| |
| |||||||
Log-Analyse und Auswertung: CPU auslastung ständig bei 30% - Was dagegen tuen?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
31.01.2013, 21:15
| #1 |
| |  CPU auslastung ständig bei 30% - Was dagegen tuen? Guten Tag. Ich habe seit Samstag, dem 26.1.2013 eine art kleines problem auf meinem Rechner, meistens wenn ich mit meinem Lieblingsprogramm arbeite.(Wenn jemand nachfragt, es ist UTAU.exe, eine art Sing-Synthesizer aus Japan) Meistens wenn ich fertig damit bin zu editieren, lasse ich alles "rendern" (Naja, ich meine damit das der Gesang exportiert wird von dem Programm) mit cmd.exe und dann fängts an zu laggen und mein PC wird unbrauchbar in allem. Sogar wenn es nach einer Stunde "rendern" und wenn alles auch fertig ist, der CPU wert bleibt Konstant auf 30% (Sogar wenn ich garkein programm laufen lasse..) Auch wenn ich mein Lieblingsprogramm nicht nutze, nach einiger zeit geht der CPU wert schon selbst auf 30% und darüber :/ Ich habe angst das vielleicht etwas auf der Festplatte kapput oder zerstört ist und hoffe hier vielleicht eine Lösung zu finden  Hier sind die .txt Dateien nachdem ich mal Defogger, OTL und GMER meinen PC durchsucht haben.. Defogger, Extras.txt Code:
ATTFilter OTL Extras logfile created on: 31.01.2013 16:59:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***-PC\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.96 Gb Total Physical Memory | 2.67 Gb Available Physical Memory | 67.54% Memory free
7.92 Gb Paging File | 6.40 Gb Available in Paging File | 80.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1182.65 Gb Total Space | 1045.70 Gb Free Space | 88.42% Space Free | Partition Type: NTFS
Computer Name: EMRAN-PC | User Name: Emran Nekasade | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0698DA5A-B28C-4A10-8DD8-B27E3755F76D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0E323777-4877-4999-BA19-13F9D67AF285}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1311785A-EC34-497C-8966-EED113D73328}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1A3F05A2-8196-4CA4-90DF-35F1E07A61D6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{21E8FFF0-10A8-4BE3-8788-D669CDBA2B49}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{22E86BE5-F67B-4294-A947-58950A71B28C}" = lport=137 | protocol=17 | dir=in | app=system |
"{33DE4550-C027-46E8-A8D8-9F8EC2716271}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3AF36EA0-6EB2-4902-B6E9-82802AB9E64D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{409008DA-81D2-437B-AFD8-F4ACD0399282}" = lport=138 | protocol=17 | dir=in | app=system |
"{50402568-0FB2-4178-907C-E132CFD915A1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5254D216-01E8-4B4A-8799-E6A8BC522803}" = lport=445 | protocol=6 | dir=in | app=system |
"{52D222CB-5887-4FE3-8A98-083CE309E436}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{54A209C1-5209-4AE8-B651-35902CAC0EDD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5CC8F945-CC3D-4ADC-87E5-07A6A42C1A8D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{611ED4AC-881C-4245-8E6B-3D2E68FC52E9}" = rport=137 | protocol=17 | dir=out | app=system |
"{638FFBE9-14FA-4B49-BFF1-73917EF878A3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{64C8A265-155C-4A13-BEFA-E38D5DF14AFA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6821B9F0-67C0-41EE-86E2-4F03776F6A12}" = lport=2869 | protocol=6 | dir=in | app=system |
"{72FA8394-B225-4448-A87B-C7A78B213F15}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{730443FF-CD81-4B01-92EF-EF074E80F015}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7649D9C9-9B3E-447A-BCDA-3361164311E1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{843E8C19-C6C1-4A22-8B57-2D3E6FF1E1F0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8EC4B544-5E38-4D62-86AF-EEA1D87C5F10}" = rport=139 | protocol=6 | dir=out | app=system |
"{95086611-A587-478E-8736-0D1F0846C25B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9D5D3481-285C-4320-822F-CFCE47C7ADEE}" = lport=139 | protocol=6 | dir=in | app=system |
"{AAF417DD-186A-451D-A223-5285D13426F5}" = rport=138 | protocol=17 | dir=out | app=system |
"{B0BE4A33-2B78-4741-86B5-9F0712089335}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B31C231F-D306-4FAF-9A3C-2843B11748FF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BDE1F6CB-C949-44F2-A020-11D56BB9E782}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C602B537-FC51-4C10-B55C-6A85021E97D3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CDED0503-651A-4A34-828A-B6C9C7646609}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EBED1360-9E4F-43C8-BB5A-72413B81443E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{EDA8EB63-90EF-49D7-8182-EF5DA9CAF85D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F8AD5227-D250-4363-95E3-DE646D4EB056}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FD681DFC-2D09-4D0C-9D9B-F5FE954D0FA8}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0021924E-F0C6-4E93-8FB2-DE8EF14706AA}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxddjswx.exe |
"{00BFE81B-9411-4325-97BD-7134D3053087}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{0443E155-CE54-4AEF-A4C4-BF67E8D4A515}" = protocol=17 | dir=in | app=c:\program files (x86)\reaper\reaper.exe |
"{06CD1223-FF20-458F-BB75-9D96932B6DC2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0843DF2E-AA16-4503-9AD9-6DF6821C99C9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0F9693EA-BA02-423A-93EC-18A7A54EEB49}" = protocol=6 | dir=in | app=c:\program files (x86)\reaper\reaper.exe |
"{15B0A412-F398-45CF-9985-0DDA194A1456}" = protocol=6 | dir=in | app=c:\program files (x86)\lightworks\lightworks.exe |
"{19319E6B-C287-45AC-B1F2-6A4827600425}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1C466D08-1079-4405-AC9B-C6258DB7AF16}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{1E03F1DC-55F7-4239-885C-AEF372B72BDB}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{208637D6-8AB2-4144-B7C9-C3DCACEC8788}" = protocol=17 | dir=in | app=c:\windows\system32\lxddcoms.exe |
"{265EF71F-CB95-4882-A125-114080215E7D}" = protocol=6 | dir=in | app=c:\windows\system32\lxddcoms.exe |
"{27DFAC59-B61A-41CA-A2AE-F53E419D5DA7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{29EB48F4-2739-487B-9EB1-77E24526DABC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2D88EE6C-5B08-45EA-B0F6-81EF3DFA3603}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{31B37A4D-B67E-459D-8382-BE1F182AC058}" = dir=in | app=%programfiles% (x86)\adobe\adobe photoshop cs5.1\photoshop.exe |
"{32472B67-4004-4F88-A16F-73DC03CBBC2B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{364BB15B-5D64-49D3-A4C7-147FF9C0CC3F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3A88BCF7-D9B3-42B8-BA7F-7AA7A1AD8371}" = protocol=17 | dir=in | app=c:\program files (x86)\song surgeon 3\songsurgeon.exe |
"{3EC2F826-F10A-4965-A702-B9309A18270E}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{429AEC3C-0F88-4F22-BFC9-FB21E704B83B}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxddpswx.exe |
"{447DD5C0-34A9-4797-8875-C02FD776BD1E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{479D72A3-F6A0-4C99-8DB1-0DBCF666065C}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{48F6E269-C3E8-4B29-9C74-8733F4B74153}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxddpswx.exe |
"{4BD3AD1E-DE4F-430B-BBDC-EE49B7E6D82E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C28D343-4256-4E13-B62D-1BFB9DB7C7A2}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4D81F5B4-2E8D-49AE-8048-522CC154C944}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4F9AE400-079A-4A01-AE96-DC4236D61DEE}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{50CA71FC-CA79-4BC2-B4E6-7FABC1BAA78D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{5AD87AA9-3A60-43D7-AAE3-B6339ABF644D}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{5C77C91B-B22E-42A4-8B43-8C9EAF31D1E6}" = protocol=17 | dir=in | app=c:\program files (x86)\song surgeon 3\songsurgeonreg.exe |
"{5F0A06BA-7663-421D-8DFA-42F3DA0D358C}" = protocol=6 | dir=in | app=c:\program files (x86)\song surgeon 3\songsurgeonreg.exe |
"{63280270-7C5E-47B1-BA94-3FF47BE54865}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{63506EC6-E85E-4D4C-996B-759B7FA194D0}" = protocol=6 | dir=out | app=system |
"{63BC68B3-8C02-4FCC-A7A7-DC2B999D0537}" = protocol=6 | dir=in | app=c:\program files (x86)\song surgeon 3\songsurgeon.exe |
"{68F4C44A-1288-4D3C-885B-044D4E0C4B90}" = dir=in | app=c:\windows\system32\hasplms.exe |
"{6DB803D6-1C51-45C1-ACE3-B63DD59E10FB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6FBBF7BC-8CCB-4308-BE60-2E21A62F39E6}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxddpswx.exe |
"{77C4FB58-38D9-405D-9946-EBD6C37332BA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7B8650A0-D24B-479F-9C7F-94C9EE0D08B4}" = protocol=17 | dir=in | app=c:\windows\system32\lxddcoms.exe |
"{7FB5727C-1C81-4F8C-8B11-C2F93716ACE7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8655BF9E-9699-4577-B5AE-909C94725A29}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{89116DF9-16C0-429E-8A39-8EDF82E16FF0}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{894A50E3-F5FF-4410-8B70-7B88EAD984DE}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8950CC45-1E58-41E5-AFB0-C857A2559ACC}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxddtime.exe |
"{8F8345E1-A68C-41C6-8FEC-14FB86238A3B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9026F5F0-E5D7-4181-9934-1AE5520562ED}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{940ADD62-72D5-4692-8DBA-8C1A6B506D40}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{964F00D9-0BD8-48F9-B981-AD1F09BBBB64}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{99C96D5F-C3AA-490E-A084-07C90B511E48}" = protocol=6 | dir=in | app=c:\windows\system32\lxddcoms.exe |
"{9CF53E93-1BB3-4072-B1E4-62E783036427}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9FF3DB19-A120-43BC-BAE1-36F20935A152}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A15EE938-FB0A-438D-A20D-34D0562E95DE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A3F9BA78-6EBC-4CE6-A5D6-FABA0DA8A733}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{AA2994C0-99D4-489B-A107-E0E3C532D876}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{AC8E358E-36FA-4DA3-A867-85258CECE0EA}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxddjswx.exe |
"{AE5B7E4B-15B5-479E-9E9C-3B88559D00C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B09690B2-AD41-4037-A7E6-6DCDFB52285E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B522E730-E46E-4D12-BE54-3F4F2478D946}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{B7AC8FD8-6E91-456F-95B7-0E6685DA8CFD}" = protocol=17 | dir=in | app=c:\program files (x86)\lightworks\lightworks.exe |
"{B834E79C-CA79-4A73-84A5-435BD027D58A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BA798F15-FC50-4EDC-991D-38C96D07796A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BC6BCF3B-2CE6-407A-9977-7038E69F4201}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CDF4AFC6-0160-4782-A79E-41366338641A}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxddjswx.exe |
"{CF4C937C-9C26-4BD0-AFFE-A22C9F7A612B}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{D375C4C1-7281-41A7-A0B5-B62F5B958F6E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxddjswx.exe |
"{D8DF61F5-208E-433A-AF48-78DA9F711B71}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DC8180BB-78B5-444A-B887-C2AE2A2D2447}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E20765AA-D832-403C-895A-66A0EB3296B6}" = protocol=6 | dir=in | app=c:\program files (x86)\lightworks\ntcardvt.exe |
"{F22FD1F9-3E59-4C21-8DF8-A9644BA9BDE7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F27FF1A7-4F66-4AAD-9906-D75209879DF2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F5CDABFF-B728-4884-97BD-D77BD42EAC38}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxddtime.exe |
"{F9E62043-3E57-4D73-A1E4-797B830EED00}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxddpswx.exe |
"{FF515CF6-2D7E-4029-9916-2FF83B113DA5}" = protocol=17 | dir=in | app=c:\program files (x86)\lightworks\ntcardvt.exe |
"TCP Query User{2CD00C68-5038-426C-AD6D-3BABF14830ED}C:\program files (x86)\reaper\reaper.exe" = protocol=6 | dir=in | app=c:\program files (x86)\reaper\reaper.exe |
"TCP Query User{327AFBE8-39FA-415E-9A9E-23523296A351}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{4168BEFF-B608-4631-83DE-4EE7D190BAB8}C:\program files (x86)\gridservice\peer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gridservice\peer.exe |
"TCP Query User{540FF7A7-3D82-4520-B38A-7D8CB3367A40}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{81C6960A-62A5-43FF-9D0B-0EB99BFAC0AA}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"TCP Query User{90E4854E-D65C-4C15-853D-144DB3D294D9}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"TCP Query User{9E412E27-1A06-4665-B35B-477687D43020}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{D33F4D96-3294-465C-8499-CC93F2818B18}C:\program files (x86)\acoustica mixcraft 5\mixcraft5.exe" = protocol=6 | dir=in | app=c:\program files (x86)\acoustica mixcraft 5\mixcraft5.exe |
"TCP Query User{EC6B134E-B858-4E84-9774-B071B34D4886}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{FD06EB0E-BB8E-4350-8E2B-420925B0DC28}C:\program files (x86)\gridservice\peer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gridservice\peer.exe |
"UDP Query User{1682B3AC-FC9A-481C-8B24-52AC4C4B30AB}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{3374B957-C120-4A25-85F1-045D0F79AE6E}C:\program files (x86)\acoustica mixcraft 5\mixcraft5.exe" = protocol=17 | dir=in | app=c:\program files (x86)\acoustica mixcraft 5\mixcraft5.exe |
"UDP Query User{7030D806-2624-44C6-B441-2C5CA83838C4}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"UDP Query User{8F0DA5E0-64E7-4DD3-BFB5-963118B68C6A}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{A7F5FF93-E122-46CD-AF75-B853B9B72B76}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"UDP Query User{AA2D565D-372C-4351-A6A4-E4142562214E}C:\program files (x86)\gridservice\peer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gridservice\peer.exe |
"UDP Query User{AA746CE4-03A6-4C0D-9273-4F1CAC31D869}C:\program files (x86)\reaper\reaper.exe" = protocol=17 | dir=in | app=c:\program files (x86)\reaper\reaper.exe |
"UDP Query User{F3EC136B-97D1-449C-9EF7-88D2FB0767BC}C:\program files (x86)\gridservice\peer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gridservice\peer.exe |
"UDP Query User{F8EF06FA-4051-4B01-8A43-BB9679EDAEBF}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{FA3418A8-672B-41EE-8CF5-2D31D6E89AE8}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1DAF5307-E4E2-41F2-9903-863102C84A77}" = Native Instruments Skanner
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{2E295B5B-1AD4-4D36-97C2-A316084722C0}" = Python 2.7.2 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{53EE2829-E9DB-4913-B3EA-96F10F84E98B}" = Melodyne Runtime 4.1 (x64)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{752F3DA2-9D44-4A2C-A65C-544525EACA81}" = MAGIX Goya burnR (MSI)
"{7DE223C2-C857-44E5-9311-67AA5731B39B}" = Melodyne Runtime 4.0 (x64)
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{DCE9CCAD-24D0-4C61-9306-3C3FD3DF91CC}" = Engine 2
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E605F95E-31D3-4C9B-A411-BC6A51F8EE48}" = E-License Manager
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"Pen Tablet Driver" = Bamboo
"Recuva" = Recuva
"USB_AUDIO_DEusb-audio.deTascam" = US-122 MKII / US-144 MKII
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03853A8E-10F5-463D-8888-4D69C7C5CC1Z}_is1" = Song Surgeon 3.1.0.8
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B973521-269F-11E1-8ED3-F04DA23A5C58}" = MSVCRT Redists
"{0D8E6567-7082-48DB-A305-293873AC8B39}_is1" = Preispilot f・ Firefox
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{166B8F62-E0BD-485A-8770-784BA2C235AC}" = Sika-Free
"{16DF894D-FC3F-4B87-908D-671E201CD7A8}" = Melodyne singletrack
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.6
"{1B70920B-70FC-C906-623C-F366B0F7DB53}" = Catalyst Control Center InstallProxy
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{2B11BA9C-7F97-4C16-970F-1491FD77969B}_is1" = shopping-preise.de AddOn Firefox
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33F7A957-A66D-45A1-BADF-6576083B14E2}" = RPGツクール2000 ランタイムパッケージ
"{3513E6E0-A5B5-4ED9-A28A-D9D962DBABB4}" = Scramby
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3ECECC41-64EC-47F7-BCD1-6EC7039FF88A}" = YTD Toolbar v6.6
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{46301B1E-8962-4672-B5A2-0636BA3C48F4}" = Melodyne 3.2 Demo
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{50C78780-1A54-4A5C-B3A7-FF828C62C5C2}" = Steinberg Cubase LE 5
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy CD and DVD Burning
"{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{59AD9966-F0BD-4A31-80D5-2B9B57D3EFA2}" = UTAU 歌声合成ツール
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard
"{5AF6EE47-C991-43E9-8621-20756557BEA4}" = Antares Auto-Tune 7 VST
"{5C134C7E-537D-4BA2-913D-A6F163DF10D4}" = UTAU 歌声合成ツール
"{5EC2D1B1-B479-4918-A0EF-3C72DB981A7D}" = Antares Auto-Tune 7 TDM
"{612B5D2E-8084-4102-91DE-24281E4EFB2C}" = Roxio Easy CD and DVD Burning
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BE7495E-8DF1-11E1-BB7D-F04DA23A5C58}" = Vegas Pro 11.0
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70CB6C40-8DF1-11E1-BDCF-F04DA23A5C58}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E9F464A-4118-4A5D-85D9-F50FDAD1754F}" = AudioPaint
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BCD7AE7-F713-4D50-BAB9-7839B9386870}" = ImageShack Uploader 2.2.0
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B89EB0D-68C3-4E5D-A705-CD8D37DABF50}" = VOCALOID Expression DB (Standard)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D623E1A-30E1-4E55-BD80-5C1359DB120B}" = Melodyne 3.1
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}" = SweetIM Toolbar for Internet Explorer 4.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95FF0B9-5CFB-497E-8872-3A5F41AD9D4F}" = VOCALOID2 VSTi V2.0.4.2
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9D4AF7B-93BA-4671-BC54-EDA2770CAF18}" = PC Rambazamba
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B37CD3BD-C867-42B9-ABCC-D2D4D74DF3C6}_is1" = Disharmony Audio Patch 0.9.7.54
"{B6588186-9657-486C-AEB1-F57D8E160F19}" = VOCALOID2 Expression DB (Standard)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{BEBD8B5B-2EC8-6489-1585-47B78EA6832A}" = Bamboo Dock
"{C04D5974-F528-4347-A494-EAF56124CC1A}" = Steinberg HALionOne Essential Set
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF45002F-2205-4116-BB51-2D015F436CAC}" = Steinberg HALion Sonic SE Content for Cubase LE AI Elements
"{CFCA7747-0813-AEBA-886F-732E1CBD79EA}" = MoodTuner
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1DB1160-769F-461C-9727-34202D9B5FBF}" = Pluggo Runtime 3.6.1
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D65139EC-C4D1-4687-9A02-04A5D84E7E26}" = VOCALOID2 Voice DB (Rin)
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1" = FireJump
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBF4BC99-53F1-4C97-84C3-7557D103E182}" = Steinberg Groove Agent ONE Vintage Beatboxes
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E033EC8F-5FCB-4B28-9584-D9D5541A0C2D}" = Steinberg Cubase LE AI Elements 6
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{E7C5374B-E41F-4634-9A64-7B9FF29089E9}" = ArtRage Studio Pro
"{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}" = Lightworks
"{E9615818-3477-4B11-A1F7-A78DF0993DD5}" = VOCALOID2 Voice DB (Len)
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{EC9A0711-9823-4DD2-83C4-039886A3ECF6}" = Melodyne 3.2 Demo
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF7800A8-575E-4776-95A5-A9D904A85D5F}" = Steinberg HALion Sonic SE
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C1C21B-F56E-400B-B0B0-270D817889F3}" = VOCALOID2 Editor V2.0.4.2J
"{F3292D16-6363-4AB8-85AF-75B61544B678}" = VOCALOID Voice DB (Kaito)
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FD271FAB-2F69-6983-A6A4-828F357940C4}" = Livebrush Mini
"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{Kong Audio Instant China Qin Library}_is1" = Kong Audio Instant China Qin Library
"7-Zip" = 7-Zip 9.20
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 5" = Acoustica Mixcraft 5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.85
"Akamai" = Akamai NetSession Interface
"Alice Software" = Alice Software 4.10.0
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta_is1" = Audacity 1.3.12
"Bamboo Dock" = Bamboo Dock 3.3
"Camel Audio Alchemy" = Camel Audio Alchemy
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Color Efex Pro 3.0 Standard" = Color Efex Pro 3.0 Standard
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.gugga.radiomini" = MoodTuner
"com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1" = Livebrush Mini
"conduitEngine" = Conduit Engine
"devkitProUpdater" = devkitProUpdater 1.5.0
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"E-License Manager" = E-License Manager
"eLicenser Control" = eLicenser Control
"Engine 2" = Engine 2
"FireAlpaca_is1" = FireAlpaca 1.0.30
"FL Studio 10" = FL Studio 10
"Hardcore" = Hardcore
"ICMOICMCICKOICPBJENOIPJH" = ばつぐん彼女
"InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
"intelliScore Ensemble MP3 to MIDI Converter Demo" = intelliScore Ensemble MP3 to MIDI Converter Demo
"IrfanView" = IrfanView (remove only)
"KeolabSpicyGuitar_is1" = Spicy Guitar 1.2.0.1
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Logitech Vid" = Logitech Vid HD
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"MAGIX_{752F3DA2-9D44-4A2C-A65C-544525EACA81}" = MAGIX Goya burnR (MSI)
"MeCab_is1" = MeCab 0.98
"midicair Toolbar" = midicair Toolbar
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Native Instruments Skanner" = Native Instruments Skanner
"Orbit_is1" = Orbit Downloader
"Pangya" = Pangya (Ntreev SG Interactive)
"PoiZone" = PoiZone
"Polipo" = Polipo 1.0.4.1
"RaySource" = RaySource 2.2.0.1
"REAPER" = REAPER
"rgc:audio sfz VSTi_is1" = rgc:audio sfz VSTi v1.96
"RGSS-RTP Standard_is1" = RGSS-RTP Standard
"RPG Maker 2000 1.05" = RPG Maker 2000 1.05
"RPG Maker 2003_is1" = RPG Maker 2003 v1.08
"RPG Maker VX RTP_is1" = RPG Maker VX RTP
"RTP 1.32 Add-On for RM2k" = RTP 1.32 Add-On for RM2k
"RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts)
"Sakura" = Sakura
"Sawer" = Sawer
"sfArk" = sfArk
"SmartDraw 2012" = SmartDraw 2012
"ST6UNST #1" = Darkwings Graphics Maker
"SynthFont_is1" = SynthFont
"Tor" = Tor 0.2.1.30
"Toxic Biohazard" = Toxic Biohazard
"uTorrent" = µTorrent
"Vidalia" = Vidalia 0.2.12
"Vintage Vocoder 1.03 Build 1" = Vintage Vocoder 1.03 Build 1
"VST Bridge_is1" = VST Bridge 1.1
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WinLiveSuite" = Windows Live Essentials
"Winload Toolbar" = Winload Toolbar
"WinPcapInst" = WinPcap 4.1.1
"XnView_is1" = XnView 1.97.4
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YelsiMp3onDSi_is1" = Yelsi MP3 auf DSi 1.3.0.0
"YTdetect" = Yahoo! Detect
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.01.2013 17:40:46 | Computer Name = ***-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 29.01.2013 17:40:46 | Computer Name = ***-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 29.01.2013 17:40:46 | Computer Name = ***-PC | Source = Windows Search Service | ID = 9002
Description =
Error - 29.01.2013 17:40:46 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 29.01.2013 17:40:46 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 29.01.2013 17:40:46 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 29.01.2013 17:40:46 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 29.01.2013 17:40:46 | Computer Name = ***-PC | Source = Windows Search Service | ID = 7010
Description =
Error - 30.01.2013 09:27:05 | Computer Name = ***-PC | Source = MsiInstaller | ID = 11706
Description =
Error - 31.01.2013 09:56:59 | Computer Name = ***-PC | Source = MsiInstaller | ID = 11706
Description =
[ Media Center Events ]
Error - 01.11.2010 09:04:09 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 14:04:06 - Fehler beim Herstellen der Internetverbindung. 14:04:06
- Serververbindung konnte nicht hergestellt werden..
Error - 01.11.2010 10:04:49 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 15:04:49 - Fehler beim Herstellen der Internetverbindung. 15:04:49
- Serververbindung konnte nicht hergestellt werden..
Error - 01.11.2010 10:05:20 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 15:05:18 - Fehler beim Herstellen der Internetverbindung. 15:05:18
- Serververbindung konnte nicht hergestellt werden..
Error - 01.11.2010 12:07:39 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 17:07:39 - Fehler beim Herstellen der Internetverbindung. 17:07:39
- Serververbindung konnte nicht hergestellt werden..
Error - 01.11.2010 12:08:10 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 17:08:08 - Fehler beim Herstellen der Internetverbindung. 17:08:08
- Serververbindung konnte nicht hergestellt werden..
Error - 16.12.2010 03:27:10 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 08:27:10 - Fehler beim Herstellen der Internetverbindung. 08:27:10
- Serververbindung konnte nicht hergestellt werden..
Error - 16.12.2010 03:27:42 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 08:27:39 - Fehler beim Herstellen der Internetverbindung. 08:27:39
- Serververbindung konnte nicht hergestellt werden..
Error - 27.01.2011 02:14:01 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 07:13:56 - Fehler beim Herstellen der Internetverbindung. 07:13:56
- Serververbindung konnte nicht hergestellt werden..
Error - 10.02.2011 09:22:09 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 14:22:09 - Fehler beim Herstellen der Internetverbindung. 14:22:09
- Serververbindung konnte nicht hergestellt werden..
Error - 10.02.2011 09:22:42 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 14:22:38 - Fehler beim Herstellen der Internetverbindung. 14:22:38
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 31.01.2013 10:38:25 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 31.01.2013 10:38:26 | Computer Name = ***-PC | Source = hasplms | ID = 458755
Description = ERROR: Sentinel LDK License Manager failed to start in a promptly
manner!
Error - 31.01.2013 10:38:29 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "SearchAnonymizer" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 31.01.2013 10:38:29 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
RxFilter
Error - 31.01.2013 11:50:02 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
nicht richtig heruntergefahren werden.
Error - 31.01.2013 11:51:01 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 31.01.2013 11:51:01 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Scramby Server" wurde mit folgendem Fehler beendet: %%-2146500059
Error - 31.01.2013 11:51:03 | Computer Name = ***-PC | Source = hasplms | ID = 458755
Description = ERROR: Sentinel LDK License Manager failed to start in a promptly
manner!
Error - 31.01.2013 11:51:13 | Computer Name = *** | Source = Service Control Manager | ID = 7034
Description = Dienst "SearchAnonymizer" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 31.01.2013 11:51:13 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
RxFilter
< End of report >
Code:
ATTFilter OTL logfile created on: 31.01.2013 16:59:01 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***-PC\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.96 Gb Total Physical Memory | 2.67 Gb Available Physical Memory | 67.54% Memory free 7.92 Gb Paging File | 6.40 Gb Available in Paging File | 80.83% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1182.65 Gb Total Space | 1045.70 Gb Free Space | 88.42% Space Free | Partition Type: NTFS Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found -- PRC - [2013.01.31 16:32:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***-PC\Desktop\OTL.exe PRC - [2012.12.22 10:48:14 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.12.13 07:18:21 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe PRC - [2012.11.28 16:34:18 | 000,793,600 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe PRC - [2011.03.04 02:31:08 | 000,428,640 | ---- | M] (Logicool Co., Ltd.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2010.12.24 01:26:10 | 002,678,784 | ---- | M] (PACE Anti-Piracy, Inc.) -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe PRC - [2009.10.09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe PRC - [2009.10.02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009.06.09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe PRC - [2008.11.09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe ========== Modules (No Company Name) ========== MOD - [2012.12.13 07:18:21 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe MOD - [2012.08.17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll ========== Services (SafeList) ========== SRV:64bit: - [2012.06.28 09:53:00 | 004,941,768 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms) SRV:64bit: - [2009.09.19 07:17:42 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2007.05.25 09:42:12 | 000,567,216 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxddcoms.exe -- (lxdd_device) SRV - [2013.01.19 10:42:40 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.01.08 22:20:28 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.01.08 12:53:48 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.12.22 10:48:14 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -- (AVP) SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.11.28 16:34:18 | 000,793,600 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2012.11.12 19:47:35 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai) SRV - [2011.09.08 16:48:36 | 006,583,160 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV - [2011.09.08 16:48:36 | 000,528,760 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV - [2011.05.14 16:12:25 | 000,040,960 | -H-- | M] () [Auto | Stopped] -- C:\Users\Admin\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer) SRV - [2011.03.28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2011.03.04 02:31:08 | 000,428,640 | ---- | M] (Logicool Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2010.12.24 01:26:10 | 002,678,784 | ---- | M] (PACE Anti-Piracy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe -- (PaceLicenseDServices) SRV - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.24 22:52:00 | 003,411,964 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc) SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010.01.16 10:01:56 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009.10.20 19:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2009.10.09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0) SRV - [2009.10.02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2009.06.26 11:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.06.09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2008.11.09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008.02.15 12:08:56 | 000,675,840 | ---- | M] (RapidSolution Software AG) [Auto | Stopped] -- C:\Program Files (x86)\RapidSolution\Scramby\ScrambyServer.exe -- (ScrambyServer) SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.12.22 10:58:33 | 000,054,104 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi) DRV:64bit: - [2012.12.22 10:58:32 | 000,613,720 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2012.10.25 12:42:02 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2012.10.25 12:42:02 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt) DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.08.13 16:49:40 | 000,178,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps) DRV:64bit: - [2012.08.02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2012.06.28 09:51:36 | 000,139,592 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge) DRV:64bit: - [2012.06.19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1) DRV:64bit: - [2012.03.08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012.03.01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 10:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.11.22 15:14:54 | 000,078,208 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf) DRV:64bit: - [2011.09.28 16:31:30 | 000,321,536 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock) DRV:64bit: - [2011.09.08 16:49:36 | 000,013,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:64bit: - [2011.04.28 21:18:04 | 000,053,080 | ---- | M] (TASCAM) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tscusb2a.sys -- (TASCAM_US122L_MK2_WDM) DRV:64bit: - [2011.04.28 21:18:04 | 000,031,576 | ---- | M] (TASCAM) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tscusb2m.sys -- (TASCAM_US122L_MK2_MIDI) DRV:64bit: - [2011.04.28 21:18:02 | 000,419,160 | ---- | M] (TASCAM) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tascusb2.sys -- (TASCAM_US122144) DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.04 02:25:20 | 004,183,904 | ---- | M] (Logicool Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) DRV:64bit: - [2011.03.04 02:23:54 | 000,341,856 | ---- | M] (Logicool Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2011.03.04 02:22:18 | 000,023,904 | ---- | M] (Logicool Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64) DRV:64bit: - [2010.11.03 17:39:48 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd) DRV:64bit: - [2010.07.12 19:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2010.07.01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc) DRV:64bit: - [2009.10.20 19:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2009.10.02 21:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.09.26 16:42:58 | 000,233,984 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2009.09.22 00:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:64bit: - [2009.09.19 09:32:38 | 006,170,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009.08.23 19:02:30 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.08.06 13:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2009.02.24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus) DRV:64bit: - [2008.12.26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) DRV:64bit: - [2007.08.08 07:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scramby_out.sys -- (scramby_out) DRV:64bit: - [2007.02.16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV:64bit: - [2007.02.13 16:41:26 | 000,029,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scramby.sys -- (scramby) DRV:64bit: - [2007.02.08 14:48:04 | 000,051,600 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dsiarhwprog_x64.sys -- (usbio) DRV:64bit: - [2006.11.01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.06.26 10:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\RxFilter.sys -- (RxFilter) DRV - [2009.02.24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus) DRV - [2005.01.04 10:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:64bit: - HKLM\..\SearchScopes\{D3002098-23EB-4763-8950-F81D631452E5}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {77f8c945-4b74-4bd6-a073-e0d1997edce8} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{15FC92E4-6109-4150-822A-4EA343480B2C}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1700389 IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll (Spigot, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files (x86)\AutocompletePro\support@predictad.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2012.12.22 10:58:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2012.12.22 10:58:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2012.12.22 10:58:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.19 10:42:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.19 10:42:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.19 10:42:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.19 10:42:38 | 000,000,000 | ---D | M] [2013.01.27 17:35:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***-PC\AppData\Roaming\mozilla\Extensions [2013.01.19 10:42:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.01.19 10:42:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013.01.19 10:42:36 | 000,000,000 | ---D | M] (Babylon OCR) -- C:\Program Files (x86)\mozilla firefox\extensions\ocr@babylon.com [2013.01.19 10:42:40 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010.02.21 11:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2010.03.19 08:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll [2006.08.09 11:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npWebLaunch.dll [2012.06.18 06:16:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.01.18 14:06:00 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012.08.30 06:04:07 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.06.18 06:16:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.07.31 10:19:46 | 000,002,029 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\esnips.xml [2011.07.21 21:15:16 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src [2012.06.18 06:16:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.18 06:16:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.18 06:16:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.03.01 13:41:57 | 000,001,296 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 adobe.activate.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll (Conduit Ltd.) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {77f8c945-4b74-4bd6-a073-e0d1997edce8} - No CLSID value found. O2 - BHO: (no name) - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - No CLSID value found. O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll (Spigot, Inc.) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {77f8c945-4b74-4bd6-a073-e0d1997edce8} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe (Sonic Solutions) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (C:\Program Files\Java\jre6\bin\npjpi160_14.dll) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5795B48A-38C7-448A-9D22-5309FF5BFE33}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 0 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.31 16:32:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***-PC\Desktop\OTL.exe [2013.01.31 12:04:57 | 000,419,160 | ---- | C] (TASCAM) -- C:\Windows\SysNative\drivers\tascusb2.sys [2013.01.31 12:04:57 | 000,031,576 | ---- | C] (TASCAM) -- C:\Windows\SysNative\drivers\tscusb2m.sys [2013.01.31 12:04:57 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Desktop\TASCAM_USB2_X64_2.03 [2013.01.31 11:46:35 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Audacity [2013.01.31 11:36:42 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.01.31 11:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.01.31 11:36:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.01.31 06:59:03 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\{05CAC5D8-766F-4611-816E-6DC4632083A4} [2013.01.30 23:28:48 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Desktop\reaction for tumblr [2013.01.30 18:58:40 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\{3373E849-193D-4655-A52F-3A962E304798} [2013.01.30 06:58:17 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\{BE86FE1B-87EC-4F43-8E4E-885E0ADBDC57} [2013.01.29 21:51:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013.01.29 21:51:57 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013.01.29 20:55:16 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\uTorrent [2013.01.29 20:14:27 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\ElevatedDiagnostics [2013.01.29 19:39:40 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\Diagnostics [2013.01.29 19:35:51 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\U T A U [2013.01.29 19:35:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UTAU [2013.01.29 18:57:53 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\{3462C14C-CA87-44B8-B306-C712460E7D94} [2013.01.29 16:00:59 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Documents\Meine empfangenen Dateien [2013.01.29 15:58:35 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\WinRAR [2013.01.29 12:51:29 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\UTAU [2013.01.29 08:41:48 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\fontconfig [2013.01.29 08:41:44 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\gegl-0.2 [2013.01.29 08:41:44 | 000,000,000 | ---D | C] -- C:\Users\***-PC\.gimp-2.8 [2013.01.29 06:57:29 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\{431EAA5F-3156-404B-BC87-54CD0322DAC8} [2013.01.28 22:33:06 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Corel [2013.01.28 20:51:32 | 000,000,000 | ---D | C] -- C:\Users\***-PC\.MCReferenceSdk [2013.01.28 18:57:06 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\{DC43B60C-702B-410D-90C8-A961E3D830D7} [2013.01.28 13:02:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegCleaner [2013.01.28 09:01:45 | 000,000,000 | ---D | C] -- C:\Riot Games [2013.01.28 09:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2013.01.28 09:00:01 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Documents\My Recordings [2013.01.28 08:50:27 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Acoustica [2013.01.28 07:41:10 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Desktop\League of Legends [2013.01.28 07:39:03 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\PMB Files [2013.01.28 07:38:02 | 000,000,000 | ---D | C] -- C:\Users\***-PC\.swt [2013.01.28 06:56:42 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\{5018A585-CC77-4464-B2B9-09E3F4DDFE8D} [2013.01.28 06:56:29 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Tracing [2013.01.27 20:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2013.01.27 19:52:09 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Documents\Best Service [2013.01.27 19:48:27 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Documents\REAPER Media [2013.01.27 19:39:07 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\REAPER [2013.01.27 18:30:17 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Skype [2013.01.27 18:24:17 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\Apple Computer [2013.01.27 18:21:20 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\{B54CF8C2-A275-4D5E-B97A-48000F3E8958} [2013.01.27 18:21:00 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Windows Live Writer [2013.01.27 18:21:00 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\Windows Live Writer [2013.01.27 18:05:27 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\IrfanView [2013.01.27 18:03:08 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Daichi [2013.01.27 18:02:13 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Desktop\Best Service [2013.01.27 18:02:13 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Best Service [2013.01.27 18:00:35 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Desktop\Audio [2013.01.27 17:53:19 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\SynthMaker [2013.01.27 17:53:10 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\PACE Anti-Piracy [2013.01.27 17:53:10 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\PACE Anti-Piracy [2013.01.27 17:53:09 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Celemony Software GmbH [2013.01.27 17:52:52 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Documents\VST3 Presets [2013.01.27 17:52:37 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Steinberg [2013.01.27 17:36:12 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\Macromedia [2013.01.27 17:35:07 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Mozilla [2013.01.27 17:35:07 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\Mozilla [2013.01.27 17:34:29 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Dell [2013.01.27 17:34:13 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\Stardock_Corporation [2013.01.27 17:34:03 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Intel Corporation [2013.01.27 17:33:59 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Wacom [2013.01.27 17:33:59 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Adobe [2013.01.27 17:33:58 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Apple Computer [2013.01.27 17:33:57 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\Adobe [2013.01.27 17:33:36 | 000,000,000 | R--D | C] -- C:\Users\***-PC\Searches [2013.01.27 17:33:36 | 000,000,000 | R--D | C] -- C:\Users\***-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.01.27 17:33:24 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Identities [2013.01.27 17:33:22 | 000,000,000 | R--D | C] -- C:\Users\***-PC\Contacts [2013.01.27 17:33:20 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\VirtualStore [2013.01.27 17:33:19 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\WTablet [2013.01.27 17:29:00 | 000,000,000 | --SD | C] -- C:\Users\***-PC\AppData\Roaming\Microsoft [2013.01.27 17:29:00 | 000,000,000 | R--D | C] -- C:\Users\***-PC\Videos [2013.01.27 17:29:00 | 000,000,000 | R--D | C] -- C:\Users\***-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.01.27 17:29:00 | 000,000,000 | R--D | C] -- C:\Users\***-PC\Saved Games [2013.01.27 17:29:00 | 000,000,000 | R--D | C] -- C:\Users\***-PC\Pictures [2013.01.27 17:29:00 | 000,000,000 | R--D | C] -- C:\Users\***-PC\Music [2013.01.27 17:29:00 | 000,000,000 | R--D | C] -- C:\Users\***-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.01.27 17:29:00 | 000,000,000 | R--D | C] -- C:\Users\***-PC\Links [2013.01.27 17:29:00 | 000,000,000 | R--D | C] -- C:\Users\***-PC\Favorites [2013.01.27 17:29:00 | 000,000,000 | R--D | C] -- C:\Users\***-PC\Downloads [2013.01.27 17:29:00 | 000,000,000 | R--D | C] -- C:\Users\***-PC\Documents [2013.01.27 17:29:00 | 000,000,000 | R--D | C] -- C:\Users\***-PC\Desktop [2013.01.27 17:29:00 | 000,000,000 | R--D | C] -- C:\Users\***-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\Vorlagen [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\AppData\Local\Verlauf [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\AppData\Local\Temporary Internet Files [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\Startmenü [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\SendTo [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\Recent [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\Netzwerkumgebung [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\Lokale Einstellungen [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\Documents\Eigene Videos [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\Documents\Eigene Musik [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\Eigene Dateien [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\Documents\Eigene Bilder [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\Druckumgebung [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\Cookies [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\AppData\Local\Anwendungsdaten [2013.01.27 17:29:00 | 000,000,000 | -HSD | C] -- C:\Users\***-PC\Anwendungsdaten [2013.01.27 17:29:00 | 000,000,000 | -H-D | C] -- C:\Users\***-PC\AppData [2013.01.27 17:29:00 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\Temp [2013.01.27 17:29:00 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\SoftThinks [2013.01.27 17:29:00 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Local\Microsoft [2013.01.27 17:29:00 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Media Center Programs [2013.01.27 17:29:00 | 000,000,000 | ---D | C] -- C:\Users\***-PC\AppData\Roaming\Macromedia [2013.01.27 16:20:36 | 000,000,000 | ---D | C] -- C:\62ef35c05cc535deb7a818 [2013.01.25 15:33:28 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Desktop\連続音Ver2.0 [2013.01.24 15:08:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Yellow Tools [2013.01.24 14:04:18 | 000,000,000 | ---D | C] -- C:\Yellow tools [2013.01.24 14:00:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\{DF32A56C-8D61-4984-B646-D465E616CF2C} [2013.01.24 14:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Engine 2 [2013.01.24 14:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Best Service [2013.01.24 14:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Best Service [2013.01.24 14:00:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\{019B143A-9DF7-4A4E-9071-1FB3892DDD09} [2013.01.24 14:00:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Yellow Tools [2013.01.21 20:32:10 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd [2013.01.21 20:24:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd [2013.01.21 20:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech [2013.01.21 20:24:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LWS [2013.01.21 20:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2013.01.21 20:23:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech [2013.01.21 20:23:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd [2013.01.19 10:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.01.07 07:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013.01.07 07:07:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013.01.07 07:07:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013.01.07 07:07:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.01.04 02:24:47 | 000,086,016 | ---- | C] (飴屋プロジェクト) -- C:\Users\***-PC\Desktop\utauColors.exe [2013.01.04 02:20:09 | 000,000,000 | ---D | C] -- C:\Users\***-PC\Desktop\plugins [17 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [17 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.31 16:58:16 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.31 16:58:16 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.31 16:51:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.01.31 16:50:59 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job [2013.01.31 16:50:59 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\WinMaximizer64-Emran-Startup.job [2013.01.31 16:50:56 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.01.31 16:50:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.31 16:50:43 | 3189,043,200 | -HS- | M] () -- C:\hiberfil.sys [2013.01.31 16:33:59 | 000,365,568 | ---- | M] () -- C:\Users\***-PC\Desktop\gmer_2.0.18454.exe [2013.01.31 16:32:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***-PC\Desktop\OTL.exe [2013.01.31 16:27:13 | 000,050,477 | ---- | M] () -- C:\Users\***-PC\Desktop\Defogger.exe [2013.01.31 16:21:16 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.01.31 11:36:42 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2013.01.30 22:59:14 | 000,000,852 | ---- | M] () -- C:\Users\***-PC\AppData\Local\recently-used.xbel [2013.01.30 07:17:31 | 002,296,356 | ---- | M] () -- C:\Users\***-PC\Desktop\32497302_kc_135708596110.png [2013.01.30 07:16:31 | 000,085,393 | ---- | M] () -- C:\Users\***-PC\Desktop\porn.jpg [2013.01.29 22:37:01 | 000,001,542 | ---- | M] () -- C:\Users\***-PC\Documents\cc_20130129_223659.reg [2013.01.29 22:36:31 | 000,038,028 | ---- | M] () -- C:\Users\***-PC\Documents\cc_20130129_223627.reg [2013.01.29 21:57:13 | 000,600,834 | ---- | M] () -- C:\Users\***-PC\Documents\cc_20130129_215705.reg [2013.01.29 21:51:58 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.01.29 19:35:51 | 000,002,019 | ---- | M] () -- C:\Users\***-PC\Desktop\UTAU - 歌声合成ツール.lnk [2013.01.28 19:23:13 | 000,002,370 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf [2013.01.28 17:58:55 | 000,005,888 | ---- | M] () -- C:\Users\***-PC\Desktop\brothers.mid [2013.01.28 16:26:57 | 007,526,469 | ---- | M] () -- C:\Users\***-PC\Documents\Sonika - Mad World.mp3 [2013.01.28 16:03:29 | 000,137,996 | ---- | M] () -- C:\Users\***-PC\Documents\sonika.mp3 [2013.01.28 13:02:42 | 000,000,964 | ---- | M] () -- C:\Users\***-PC\Desktop\RegCleaner.lnk [2013.01.28 09:10:51 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk [2013.01.27 21:41:46 | 005,865,082 | ---- | M] () -- C:\Users\***-PC\Documents\Tibo Hauku x Angela - YELLOW TRICK.mp3 [2013.01.27 20:57:09 | 000,004,698 | ---- | M] () -- C:\Users\***-PC\Desktop\utaucolors.ini [2013.01.27 19:43:29 | 005,043,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.01.27 18:00:11 | 000,020,426 | ---- | M] () -- C:\Users\***-PC\Desktop\..love...mid [2013.01.09 07:44:35 | 001,509,050 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.01.09 07:44:35 | 000,643,860 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.01.09 07:44:35 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.01.09 07:44:35 | 000,129,564 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.01.09 07:44:35 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.01.07 07:07:25 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.01.02 20:13:56 | 000,327,680 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [17 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [17 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.31 16:33:55 | 000,365,568 | ---- | C] () -- C:\Users\***-PC\Desktop\gmer_2.0.18454.exe [2013.01.31 16:27:13 | 000,050,477 | ---- | C] () -- C:\Users\***-PC\Desktop\Defogger.exe [2013.01.30 22:59:14 | 000,000,852 | ---- | C] () -- C:\Users\***-PC\AppData\Local\recently-used.xbel [2013.01.30 07:17:14 | 002,296,356 | ---- | C] () -- C:\Users\***-PC\Desktop\32497302_kc_135708596110.png [2013.01.30 07:16:27 | 000,085,393 | ---- | C] () -- C:\Users\***-PC\Desktop\porn.jpg [2013.01.29 22:37:00 | 000,001,542 | ---- | C] () -- C:\Users\***-PC\Documents\cc_20130129_223659.reg [2013.01.29 22:36:30 | 000,038,028 | ---- | C] () -- C:\Users\***-PC\Documents\cc_20130129_223627.reg [2013.01.29 21:57:08 | 000,600,834 | ---- | C] () -- C:\Users\***-PC\Documents\cc_20130129_215705.reg [2013.01.29 21:51:58 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.01.29 19:35:51 | 000,002,019 | ---- | C] () -- C:\Users\***-PC\Desktop\UTAU - 歌声合成ツール.lnk [2013.01.28 17:58:53 | 000,005,888 | ---- | C] () -- C:\Users\***-PC\Desktop\brothers.mid [2013.01.28 16:24:41 | 007,526,469 | ---- | C] () -- C:\Users\***-PC\Documents\Sonika - Mad World.mp3 [2013.01.28 16:03:23 | 000,137,996 | ---- | C] () -- C:\Users\***-PC\Documents\sonika.mp3 [2013.01.28 13:02:14 | 000,000,964 | ---- | C] () -- C:\Users\***-PC\Desktop\RegCleaner.lnk [2013.01.28 09:10:51 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk [2013.01.27 21:39:20 | 005,865,082 | ---- | C] () -- C:\Users\***-PC\Documents\Tibo Hauku x Angela - YELLOW TRICK.mp3 [2013.01.27 18:00:09 | 000,020,426 | ---- | C] () -- C:\Users\***-PC\Desktop\..love...mid [2013.01.27 17:33:54 | 000,001,411 | ---- | C] () -- C:\Users\***-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2013.01.27 17:33:47 | 000,001,445 | ---- | C] () -- C:\Users\***-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.01.07 07:07:25 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.01.04 02:24:47 | 000,004,698 | ---- | C] () -- C:\Users\***-PC\Desktop\utaucolors.ini [2012.10.18 12:33:10 | 000,038,520 | ---- | C] () -- C:\Windows\SysWow64\RGBAcodec.dll [2012.08.11 11:04:40 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll [2012.05.26 09:10:15 | 000,235,008 | ---- | C] () -- C:\Windows\SysWow64\libdiscord.dll [2012.03.03 11:25:38 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2012.01.23 15:21:16 | 000,647,168 | ---- | C] () -- C:\Windows\SysWow64\sonicismdsp.dll [2011.12.29 18:01:27 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys [2011.10.29 12:30:34 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011.10.09 19:30:06 | 000,087,040 | ---- | C] () -- C:\Windows\UnGins.exe [2011.10.09 19:30:02 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\Unlha32.dll [2011.10.09 12:25:59 | 000,001,682 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011.10.09 12:25:59 | 000,000,088 | ---- | C] () -- C:\ProgramData\1D05CC689B.sys [2011.09.24 13:21:16 | 000,249,344 | ---- | C] () -- C:\Windows\SysWow64\imsised.exe [2011.09.24 13:21:16 | 000,070,656 | ---- | C] () -- C:\Windows\SysWow64\imsfchk.dll [2011.08.16 20:45:20 | 000,207,360 | ---- | C] () -- C:\Windows\SysWow64\imsised64.exe [2011.08.16 20:14:22 | 000,087,552 | ---- | C] () -- C:\Windows\SysWow64\imsised.dll [2011.08.05 20:32:36 | 000,034,304 | ---- | C] () -- C:\Windows\SysWow64\imslevel.dll [2011.08.05 20:22:00 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\imsaiff.dll [2011.08.05 20:21:39 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\DGRip.dll [2011.04.21 12:45:06 | 000,000,724 | ---- | C] () -- C:\Windows\wacam.ini [2011.03.04 02:26:22 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2011.03.04 02:26:22 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2011.03.04 02:26:16 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll ========== ZeroAccess Check ========== [2010.03.27 15:49:46 | 000,104,772 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-1016830665-1721500508-3756597116-1002\$R6K6RLA\n.wav [2010.03.27 15:48:00 | 000,077,212 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-1016830665-1721500508-3756597116-1002\$R6K6RLA\u.wav [2011.08.13 15:46:50 | 000,045,100 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-1016830665-1721500508-3756597116-1002\$RQXS4ZK\n.wav [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.01.28 08:50:27 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\Acoustica [2013.01.31 14:50:13 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\Audacity [2013.01.27 18:02:13 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\Best Service [2013.01.27 17:53:45 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\Celemony Software GmbH [2013.01.27 18:03:08 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\Daichi [2013.01.27 18:05:29 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\IrfanView [2013.01.27 17:53:10 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\PACE Anti-Piracy [2013.01.28 17:32:15 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\REAPER [2013.01.27 17:54:24 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\Steinberg [2013.01.27 17:53:19 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\SynthMaker [2013.01.29 12:51:29 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\UTAU [2013.01.29 23:47:22 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\uTorrent [2013.01.27 17:33:59 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\Wacom [2013.01.27 18:21:00 | 000,000,000 | ---D | M] -- C:\Users\***-PC\AppData\Roaming\Windows Live Writer ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:F63A059B @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:5DEDED40 @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:85F85433 @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:A9472ABF @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:9BA71DD7 @Alternate Data Stream - 1085 bytes -> C:\ProgramData\Microsoft:UeWE8ApFmR77fNXurlVQ7MCiqOHH @Alternate Data Stream - 1044 bytes -> C:\ProgramData\Microsoft:T9Z2EREtrLlXnz83Bg71HueVkov < End of report > Ich hoffe ich habe alles richtig gemacht  mfg Emoto |
|
01.02.2013, 11:41
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  CPU auslastung ständig bei 30% - Was dagegen tuen?Zitat:
 Diese Einträge in der Hosts dienen dazu, raubkopierte (gecrackte) Software lauffähig zu machen  Siehe auch => http://www.trojaner-board.de/95393-c...-software.html Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden. Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!! Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein! In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials
__________________ |
|
| Themen zu CPU auslastung ständig bei 30% - Was dagegen tuen? |
| 7-zip, akamai, audacity, auslastung, bho, bonjour, browser, converter, cubase, downloader, error, failed, festplatte, flash player, google, home, install.exe, kaspersky, logfile, mp3, msiinstaller, msvcrt, plug-in, problem, realtek, recuva, recycle.bin, registry, scan, security, server, software, svchost.exe, tablet, windows, winload toolbar |
Linear-Darstellung
