18:42:36.0944 4968  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:42:36.0954 4968  mouclass - ok
18:42:36.0979 4968  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:42:36.0990 4968  mouhid - ok
18:42:37.0011 4968  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:42:37.0022 4968  mountmgr - ok
18:42:37.0056 4968  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:42:37.0066 4968  MozillaMaintenance - ok
18:42:37.0086 4968  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:42:37.0098 4968  mpio - ok
18:42:37.0115 4968  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:42:37.0145 4968  mpsdrv - ok
18:42:37.0189 4968  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:42:37.0240 4968  MpsSvc - ok
18:42:37.0260 4968  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:42:37.0286 4968  MRxDAV - ok
18:42:37.0311 4968  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:42:37.0359 4968  mrxsmb - ok
18:42:37.0390 4968  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:42:37.0404 4968  mrxsmb10 - ok
18:42:37.0409 4968  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:42:37.0445 4968  mrxsmb20 - ok
18:42:37.0481 4968  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:42:37.0491 4968  msahci - ok
18:42:37.0522 4968  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
18:42:37.0533 4968  msdsm - ok
18:42:37.0553 4968  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
18:42:37.0576 4968  MSDTC - ok
18:42:37.0586 4968  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:42:37.0614 4968  Msfs - ok
18:42:37.0632 4968  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
18:42:37.0661 4968  mshidkmdf - ok
18:42:37.0665 4968  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:42:37.0675 4968  msisadrv - ok
18:42:37.0712 4968  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
18:42:37.0762 4968  MSiSCSI - ok
18:42:37.0786 4968  msiserver - ok
18:42:37.0806 4968  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
18:42:37.0835 4968  MSKSSRV - ok
18:42:37.0855 4968  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:42:37.0898 4968  MSPCLOCK - ok
18:42:37.0919 4968  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
18:42:37.0961 4968  MSPQM - ok
18:42:37.0995 4968  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
18:42:38.0011 4968  MsRPC - ok
18:42:38.0023 4968  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:42:38.0032 4968  mssmbios - ok
18:42:38.0051 4968  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
18:42:38.0091 4968  MSTEE - ok
18:42:38.0107 4968  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:42:38.0117 4968  MTConfig - ok
18:42:38.0134 4968  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
18:42:38.0145 4968  Mup - ok
18:42:38.0173 4968  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:42:38.0226 4968  napagent - ok
18:42:38.0267 4968  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
18:42:38.0307 4968  NativeWifiP - ok
18:42:38.0351 4968  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:42:38.0377 4968  NDIS - ok
18:42:38.0393 4968  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
18:42:38.0442 4968  NdisCap - ok
18:42:38.0463 4968  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:42:38.0492 4968  NdisTapi - ok
18:42:38.0519 4968  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
18:42:38.0552 4968  Ndisuio - ok
18:42:38.0567 4968  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
18:42:38.0610 4968  NdisWan - ok
18:42:38.0636 4968  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
18:42:38.0664 4968  NDProxy - ok
18:42:38.0677 4968  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
18:42:38.0723 4968  NetBIOS - ok
18:42:38.0751 4968  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
18:42:38.0788 4968  NetBT - ok
18:42:38.0805 4968  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:42:38.0815 4968  Netlogon - ok
18:42:38.0838 4968  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:42:38.0886 4968  Netman - ok
18:42:38.0913 4968  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:42:38.0947 4968  NetMsmqActivator - ok
18:42:38.0951 4968  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:42:38.0960 4968  NetPipeActivator - ok
18:42:38.0978 4968  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:42:39.0030 4968  netprofm - ok
18:42:39.0034 4968  netr28ux - ok
18:42:39.0076 4968  [ 118E9136B5B48DD5B2CC81F78431A69E ] netr7364        C:\Windows\system32\DRIVERS\netr7364.sys
18:42:39.0132 4968  netr7364 - ok
18:42:39.0137 4968  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:42:39.0146 4968  NetTcpActivator - ok
18:42:39.0150 4968  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:42:39.0160 4968  NetTcpPortSharing - ok
18:42:39.0183 4968  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
18:42:39.0193 4968  nfrd960 - ok
18:42:39.0226 4968  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:42:39.0270 4968  NlaSvc - ok
18:42:39.0275 4968  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:42:39.0305 4968  Npfs - ok
18:42:39.0309 4968  npggsvc - ok
18:42:39.0314 4968  NPPTNT2 - ok
18:42:39.0341 4968  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
18:42:39.0387 4968  nsi - ok
18:42:39.0392 4968  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:42:39.0429 4968  nsiproxy - ok
18:42:39.0480 4968  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:42:39.0520 4968  Ntfs - ok
18:42:39.0543 4968  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:42:39.0587 4968  Null - ok
18:42:39.0633 4968  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
18:42:39.0661 4968  NVENETFD - ok
18:42:39.0697 4968  [ 5F1FF880ADACF7E0FF7C27BA188B05DA ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
18:42:39.0709 4968  NVHDA - ok
18:42:39.0947 4968  [ 39DEFE644321F9A4B7F527664F628DEA ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:42:40.0294 4968  nvlddmkm - ok
18:42:40.0328 4968  [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET          C:\Windows\system32\DRIVERS\nvmf6264.sys
18:42:40.0342 4968  NVNET - ok
18:42:40.0380 4968  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:42:40.0391 4968  nvraid - ok
18:42:40.0431 4968  [ F6C6D8298DD85507F680437EC2E6899C ] nvsmu          C:\Windows\system32\DRIVERS\nvsmu.sys
18:42:40.0439 4968  nvsmu - ok
18:42:40.0459 4968  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:42:40.0471 4968  nvstor - ok
18:42:40.0518 4968  [ A8BD627C6B78745CE8D591E9636E533F ] nvsvc          C:\Windows\system32\nvvsvc.exe
18:42:40.0542 4968  nvsvc - ok
18:42:40.0608 4968  [ ABF9218BC7B87ED93C0B5DEAD9E2F7E9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:42:40.0638 4968  nvUpdatusService - ok
18:42:40.0656 4968  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:42:40.0668 4968  nv_agp - ok
18:42:40.0695 4968  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:42:40.0719 4968  ohci1394 - ok
18:42:40.0753 4968  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:42:40.0802 4968  p2pimsvc - ok
18:42:40.0844 4968  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:42:40.0869 4968  p2psvc - ok
18:42:40.0916 4968  [ 3A6DCEB1848470320E4A3C12D7A35B1C ] PAC207          C:\Windows\system32\DRIVERS\PFC027.SYS
18:42:40.0966 4968  PAC207 - ok
18:42:40.0994 4968  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
18:42:41.0005 4968  Parport - ok
18:42:41.0023 4968  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
18:42:41.0033 4968  partmgr - ok
18:42:41.0048 4968  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:42:41.0079 4968  PcaSvc - ok
18:42:41.0086 4968  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
18:42:41.0098 4968  pci - ok
18:42:41.0118 4968  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:42:41.0128 4968  pciide - ok
18:42:41.0142 4968  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:42:41.0155 4968  pcmcia - ok
18:42:41.0160 4968  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
18:42:41.0171 4968  pcw - ok
18:42:41.0203 4968  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:42:41.0260 4968  PEAUTH - ok
18:42:41.0349 4968  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:42:41.0376 4968  PerfHost - ok
18:42:41.0435 4968  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
18:42:41.0500 4968  pla - ok
18:42:41.0543 4968  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:42:41.0563 4968  PlugPlay - ok
18:42:41.0567 4968  PnkBstrA - ok
18:42:41.0607 4968  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
18:42:41.0632 4968  PNRPAutoReg - ok
18:42:41.0665 4968  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
18:42:41.0679 4968  PNRPsvc - ok
18:42:41.0701 4968  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
18:42:41.0759 4968  PolicyAgent - ok
18:42:41.0796 4968  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
18:42:41.0847 4968  Power - ok
18:42:41.0876 4968  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:42:41.0905 4968  PptpMiniport - ok
18:42:41.0935 4968  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\DRIVERS\processr.sys
18:42:41.0957 4968  Processor - ok
18:42:41.0998 4968  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
18:42:42.0051 4968  ProfSvc - ok
18:42:42.0070 4968  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:42:42.0079 4968  ProtectedStorage - ok
18:42:42.0112 4968  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:42:42.0163 4968  Psched - ok
18:42:42.0202 4968  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:42:42.0252 4968  ql2300 - ok
18:42:42.0268 4968  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:42:42.0279 4968  ql40xx - ok
18:42:42.0313 4968  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
18:42:42.0331 4968  QWAVE - ok
18:42:42.0343 4968  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:42:42.0374 4968  QWAVEdrv - ok
18:42:42.0394 4968  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:42:42.0432 4968  RasAcd - ok
18:42:42.0458 4968  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
18:42:42.0498 4968  RasAgileVpn - ok
18:42:42.0517 4968  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
18:42:42.0551 4968  RasAuto - ok
18:42:42.0590 4968  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
18:42:42.0633 4968  Rasl2tp - ok
18:42:42.0669 4968  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:42:42.0701 4968  RasMan - ok
18:42:42.0714 4968  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:42:42.0744 4968  RasPppoe - ok
18:42:42.0749 4968  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
18:42:42.0784 4968  RasSstp - ok
18:42:42.0799 4968  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
18:42:42.0848 4968  rdbss - ok
18:42:42.0872 4968  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:42:42.0885 4968  rdpbus - ok
18:42:42.0905 4968  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:42:42.0934 4968  RDPCDD - ok
18:42:42.0940 4968  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:42:42.0981 4968  RDPENCDD - ok
18:42:42.0988 4968  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:42:43.0017 4968  RDPREFMP - ok
18:42:43.0053 4968  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
18:42:43.0101 4968  RDPWD - ok
18:42:43.0128 4968  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:42:43.0142 4968  rdyboost - ok
18:42:43.0181 4968  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:42:43.0228 4968  RemoteAccess - ok
18:42:43.0260 4968  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:42:43.0305 4968  RemoteRegistry - ok
18:42:43.0334 4968  [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
18:42:43.0380 4968  RMCAST - ok
18:42:43.0410 4968  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:42:43.0452 4968  RpcEptMapper - ok
18:42:43.0480 4968  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:42:43.0509 4968  RpcLocator - ok
18:42:43.0547 4968  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
18:42:43.0579 4968  RpcSs - ok
18:42:43.0596 4968  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:42:43.0641 4968  rspndr - ok
18:42:43.0666 4968  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
18:42:43.0676 4968  SamSs - ok
18:42:43.0695 4968  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:42:43.0706 4968  sbp2port - ok
18:42:43.0710 4968  SBSDWSCService - ok
18:42:43.0727 4968  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:42:43.0770 4968  SCardSvr - ok
18:42:43.0810 4968  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:42:43.0848 4968  scfilter - ok
18:42:43.0881 4968  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:42:43.0947 4968  Schedule - ok
18:42:43.0977 4968  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
18:42:44.0004 4968  SCPolicySvc - ok
18:42:44.0042 4968  [ F6BA09AF1104B4BF6C83857EF5B6BFBB ] ScrambyServer  C:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe
18:42:44.0072 4968  ScrambyServer ( UnsignedFile.Multi.Generic ) - warning
18:42:44.0072 4968  ScrambyServer - detected UnsignedFile.Multi.Generic (1)
18:42:44.0100 4968  [ 3C9A97573D3B8A8450F92636D9846A74 ] scramby_out    C:\Windows\system32\drivers\scramby_out.sys
18:42:44.0109 4968  scramby_out - ok
18:42:44.0137 4968  [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
18:42:44.0146 4968  ScreamBAudioSvc - ok
18:42:44.0165 4968  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:42:44.0216 4968  SDRSVC - ok
18:42:44.0238 4968  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:42:44.0286 4968  secdrv - ok
18:42:44.0330 4968  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:42:44.0378 4968  seclogon - ok
18:42:44.0409 4968  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:42:44.0453 4968  SENS - ok
18:42:44.0473 4968  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:42:44.0523 4968  SensrSvc - ok
18:42:44.0533 4968  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
18:42:44.0544 4968  Serenum - ok
18:42:44.0561 4968  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:42:44.0594 4968  Serial - ok
18:42:44.0613 4968  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:42:44.0623 4968  sermouse - ok
18:42:44.0657 4968  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:42:44.0703 4968  SessionEnv - ok
18:42:44.0741 4968  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
18:42:44.0752 4968  sffdisk - ok
18:42:44.0774 4968  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:42:44.0796 4968  sffp_mmc - ok
18:42:44.0812 4968  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
18:42:44.0847 4968  sffp_sd - ok
18:42:44.0872 4968  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
18:42:44.0898 4968  sfloppy - ok
18:42:44.0950 4968  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:42:44.0984 4968  SharedAccess - ok
18:42:45.0018 4968  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:42:45.0050 4968  ShellHWDetection - ok
18:42:45.0066 4968  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:42:45.0076 4968  SiSRaid2 - ok
18:42:45.0090 4968  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:42:45.0101 4968  SiSRaid4 - ok
18:42:45.0198 4968  [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:42:45.0279 4968  Skype C2C Service - ok
18:42:45.0317 4968  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
18:42:45.0326 4968  SkypeUpdate - ok
18:42:45.0339 4968  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
18:42:45.0380 4968  Smb - ok
18:42:45.0422 4968  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:42:45.0450 4968  SNMPTRAP - ok
18:42:45.0478 4968  [ 7455ED832A33FEF453407F5411C3342D ] speedfan        C:\Windows\syswow64\speedfan.sys
18:42:45.0487 4968  speedfan - ok
18:42:45.0504 4968  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
18:42:45.0513 4968  spldr - ok
18:42:45.0549 4968  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
18:42:45.0579 4968  Spooler - ok
18:42:45.0656 4968  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:42:45.0770 4968  sppsvc - ok
18:42:45.0789 4968  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
18:42:45.0840 4968  sppuinotify - ok
18:42:45.0871 4968  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
18:42:45.0919 4968  srv - ok
18:42:45.0928 4968  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:42:45.0961 4968  srv2 - ok
18:42:45.0967 4968  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:42:45.0995 4968  srvnet - ok
18:42:46.0013 4968  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
18:42:46.0065 4968  SSDPSRV - ok
18:42:46.0085 4968  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
18:42:46.0121 4968  SstpSvc - ok
18:42:46.0162 4968  Steam Client Service - ok
18:42:46.0213 4968  [ 2C25A72B53B28034BE260D81C4EA4955 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:42:46.0228 4968  Stereo Service - ok
18:42:46.0255 4968  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:42:46.0264 4968  stexstor - ok
18:42:46.0312 4968  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:42:46.0346 4968  stisvc - ok
18:42:46.0377 4968  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:42:46.0387 4968  swenum - ok
18:42:46.0410 4968  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
18:42:46.0447 4968  swprv - ok
18:42:46.0505 4968  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
18:42:46.0580 4968  SysMain - ok
18:42:46.0616 4968  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:42:46.0633 4968  TabletInputService - ok
18:42:46.0670 4968  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
18:42:46.0728 4968  TapiSrv - ok
18:42:46.0757 4968  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
18:42:46.0799 4968  TBS - ok
18:42:46.0857 4968  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
18:42:46.0913 4968  Tcpip - ok
18:42:46.0937 4968  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:42:46.0972 4968  TCPIP6 - ok
18:42:47.0001 4968  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:42:47.0051 4968  tcpipreg - ok
18:42:47.0084 4968  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:42:47.0127 4968  TDPIPE - ok
18:42:47.0176 4968  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
18:42:47.0215 4968  TDTCP - ok
18:42:47.0239 4968  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
18:42:47.0283 4968  tdx - ok
18:42:47.0368 4968  [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7    C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
18:42:47.0442 4968  TeamViewer7 - ok
18:42:47.0471 4968  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:42:47.0481 4968  TermDD - ok
18:42:47.0507 4968  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
18:42:47.0545 4968  TermService - ok
18:42:47.0573 4968  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:42:47.0603 4968  Themes - ok
18:42:47.0633 4968  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
18:42:47.0662 4968  THREADORDER - ok
18:42:47.0680 4968  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:42:47.0727 4968  TrkWks - ok
18:42:47.0782 4968  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:42:47.0825 4968  TrustedInstaller - ok
18:42:47.0862 4968  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:42:47.0902 4968  tssecsrv - ok
18:42:47.0924 4968  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:42:47.0947 4968  TsUsbFlt - ok
18:42:48.0012 4968  [ 811A229718C85356BC81EB20F35EB7F6 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
18:42:48.0069 4968  TuneUp.UtilitiesSvc - ok
18:42:48.0097 4968  [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
18:42:48.0131 4968  TuneUpUtilitiesDrv - ok
18:42:48.0217 4968  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:42:48.0294 4968  tunnel - ok
18:42:48.0331 4968  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:42:48.0342 4968  uagp35 - ok
18:42:48.0383 4968  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:42:48.0415 4968  udfs - ok
18:42:48.0445 4968  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
18:42:48.0477 4968  UI0Detect - ok
18:42:48.0497 4968  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:42:48.0507 4968  uliagpkx - ok
18:42:48.0538 4968  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\drivers\umbus.sys
18:42:48.0567 4968  umbus - ok
18:42:48.0590 4968  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:42:48.0610 4968  UmPass - ok
18:42:48.0634 4968  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:42:48.0670 4968  upnphost - ok
18:42:48.0674 4968  upperdev - ok
18:42:48.0702 4968  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
18:42:48.0713 4968  USBAAPL64 - ok
18:42:48.0755 4968  [ 5FCC71487888589A9244AF54CFEFAB29 ] usbbus          C:\Windows\system32\DRIVERS\lgx64bus.sys
18:42:48.0792 4968  usbbus - ok
18:42:48.0811 4968  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
18:42:48.0861 4968  usbccgp - ok
18:42:48.0896 4968  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:42:48.0909 4968  usbcir - ok
18:42:48.0940 4968  [ 3FB6E423F7567C92C32EA786F5FD0C69 ] UsbDiag        C:\Windows\system32\DRIVERS\lgx64diag.sys
18:42:48.0959 4968  UsbDiag - ok
18:42:48.0980 4968  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
18:42:49.0003 4968  usbehci - ok
18:42:49.0035 4968  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:42:49.0065 4968  usbhub - ok
18:42:49.0092 4968  [ 78D551F5B93488B4666F5FC8DD4815F3 ] USBModem        C:\Windows\system32\DRIVERS\lgx64modem.sys
18:42:49.0100 4968  USBModem - ok
18:42:49.0120 4968  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
18:42:49.0147 4968  usbohci - ok
18:42:49.0184 4968  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:42:49.0216 4968  usbprint - ok
18:42:49.0256 4968  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
18:42:49.0269 4968  usbscan - ok
18:42:49.0280 4968  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:42:49.0308 4968  USBSTOR - ok
18:42:49.0329 4968  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
18:42:49.0350 4968  usbuhci - ok
18:42:49.0381 4968  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
18:42:49.0425 4968  UxSms - ok
18:42:49.0450 4968  [ 5BF180F7F7C2F68ED6D5777840270BCE ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
18:42:49.0458 4968  UxTuneUp - ok
18:42:49.0474 4968  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:42:49.0485 4968  VaultSvc - ok
18:42:49.0497 4968  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:42:49.0507 4968  vdrvroot - ok
18:42:49.0543 4968  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
18:42:49.0595 4968  vds - ok
18:42:49.0628 4968  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
18:42:49.0640 4968  vga - ok
18:42:49.0660 4968  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
18:42:49.0708 4968  VgaSave - ok
18:42:49.0756 4968  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
18:42:49.0769 4968  vhdmp - ok
18:42:49.0801 4968  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:42:49.0811 4968  viaide - ok
18:42:49.0816 4968  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:42:49.0826 4968  volmgr - ok
18:42:49.0846 4968  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
18:42:49.0862 4968  volmgrx - ok
18:42:49.0871 4968  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
18:42:49.0886 4968  volsnap - ok
18:42:49.0905 4968  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
18:42:49.0917 4968  vsmraid - ok
18:42:49.0962 4968  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
18:42:50.0042 4968  VSS - ok
18:42:50.0062 4968  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:42:50.0075 4968  vwifibus - ok
18:42:50.0093 4968  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:42:50.0118 4968  vwififlt - ok
18:42:50.0139 4968  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
18:42:50.0153 4968  vwifimp - ok
18:42:50.0186 4968  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
18:42:50.0220 4968  W32Time - ok
18:42:50.0239 4968  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:42:50.0268 4968  WacomPen - ok
18:42:50.0273 4968  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:42:50.0308 4968  WANARP - ok
18:42:50.0312 4968  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:42:50.0342 4968  Wanarpv6 - ok
18:42:50.0393 4968  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:42:50.0435 4968  wbengine - ok
18:42:50.0459 4968  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:42:50.0477 4968  WbioSrvc - ok
18:42:50.0496 4968  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
18:42:50.0531 4968  wcncsvc - ok
18:42:50.0550 4968  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:42:50.0573 4968  WcsPlugInService - ok
18:42:50.0590 4968  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:42:50.0599 4968  Wd - ok
18:42:50.0630 4968  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:42:50.0651 4968  Wdf01000 - ok
18:42:50.0663 4968  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:42:50.0734 4968  WdiServiceHost - ok
18:42:50.0738 4968  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
18:42:50.0753 4968  WdiSystemHost - ok
18:42:50.0784 4968  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
18:42:50.0821 4968  WebClient - ok
18:42:50.0839 4968  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:42:50.0878 4968  Wecsvc - ok
18:42:50.0898 4968  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
18:42:50.0929 4968  wercplsupport - ok
18:42:50.0945 4968  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:42:50.0992 4968  WerSvc - ok
18:42:51.0015 4968  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:42:51.0044 4968  WfpLwf - ok
18:42:51.0067 4968  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:42:51.0078 4968  WIMMount - ok
18:42:51.0100 4968  WinDefend - ok
18:42:51.0109 4968  WinHttpAutoProxySvc - ok
18:42:51.0165 4968  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
18:42:51.0197 4968  Winmgmt - ok
18:42:51.0240 4968  [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0  C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
18:42:51.0251 4968  WinRing0_1_2_0 - ok
18:42:51.0314 4968  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
18:42:51.0381 4968  WinRM - ok
18:42:51.0425 4968  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:42:51.0450 4968  WinUsb - ok
18:42:51.0488 4968  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
18:42:51.0536 4968  Wlansvc - ok
18:42:51.0646 4968  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:42:51.0706 4968  wlidsvc - ok
18:42:51.0747 4968  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
18:42:51.0758 4968  WmiAcpi - ok
18:42:51.0786 4968  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:42:51.0813 4968  wmiApSrv - ok
18:42:51.0833 4968  WMPNetworkSvc - ok
18:42:51.0848 4968  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:42:51.0874 4968  WPCSvc - ok
18:42:51.0903 4968  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:42:51.0946 4968  WPDBusEnum - ok
18:42:51.0984 4968  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
18:42:52.0025 4968  ws2ifsl - ok
18:42:52.0050 4968  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:42:52.0088 4968  wscsvc - ok
18:42:52.0092 4968  WSearch - ok
18:42:52.0165 4968  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:42:52.0226 4968  wuauserv - ok
18:42:52.0255 4968  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:42:52.0304 4968  WudfPf - ok
18:42:52.0327 4968  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:42:52.0358 4968  WUDFRd - ok
18:42:52.0382 4968  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
18:42:52.0413 4968  wudfsvc - ok
18:42:52.0437 4968  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\Windows\System32\wwansvc.dll
18:42:52.0464 4968  WwanSvc - ok
18:42:52.0542 4968  X6va003 - ok
18:42:52.0546 4968  X6va005 - ok
18:42:52.0551 4968  X6va008 - ok
18:42:52.0715 4968  X6va009 - ok
18:42:52.0769 4968  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
18:42:52.0798 4968  xusb21 - ok
18:42:52.0801 4968  ================ Scan global ===============================
18:42:52.0842 4968  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:42:52.0872 4968  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:42:52.0879 4968  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:42:52.0893 4968  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:42:52.0920 4968  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:42:52.0924 4968  [Global] - ok
18:42:52.0924 4968  ================ Scan MBR ==================================
18:42:52.0935 4968  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:42:53.0171 4968  \Device\Harddisk0\DR0 - ok
18:42:53.0171 4968  ================ Scan VBR ==================================
18:42:53.0174 4968  [ 2836349FFB891440E6B82C9318BF3BAB ] \Device\Harddisk0\DR0\Partition1
18:42:53.0175 4968  \Device\Harddisk0\DR0\Partition1 - ok
18:42:53.0203 4968  [ E404271ACB5EB03A40D2083D07EF928A ] \Device\Harddisk0\DR0\Partition2
18:42:53.0204 4968  \Device\Harddisk0\DR0\Partition2 - ok
18:42:53.0205 4968  ============================================================
18:42:53.0205 4968  Scan finished
18:42:53.0205 4968  ============================================================
18:42:53.0218 2372  Detected object count: 4
18:42:53.0218 2372  Actual detected object count: 4
18:43:22.0590 2372  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
18:43:22.0590 2372  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
18:43:22.0591 2372  hwdatacard ( UnsignedFile.Multi.Generic ) - skipped by user
18:43:22.0591 2372  hwdatacard ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:43:22.0592 2372  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:43:22.0593 2372  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:43:22.0594 2372  ScrambyServer ( UnsignedFile.Multi.Generic ) - skipped by user
18:43:22.0594 2372  ScrambyServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
aswMBR Report:

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-11-04 18:08:16
-----------------------------
18:08:16.995    OS Version: Windows x64 6.1.7601 Service Pack 1
18:08:16.995    Number of processors: 2 586 0x602
18:08:16.996    ComputerName: NOEL  UserName:
18:08:17.707    Initialize success
18:08:26.918    AVAST engine defs: 12110400
18:08:41.921    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
18:08:41.922    Disk 0 Vendor: WDC_WD5000AADS-00S9B0 01.00A01 Size: 476940MB BusType: 3
18:08:41.934    Disk 0 MBR read successfully
18:08:41.936    Disk 0 MBR scan
18:08:41.940    Disk 0 Windows 7 default MBR code
18:08:41.943    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
18:08:41.950    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      476838 MB offset 206848
18:08:41.971    Disk 0 scanning C:\Windows\system32\drivers
18:08:49.888    Service scanning
18:09:08.091    Modules scanning
18:09:08.096    Disk 0 trace - called modules:
18:09:08.108    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
18:09:08.111    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800423b430]
18:09:08.116    3 CLASSPNP.SYS[fffff880011c743f] -> nt!IofCallDriver -> [0xfffffa80040f0580]
18:09:08.120    5 ACPI.sys[fffff88000eb57a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0xfffffa80040f2060]
18:09:09.241    AVAST engine scan C:\Windows
18:09:10.990    AVAST engine scan C:\Windows\system32
18:11:59.607    AVAST engine scan C:\Windows\system32\drivers
18:12:09.988    AVAST engine scan C:\Users\DragoTheOwner
18:22:19.102    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\PickUp-Bot (Vista & 7).dll  **INFECTED** Win32:Malware-gen
18:22:19.147    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\PickUp-Bot (XP).dll  **INFECTED** Win32:Malware-gen
18:22:19.181    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Spam-Bot (Vista & 7).dll  **INFECTED** Win32:Spyware-gen [Spy]
18:22:19.215    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Spam-Bot (XP).dll  **INFECTED** Win32:Spyware-gen [Spy]
18:22:19.246    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Switch-Bot (Vista & 7).dll  **INFECTED** Win32:Malware-gen
18:22:19.304    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Tools einstellen (Vista & 7).dll  **INFECTED** Win32:Trojan-gen
18:22:19.337    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Tools einstellen (XP).dll  **INFECTED** Win32:Trojan-gen
18:22:19.367    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Upp-Tool (Vista & 7).dll  **INFECTED** Win32:Malware-gen
18:22:19.401    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Upp-Tool (XP).dll  **INFECTED** Win32:Malware-gen
18:23:43.876    AVAST engine scan C:\ProgramData
18:29:01.068    Scan finished successfully
18:41:21.022    Disk 0 MBR has been saved successfully to "C:\Users\DragoTheOwner\Desktop\MBR.dat"
18:41:21.027    The log file has been saved successfully to "C:\Users\DragoTheOwner\Desktop\aswMBR.txt"

cosinus 05.11.2012 12:18
Code:
18:22:19.102    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\PickUp-Bot (Vista & 7).dll  **INFECTED** Win32:Malware-gen
18:22:19.147    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\PickUp-Bot (XP).dll  **INFECTED** Win32:Malware-gen
18:22:19.181    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Spam-Bot (Vista & 7).dll  **INFECTED** Win32:Spyware-gen [Spy]
18:22:19.215    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Spam-Bot (XP).dll  **INFECTED** Win32:Spyware-gen [Spy]
18:22:19.246    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Switch-Bot (Vista & 7).dll  **INFECTED** Win32:Malware-gen
18:22:19.304    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Tools einstellen (Vista & 7).dll  **INFECTED** Win32:Trojan-gen
18:22:19.337    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Tools einstellen (XP).dll  **INFECTED** Win32:Trojan-gen
18:22:19.367    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Upp-Tool (Vista & 7).dll  **INFECTED** Win32:Malware-gen
18:22:19.401    File: C:\Users\DragoTheOwner\Desktop\Pickup Bot\Upp-Tool (XP).dll  **INFECTED** Win32:Malware-gen
PickUp-Bot? :pfeiff:
Überleg mal ob du sowas wirklich brauchst und behalten willst

Ansonsten sind die Logs ok. Wie siehst denn mit dem Ursprungsproblem aus => Keine Rückmeldung und Freeze
Ist das nun behoben?

Valentice94 05.11.2012 15:01
Manchmal kommt es auch noch vor das so das Problem kommt. ''Ein Shockwave Player (Plug-In) funktioniert nicht''. Ich weiß nicht was ich dagegen machen soll. Ich habe immer die neueste Version davon.

cosinus 05.11.2012 15:26
Zitat:
''Ein Shockwave Player (Plug-In) funktioniert nicht''.
Wozu braucht man das denn?!
Reicht der Flashplayer allein nicht?
Adobe ist auch nicht gerade für seine stabile, performante und sichere Software berühmt :balla:

AdobeReader => träges, fettes Monster, hat und hatte zig Sicherheitsprobleme
Flashplayer => resourcenlastiges rel. instabiles Monster :balla:

Valentice94 05.11.2012 15:59
Wozu ich das brauche? Anscheinend um Videos bzw. Streams zu gucken .. Ab und zu hängt dann das Video und dann kommt diese Meldung.

cosinus 05.11.2012 16:12
Zitat:
Wozu ich das brauche? Anscheinend um Videos bzw. Streams zu gucken
Du weißt es selber nicht aber hast es drauf? :lach:
Also diesen shockwaveplayer hab ich noch nie auf irgendeinen Rechner installiert, wenn recht der Flashplayer allein aus
Deinstallier das Teil mal

Valentice94 05.11.2012 17:17
Hab ich :P.

cosinus 06.11.2012 10:27
Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Valentice94 07.11.2012 05:00
Bevor ich das mache was sie da gepostet haben. Möchte ich etwas loswerden.

In Letzter Zeit taucht jetzt das Problem auf das wenn ich Spiele, mein Spiel ab und zu anfängt zu hängen und das nicht nur 1 mal nein mehrere male! Und ich wüsste evtl. gerne was das auslöst!.. Ich habe da ehrlich gesagt keine lust mehr drauf immer darauf zu hoffen, das mein Spiel in ''wichtigen'' Momenten nicht hängt.. Ist es evtl ein Virus oder irgendein anderes Problem?

MfG.

cosinus 07.11.2012 12:25
Zitat:
Ist es evtl ein Virus oder irgendein anderes Problem?
DAS Versuche ich zumindest gerade herauszufinden wenn du mal endlich die Kontrollscans machen würdest
Ich bin nämlich KEIN Hellseher :glaskugel:

Valentice94 07.11.2012 16:29
Der Scan dauert ziemlich lange. Ich werde sofort wenn es fertig ist die Logs posten.

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=dc181d8729d4f04598bbb65747dc4d70
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-11-07 05:55:36
# local_time=2012-11-07 06:55:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 8902755 8902755 0 0
# compatibility_mode=5893 16776574 100 94 8902813 103928715 0 0
# compatibility_mode=8192 67108863 100 0 3705 3705 0 0
# scanned=279651
# found=9
# cleaned=0
# scan_time=12091
C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll        a variant of Win32/Toolbar.Widgi application (unable to clean)        00000000000000000000000000000000        I
C:\Users\DragoTheOwner\War_Rock_10182011_G1_Xfire.exe        a variant of Win32/Packed.Themida application (unable to clean)        00000000000000000000000000000000        I
C:\Users\DragoTheOwner\Desktop\Tools by Unpublished.exe        multiple threats (unable to clean)        00000000000000000000000000000000        I
C:\Users\DragoTheOwner\Desktop\Pickup Bot\Spam-Bot (Vista & 7).dll        probably a variant of Win32/Agent.MVICHXB trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\DragoTheOwner\Desktop\Pickup Bot\Spam-Bot (XP).dll        probably a variant of Win32/Agent.EUNPGRH trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\DragoTheOwner\Downloads\Tools by Unpublished.exe        multiple threats (unable to clean)        00000000000000000000000000000000        I
C:\Windows\Installer\1200a09.msi        a variant of Win32/Toolbar.Widgi application (unable to clean)        00000000000000000000000000000000        I
C:\Windows\System32\AscConTest.dll        Win32/Adware.Ascentive application (unable to clean)        00000000000000000000000000000000        I
C:\Windows\SysWOW64\AscConTest.dll        Win32/Adware.Ascentive application (unable to clean)        00000000000000000000000000000000        I

Valentice94 09.11.2012 14:06
So der Scan ist schon fertig was soll ich nun machen mein Meister? :crazy:

cosinus 09.11.2012 19:58
Zitat:
Zitat von Valentice94 (Beitrag 953333)
So der Scan ist schon fertig was soll ich nun machen mein Meister? :crazy:
Vllt mal alle Scans? Ich warte immer noch auf Malwarebytes

Valentice94 10.11.2012 02:43
Achso sry.. :D
Code:
Malwarebytes Anti-Malware (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.07.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
DragoTheOwner :: NOEL [Administrator]

Schutz: Aktiviert

07.11.2012 15:26:09
mbam-log-2012-11-07 (15-26-09).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 235500
Laufzeit: 5 Minute(n), 37 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

cosinus 10.11.2012 03:17
Da ist wenn überhaupt nur noch etwas Toolbar und Adware-Müll
Bitte mal den aktuellen adwCleaner runterladen, also die alte adwcleaner löschen und neu runterladen

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Valentice94 10.11.2012 03:30
Code:
# AdwCleaner v2.007 - Datei am 10/11/2012 um 03:29:21 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : DragoTheOwner - NOEL
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\DVDVideoSoftTB
Ordner Gefunden : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\Users\DRAGOT~1\AppData\Local\Temp\CT2269050
Ordner Gefunden : C:\Users\DragoTheOwner\AppData\Local\Conduit
Ordner Gefunden : C:\Users\DragoTheOwner\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\DragoTheOwner\AppData\LocalLow\DVDVideoSoftTB
Ordner Gefunden : C:\Users\DragoTheOwner\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\CT2269050
Ordner Gefunden : C:\Users\DragoTheOwner\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Ordner Gefunden : C:\Users\DragoTheOwner\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\Smartbar

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D7C32C3-CE99-4E61-BE0E-628D1400F436}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E51A9DDD-873D-46AF-8FBE-E10EAA48D04F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v14.0.1 (de)

Profilname : default
Datei : C:\Users\DragoTheOwner\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\prefs.js

Gefunden : user_pref("CT2269050.1000082.isDisplayHidden", "true");
Gefunden : user_pref("CT2269050.1000082.state", "{\"state\":\"stopped\",\"text\":\"Hotmix 108\",\"description\"[...]
Gefunden : user_pref("CT2269050.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gefunden : user_pref("CT2269050.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Gefunden : user_pref("CT2269050.FirstTime", "true");
Gefunden : user_pref("CT2269050.FirstTimeFF3", "true");
Gefunden : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gefunden : user_pref("CT2269050.UserID", "UN68819417229330048");
Gefunden : user_pref("CT2269050.addressBarTakeOverEnabledInHidden", "true");
Gefunden : user_pref("CT2269050.autoDisableScopes", 10);
Gefunden : user_pref("CT2269050.browser.search.defaultthis.engineName", true);
Gefunden : user_pref("CT2269050.embeddedsData", "[{\"appId\":\"128834881989343895\",\"apiPermissions\":{\"cross[...]
Gefunden : user_pref("CT2269050.enableAlerts", "always");
Gefunden : user_pref("CT2269050.firstTimeDialogOpened", "true");
Gefunden : user_pref("CT2269050.fixPageNotFoundErrorInHidden", "true");
Gefunden : user_pref("CT2269050.fixUrls", true);
Gefunden : user_pref("CT2269050.installType", "Unknown");
Gefunden : user_pref("CT2269050.isCheckedStartAsHidden", true);
Gefunden : user_pref("CT2269050.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gefunden : user_pref("CT2269050.isFirstTimeToolbarLoading", "false");
Gefunden : user_pref("CT2269050.isNewTabEnabled", true);
Gefunden : user_pref("CT2269050.isPerformedSmartBarTransition", "true");
Gefunden : user_pref("CT2269050.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gefunden : user_pref("CT2269050.keyword", true);
Gefunden : user_pref("CT2269050.migrateAppsAndComponents", true);
Gefunden : user_pref("CT2269050.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Gefunden : user_pref("CT2269050.openThankYouPage", "FALSE");
Gefunden : user_pref("CT2269050.openUninstallPage", "FALSE");
Gefunden : user_pref("CT2269050.search.searchCount", "0");
Gefunden : user_pref("CT2269050.searchInNewTabEnabledInHidden", "true");
Gefunden : user_pref("CT2269050.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gefunden : user_pref("CT2269050.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Gefunden : user_pref("CT2269050.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Gefunden : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Gefunden : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Gefunden : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Gefunden : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Gefunden : user_pref("CT2269050.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1350852336601");
Gefunden : user_pref("CT2269050.serviceLayer_services_appsMetadata_lastUpdate", "1350852336604");
Gefunden : user_pref("CT2269050.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1350852350896");
Gefunden : user_pref("CT2269050.serviceLayer_services_login_10.13.1.89_lastUpdate", "1350852350039");
Gefunden : user_pref("CT2269050.serviceLayer_services_optimizer_lastUpdate", "1350852350028");
Gefunden : user_pref("CT2269050.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1350852350940");
Gefunden : user_pref("CT2269050.serviceLayer_services_searchAPI_lastUpdate", "1350852323599");
Gefunden : user_pref("CT2269050.serviceLayer_services_serviceMap_lastUpdate", "1350852321567");
Gefunden : user_pref("CT2269050.serviceLayer_services_toolbarContextMenu_lastUpdate", "1350852349133");
Gefunden : user_pref("CT2269050.serviceLayer_services_toolbarSettings_lastUpdate", "1350852323625");
Gefunden : user_pref("CT2269050.serviceLayer_services_translation_lastUpdate", "1350852336611");
Gefunden : user_pref("CT2269050.settingsINI", true);
Gefunden : user_pref("CT2269050.shouldFirstTimeDialog", "FALSE");
Gefunden : user_pref("CT2269050.smartbar.CTID", "CT2269050");
Gefunden : user_pref("CT2269050.smartbar.Uninstall", "0");
Gefunden : user_pref("CT2269050.smartbar.homepage", true);
Gefunden : user_pref("CT2269050.smartbar.toolbarName", "DVDVideoSoftTB ");
Gefunden : user_pref("CT2269050.toolbarBornServerTime", "21-10-2012");
Gefunden : user_pref("CT2269050.toolbarCurrentServerTime", "21-10-2012");
Gefunden : user_pref("CT2269050_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Gefunden : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=1[...]
Gefunden : user_pref("Smartbar.ConduitSearchEngineList", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050[...]
Gefunden : user_pref("Smartbar.keywordURLSelectedCTID", "CT2269050");
Gefunden : user_pref("browser.search.selectedEngine", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13");
Gefunden : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=[...]

-\\ Google Chrome v23.0.1271.64

Datei : C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gefunden [l.12] : homepage = "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48",
Gefunden [l.16] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48" ]
Gefunden [l.47] : icon_url = "hxxp://search.conduit.com/fav.ico",
Gefunden [l.50] : keyword = "search.conduit.com",
Gefunden [l.53] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050",
Gefunden [l.1453] : homepage = "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48",
Gefunden [l.1814] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48" ]

*************************

AdwCleaner[R1].txt - [19443 octets] - [12/10/2012 14:52:37]
AdwCleaner[R2].txt - [10275 octets] - [10/11/2012 03:29:21]
AdwCleaner[S1].txt - [18952 octets] - [12/10/2012 17:11:11]

########## EOF - C:\AdwCleaner[R2].txt - [10397 octets] ##########

cosinus 11.11.2012 19:07
Versuch bitte alle im adwCleaner-Log erwähnten Einträge (wie zB ICQToolbar, alle anderen Toolbars, DVDVideoSoftTB, conduit, ... ) über die Systemsteuerung zu deinstallieren, danach ein neues Suchlog mit dem adwCleaner machen.
Reste und was sich nicht deinstallieren lassen will machen wir mit dem adwCleaner weg.

Valentice94 11.11.2012 23:19
Hier ist der Log falls sie ihn brauchen.

Code:
# AdwCleaner v2.007 - Datei am 11/11/2012 um 23:11:22 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : DragoTheOwner - NOEL
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\DragoTheOwner\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Users\DRAGOT~1\AppData\Local\Temp\CT2269050
Ordner Gelöscht : C:\Users\DragoTheOwner\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\DragoTheOwner\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\DragoTheOwner\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\DragoTheOwner\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\CT2269050
Ordner Gelöscht : C:\Users\DragoTheOwner\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Ordner Gelöscht : C:\Users\DragoTheOwner\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\Smartbar

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (de)

Profilname : default
Datei : C:\Users\DragoTheOwner\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\prefs.js

C:\Users\DragoTheOwner\AppData\Roaming\Mozilla\Firefox\Profiles\onztcf3b.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT2269050.1000082.isDisplayHidden", "true");
Gelöscht : user_pref("CT2269050.1000082.state", "{\"state\":\"stopped\",\"text\":\"Hotmix 108\",\"description\"[...]
Gelöscht : user_pref("CT2269050.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2269050.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Gelöscht : user_pref("CT2269050.FirstTime", "true");
Gelöscht : user_pref("CT2269050.FirstTimeFF3", "true");
Gelöscht : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gelöscht : user_pref("CT2269050.UserID", "UN68819417229330048");
Gelöscht : user_pref("CT2269050.addressBarTakeOverEnabledInHidden", "true");
Gelöscht : user_pref("CT2269050.autoDisableScopes", 10);
Gelöscht : user_pref("CT2269050.browser.search.defaultthis.engineName", true);
Gelöscht : user_pref("CT2269050.embeddedsData", "[{\"appId\":\"128834881989343895\",\"apiPermissions\":{\"cross[...]
Gelöscht : user_pref("CT2269050.enableAlerts", "always");
Gelöscht : user_pref("CT2269050.firstTimeDialogOpened", "true");
Gelöscht : user_pref("CT2269050.fixPageNotFoundErrorInHidden", "true");
Gelöscht : user_pref("CT2269050.fixUrls", true);
Gelöscht : user_pref("CT2269050.installType", "Unknown");
Gelöscht : user_pref("CT2269050.isCheckedStartAsHidden", true);
Gelöscht : user_pref("CT2269050.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2269050.isFirstTimeToolbarLoading", "false");
Gelöscht : user_pref("CT2269050.isNewTabEnabled", true);
Gelöscht : user_pref("CT2269050.isPerformedSmartBarTransition", "true");
Gelöscht : user_pref("CT2269050.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gelöscht : user_pref("CT2269050.keyword", true);
Gelöscht : user_pref("CT2269050.migrateAppsAndComponents", true);
Gelöscht : user_pref("CT2269050.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Gelöscht : user_pref("CT2269050.openThankYouPage", "FALSE");
Gelöscht : user_pref("CT2269050.openUninstallPage", "FALSE");
Gelöscht : user_pref("CT2269050.search.searchCount", "0");
Gelöscht : user_pref("CT2269050.searchInNewTabEnabledInHidden", "true");
Gelöscht : user_pref("CT2269050.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2269050.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Gelöscht : user_pref("CT2269050.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Gelöscht : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Gelöscht : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Gelöscht : user_pref("CT2269050.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1350852336601");
Gelöscht : user_pref("CT2269050.serviceLayer_services_appsMetadata_lastUpdate", "1350852336604");
Gelöscht : user_pref("CT2269050.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1350852350896");
Gelöscht : user_pref("CT2269050.serviceLayer_services_login_10.13.1.89_lastUpdate", "1350852350039");
Gelöscht : user_pref("CT2269050.serviceLayer_services_optimizer_lastUpdate", "1350852350028");
Gelöscht : user_pref("CT2269050.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1350852350940");
Gelöscht : user_pref("CT2269050.serviceLayer_services_searchAPI_lastUpdate", "1350852323599");
Gelöscht : user_pref("CT2269050.serviceLayer_services_serviceMap_lastUpdate", "1350852321567");
Gelöscht : user_pref("CT2269050.serviceLayer_services_toolbarContextMenu_lastUpdate", "1350852349133");
Gelöscht : user_pref("CT2269050.serviceLayer_services_toolbarSettings_lastUpdate", "1350852323625");
Gelöscht : user_pref("CT2269050.serviceLayer_services_translation_lastUpdate", "1350852336611");
Gelöscht : user_pref("CT2269050.settingsINI", true);
Gelöscht : user_pref("CT2269050.shouldFirstTimeDialog", "FALSE");
Gelöscht : user_pref("CT2269050.smartbar.CTID", "CT2269050");
Gelöscht : user_pref("CT2269050.smartbar.Uninstall", "0");
Gelöscht : user_pref("CT2269050.smartbar.homepage", true);
Gelöscht : user_pref("CT2269050.smartbar.toolbarName", "DVDVideoSoftTB ");
Gelöscht : user_pref("CT2269050.toolbarBornServerTime", "21-10-2012");
Gelöscht : user_pref("CT2269050.toolbarCurrentServerTime", "21-10-2012");
Gelöscht : user_pref("CT2269050_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=1[...]
Gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "DVDVideoSoftTB Customized Web Search");
Gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050[...]
Gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2269050");
Gelöscht : user_pref("browser.search.selectedEngine", "DVDVideoSoftTB Customized Web Search");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13");
Gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=[...]

-\\ Google Chrome v23.0.1271.64

Datei : C:\Users\DragoTheOwner\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.12] : homepage = "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48",
Gelöscht [l.16] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48" ]
Gelöscht [l.47] : icon_url = "hxxp://search.conduit.com/fav.ico",
Gelöscht [l.50] : keyword = "search.conduit.com",
Gelöscht [l.53] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2269050",
Gelöscht [l.1566] : homepage = "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48",
Gelöscht [l.1979] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48" ]

*************************

AdwCleaner[R1].txt - [19443 octets] - [12/10/2012 14:52:37]
AdwCleaner[R2].txt - [10467 octets] - [10/11/2012 03:29:21]
AdwCleaner[R3].txt - [9047 octets] - [11/11/2012 23:10:31]
AdwCleaner[S1].txt - [18952 octets] - [12/10/2012 17:11:11]
AdwCleaner[S2].txt - [9123 octets] - [11/11/2012 23:11:22]

########## EOF - C:\AdwCleaner[S2].txt - [9183 octets] ##########

cosinus 12.11.2012 10:47
Ok, gut

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

Valentice94 12.11.2012 15:16
Momentan läuft alles viel viel viel viel besser wie vorher. Probleme oder Funde bin ich mir nicht sicher.

cosinus 12.11.2012 15:27
Dann wären wir durch! :abklatsch:

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen:

Starte bitte OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.


Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken.


Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate
Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.
Windows Vista/7: Start, Systemsteuerung, Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks findest du hier => Browsers and Plugins - FilePony.de

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

Valentice94 19.11.2012 00:17
Ich habe gemerkt, es tut sich nun ein neues bzw. altes Problem auf :(

Wenn ich Spiele, kommt es manchmal dazu, das ich mittendrinnen einen Freeze bekomme. Ich habe den Gedanken, das es mit meiner Grafikkarte bzw. Grafikkartentreiber zu tun hat.
Wenn sie mir noch einmal in irgendeiner weise weiterhelfen könnten wäre das ziemlich nett :s

cosinus 19.11.2012 10:48
Ist ein Fall für die Hardware-Ecke => http://www.trojaner-board.de/netzwerk-hardware/


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:12 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131