| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7 - PC friert unregelmäßg einWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.05.2013, 19:53
| #1 |
 |  Windows 7 - PC friert unregelmäßg ein Hallo, da ich seit Monaten jetzt ein Problem damit habe habe ich mich endlich dazu entschieden mal wo anders Hilfe zu holen, die ich hier hoffentlich auch bekomme. Ich habe ein Win7 Rechner, 64bit mit einem etwas älteren Dualcore Prozessor, der Rest sollte glaube ich irrelevant sein. Jedenfalls friert der PC in unregelmäßigen Abständen für ein paar Sekunden ein (2-3 Sekunden jedes Mal, wo auch z.B. die Musik anfängt zu ruckeln) und komischerweise meine Internetverbindung für diesen Zeitraum gekappt wird. Im Anhang ist ein Screenshot wo dies auch in einem Fehlerbericht zu sehen ist, den man unter Start, Computer -> Rechtsklick -> Verwalten findet. In diesem System Protokoll sind mittlerweile mehr als 73.000!! dieser Meldungen. Im Task-Manager ist kein Task dafür verantwortlich da diese alle in diesem Zeitraum keine auffällige Auslastung haben, bzw. normal bleiben. Wenn ich mir die Prozessor Temperatur ansehe, steigt diese lediglich um 2-3 Grad jedes Mal und normalisiert sich dann wieder. Habe hier ein Log das eigentlich das wichtigste schon erklären sollte, allerdings wüsste ich von euch gerne genau was da zu tun ist: Code:
ATTFilter DLL im Lanmanworkstation Schlüssel: %SystemRoot%\System32\wkssvc.dll
Geladene DLL: C:\Windows\System32\wkssvc.dll
Signatur der DLL: Microsoft Windows
Rückgabe der Signaturermittlung: Der Vorgang wurde erfolgreich beendet.
MD5 der DLL: 851A1382EED3E3A7476DB004F4EE3E1A
DLL im Dnscache Schlüssel: %SystemRoot%\System32\poua4ksfr.dll
Geladene DLL: C:\Windows\System32\poua4ksfr.dll
Signatur der DLL:
Rückgabe der Signaturermittlung: Das System kann die angegebene Datei nicht finden.
MD5 der DLL:
Die im Dnscache Schlüssel angegebene DLL konnte nicht gefunden werden!
Auf ihrem Rechner wurde eine Datei gefunden, die auf eine Infektion mit einem
Mediyes Trojaner hindeuten könnte!
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.05.04.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16540 Gary :: GARY-PC [Administrator] Schutz: Aktiviert 04.05.2013 20:47:28 mbam-log-2013-05-04 (20-47-28).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 261477 Laufzeit: 4 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Danke im Vorraus! lg, Gary |
|
06.05.2013, 11:14
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 7 - PC friert unregelmäßg ein Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
06.05.2013, 16:07
| #3 |
| | Windows 7 - PC friert unregelmäßg ein Das erste Log das ich gepostet habe, von Farbar Service Scan, ist das einzige das diesen Schädling erkannt hat, Malwarebytes hat wie man im zweiten Log sieht nichts erkennt, Avira erkennt auch nichts und sonst sind alle anderen Scanner auch nicht fündig geworden..
__________________Geändert von Core70 (06.05.2013 um 16:35 Uhr) |
|
06.05.2013, 16:09
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 - PC friert unregelmäßg ein Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ "Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak) Das Trojaner-Board unterstützen Warum Linux besser als Windows ist! |
|
06.05.2013, 16:34
| #5 |
| | Windows 7 - PC friert unregelmäßg ein OTL Kontrolle bereits gemacht, hat nichts gebracht: Code:
ATTFilter OTL logfile created on: 02.05.2013 18:17:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gary\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00001007 | Country: Luxemburg | Language: DEL | Date Format: dd.MM.yyyy 6,00 Gb Total Physical Memory | 3,12 Gb Available Physical Memory | 51,93% Memory free 12,00 Gb Paging File | 8,66 Gb Available in Paging File | 72,15% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,75 Gb Total Space | 140,08 Gb Free Space | 30,08% Space Free | Partition Type: NTFS Computer Name: GARY-PC | User Name: Gary | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.02 18:14:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe PRC - [2013.03.28 05:08:58 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.03.28 05:08:49 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.03.28 05:08:49 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2013.02.16 21:32:34 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe PRC - [2013.02.09 19:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012.09.10 16:58:16 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe PRC - [2012.08.29 14:00:12 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe PRC - [2012.08.27 21:32:54 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe PRC - [2012.08.13 12:11:44 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2012.08.13 12:11:44 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2011.11.11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011.07.11 23:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe ========== Modules (No Company Name) ========== MOD - [2013.05.02 16:37:53 | 000,204,800 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\winamp.lng MOD - [2013.05.02 16:37:53 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\winampa.lng MOD - [2013.05.02 16:37:52 | 000,155,648 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\vis_milk2.lng MOD - [2013.05.02 16:37:52 | 000,088,064 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\vis_avs.lng MOD - [2013.05.02 16:37:52 | 000,039,424 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_wifi.lng MOD - [2013.05.02 16:37:52 | 000,007,680 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\vis_nsfs.lng MOD - [2013.05.02 16:37:52 | 000,006,144 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\tagz.lng MOD - [2013.05.02 16:37:51 | 000,056,320 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_local.lng MOD - [2013.05.02 16:37:51 | 000,047,104 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_pmp.lng MOD - [2013.05.02 16:37:51 | 000,036,864 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_ipod.lng MOD - [2013.05.02 16:37:51 | 000,036,352 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ombrowser.lng MOD - [2013.05.02 16:37:51 | 000,034,816 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_plg.lng MOD - [2013.05.02 16:37:51 | 000,020,480 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_android.lng MOD - [2013.05.02 16:37:51 | 000,016,384 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\out_ds.lng MOD - [2013.05.02 16:37:51 | 000,014,848 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_wire.lng MOD - [2013.05.02 16:37:51 | 000,014,336 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_online.lng MOD - [2013.05.02 16:37:51 | 000,012,800 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_playlists.lng MOD - [2013.05.02 16:37:51 | 000,011,776 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_usb.lng MOD - [2013.05.02 16:37:51 | 000,008,192 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_transcode.lng MOD - [2013.05.02 16:37:51 | 000,007,680 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\out_wave.lng MOD - [2013.05.02 16:37:51 | 000,006,144 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\out_disk.lng MOD - [2013.05.02 16:37:51 | 000,005,120 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_rg.lng MOD - [2013.05.02 16:37:51 | 000,004,608 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_activesync.lng MOD - [2013.05.02 16:37:51 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_p4s.lng MOD - [2013.05.02 16:37:51 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_orb.lng MOD - [2013.05.02 16:37:51 | 000,003,584 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\pmp_njb.lng MOD - [2013.05.02 16:37:51 | 000,003,584 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_nowplaying.lng MOD - [2013.05.02 16:37:51 | 000,003,072 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\playlist.lng MOD - [2013.05.02 16:37:50 | 000,047,616 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_disc.lng MOD - [2013.05.02 16:37:50 | 000,023,040 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_mp3.lng MOD - [2013.05.02 16:37:50 | 000,020,480 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_midi.lng MOD - [2013.05.02 16:37:50 | 000,018,944 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_mod.lng MOD - [2013.05.02 16:37:50 | 000,015,360 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_wm.lng MOD - [2013.05.02 16:37:50 | 000,014,336 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_cdda.lng MOD - [2013.05.02 16:37:50 | 000,011,776 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_nsv.lng MOD - [2013.05.02 16:37:50 | 000,011,776 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_skinmanager.lng MOD - [2013.05.02 16:37:50 | 000,011,264 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_vorbis.lng MOD - [2013.05.02 16:37:50 | 000,010,752 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_undo.lng MOD - [2013.05.02 16:37:50 | 000,010,240 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_timerestore.lng MOD - [2013.05.02 16:37:50 | 000,009,728 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_downloads.lng MOD - [2013.05.02 16:37:50 | 000,009,216 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_nopro.lng MOD - [2013.05.02 16:37:50 | 000,008,704 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_history.lng MOD - [2013.05.02 16:37:50 | 000,008,704 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_devices.lng MOD - [2013.05.02 16:37:50 | 000,008,192 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_tray.lng MOD - [2013.05.02 16:37:50 | 000,007,168 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_orgler.lng MOD - [2013.05.02 16:37:50 | 000,006,656 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_autotag.lng MOD - [2013.05.02 16:37:50 | 000,006,656 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_wav.lng MOD - [2013.05.02 16:37:50 | 000,006,656 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_dshow.lng MOD - [2013.05.02 16:37:50 | 000,005,632 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_wave.lng MOD - [2013.05.02 16:37:50 | 000,005,632 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_flac.lng MOD - [2013.05.02 16:37:50 | 000,005,120 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_impex.lng MOD - [2013.05.02 16:37:50 | 000,005,120 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_bookmarks.lng MOD - [2013.05.02 16:37:50 | 000,005,120 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_mp4.lng MOD - [2013.05.02 16:37:50 | 000,005,120 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_avi.lng MOD - [2013.05.02 16:37:50 | 000,004,608 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_enqplay.lng MOD - [2013.05.02 16:37:50 | 000,004,608 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_wv.lng MOD - [2013.05.02 16:37:50 | 000,004,608 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_mkv.lng MOD - [2013.05.02 16:37:50 | 000,003,584 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\ml_addons.lng MOD - [2013.05.02 16:37:50 | 000,003,584 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_swf.lng MOD - [2013.05.02 16:37:50 | 000,003,584 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_linein.lng MOD - [2013.05.02 16:37:50 | 000,003,584 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\in_flv.lng MOD - [2013.05.02 16:37:49 | 000,069,120 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\burnlib.lng MOD - [2013.05.02 16:37:49 | 000,041,984 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_jumpex.lng MOD - [2013.05.02 16:37:49 | 000,023,552 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_classicart.lng MOD - [2013.05.02 16:37:49 | 000,023,040 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_ff.lng MOD - [2013.05.02 16:37:49 | 000,021,504 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_ml.lng MOD - [2013.05.02 16:37:49 | 000,013,824 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\dsp_sps.lng MOD - [2013.05.02 16:37:49 | 000,011,264 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_hotkeys.lng MOD - [2013.05.02 16:37:49 | 000,010,752 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\auth.lng MOD - [2013.05.02 16:37:49 | 000,007,168 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_crasher.lng MOD - [2013.05.02 16:37:49 | 000,006,656 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\enc_fhgaac.lng MOD - [2013.05.02 16:37:49 | 000,006,144 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\enc_wma.lng MOD - [2013.05.02 16:37:49 | 000,005,632 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\enc_lame.lng MOD - [2013.05.02 16:37:49 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\gen_find_on_disk.lng MOD - [2013.05.02 16:37:49 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\enc_wav.lng MOD - [2013.05.02 16:37:49 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\enc_vorbis.lng MOD - [2013.05.02 16:37:49 | 000,004,096 | ---- | M] () -- C:\Users\Gary\AppData\Local\Temp\WLZ9156.tmp\enc_flac.lng MOD - [2012.08.10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2011.11.11 14:08:18 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll MOD - [2011.11.11 14:08:18 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll MOD - [2011.11.11 14:08:18 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll MOD - [2011.11.11 14:08:18 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll MOD - [2011.11.11 14:08:06 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.09.07 04:15:34 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s MOD - [2011.09.07 04:15:34 | 000,174,080 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\auth.w5s MOD - [2011.09.07 04:15:34 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s MOD - [2011.09.07 04:15:34 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s MOD - [2011.09.07 04:15:34 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s MOD - [2011.09.07 04:15:34 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s MOD - [2011.09.07 04:15:34 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll MOD - [2011.09.07 04:15:34 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll MOD - [2011.09.07 04:15:34 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\devices.w5s MOD - [2011.09.07 04:15:34 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\timer.w5s MOD - [2011.09.07 04:15:34 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s MOD - [2011.09.07 04:15:34 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s MOD - [2011.09.07 04:15:34 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s MOD - [2011.09.07 04:15:34 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s MOD - [2011.09.07 04:15:34 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s MOD - [2011.09.07 04:15:34 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s MOD - [2011.09.07 04:15:34 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\filereader.w5s MOD - [2011.09.07 04:15:34 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s MOD - [2011.09.07 04:15:33 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll MOD - [2011.09.07 04:15:33 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll MOD - [2011.09.07 04:15:33 | 000,113,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll MOD - [2011.09.07 04:15:33 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll MOD - [2011.09.07 04:15:33 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll MOD - [2011.09.07 04:15:33 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll MOD - [2011.09.07 04:15:33 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll MOD - [2011.09.07 04:15:33 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll MOD - [2011.09.07 04:15:33 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll MOD - [2011.09.07 04:15:33 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll MOD - [2011.09.07 04:15:33 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll MOD - [2011.09.07 04:15:32 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll MOD - [2011.09.07 04:15:32 | 000,083,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll MOD - [2011.09.07 04:15:32 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll MOD - [2011.09.07 04:15:31 | 000,293,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_local.dll MOD - [2011.09.07 04:15:31 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_online.dll MOD - [2011.09.07 04:15:29 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll MOD - [2011.09.07 04:15:29 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll MOD - [2011.09.07 04:15:29 | 000,200,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll MOD - [2011.09.07 04:15:29 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll MOD - [2011.09.07 04:15:29 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_history.dll MOD - [2011.09.07 04:15:29 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll MOD - [2011.09.07 04:15:29 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll MOD - [2011.09.07 04:15:28 | 000,285,696 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll MOD - [2011.09.07 04:15:28 | 000,252,416 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll MOD - [2011.09.07 04:15:28 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll MOD - [2011.09.07 04:15:28 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll MOD - [2011.09.07 04:15:28 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll MOD - [2011.09.07 04:15:28 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll MOD - [2011.09.07 04:15:28 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll MOD - [2011.09.07 04:15:28 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll MOD - [2011.09.07 04:15:28 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll MOD - [2011.09.07 04:15:28 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_linein.dll MOD - [2011.09.07 04:15:27 | 001,737,728 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll MOD - [2011.09.07 04:15:27 | 000,340,992 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac MOD - [2011.09.07 04:15:27 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll MOD - [2011.09.07 04:15:27 | 000,183,808 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll MOD - [2011.09.07 04:15:27 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll MOD - [2011.09.07 04:15:27 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll MOD - [2011.09.07 04:15:27 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll MOD - [2011.09.07 04:15:27 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll MOD - [2011.09.07 04:15:27 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll MOD - [2011.09.07 04:15:27 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll MOD - [2011.09.07 04:15:27 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll MOD - [2011.09.07 04:15:27 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll MOD - [2011.09.07 04:15:26 | 000,410,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll MOD - [2011.09.07 04:15:26 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll MOD - [2011.09.07 04:15:25 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll ========== Services (SafeList) ========== SRV - [2013.04.22 16:28:20 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.04.19 23:10:50 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.03.31 23:46:26 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.03.28 05:08:58 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.03.28 05:08:49 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2013.02.10 05:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.02.09 19:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2011.12.05 23:50:06 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service) SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.09.30 10:15:02 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Programme\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE -- (HerculesDJControlMP3) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.28 05:09:00 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2013.03.28 05:09:00 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2013.03.28 05:09:00 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.09.06 11:52:36 | 000,073,040 | ---- | M] (Dataram, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RAMDiskVE.sys -- (RAMDiskVE) DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.11.11 16:24:56 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn) DRV:64bit: - [2011.06.15 10:30:46 | 000,093,240 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:64bit: - [2011.05.10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.09.30 10:15:38 | 000,222,208 | ---- | M] (© Guillemot R&D, 2010. All rights reserved.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HDJMidi.sys -- (HDJMidi) DRV:64bit: - [2010.09.30 10:15:30 | 000,185,344 | ---- | M] (© Guillemot R&D, 2010. All rights reserved.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HDJBulk.sys -- (Bulk) DRV:64bit: - [2010.09.30 10:15:26 | 000,253,440 | ---- | M] (© Guillemot R&D, 2010. All rights reserved.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HDJAsioK.sys -- (HDJAsioK) DRV:64bit: - [2009.10.13 02:15:52 | 000,061,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\l160x64.sys -- (AtcL001) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2007.02.03 10:30:58 | 000,058,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64) DRV:64bit: - [2007.02.03 10:25:56 | 000,955,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CamDrL64.sys -- (CamDrL64) DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Gary\Desktop IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-LU IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E 32 CE CC 11 CC CC 01 [binary data] IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..\SearchScopes,DefaultScope = {CBD72339-BABA-4018-846B-9BB0501B8952} IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..\SearchScopes\{CBD72339-BABA-4018-846B-9BB0501B8952}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1 FF - prefs.js..network.proxy.type: 0 FF - prefs.js..browser.startup.homepage: FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Gary\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.31 23:46:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.31 23:46:27 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.02.18 16:08:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\mozilla\Extensions [2013.04.24 21:49:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\mozilla\Firefox\Profiles\yksloj73.default\extensions [2013.04.24 21:41:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\mozilla\Firefox\Profiles\yksloj73.default\extensions\ffxtlbr@babylon.com [2012.12.13 22:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\Gary\AppData\Roaming\mozilla\firefox\profiles\yksloj73.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2013.04.24 21:41:29 | 000,001,294 | ---- | M] () -- C:\Users\Gary\AppData\Roaming\mozilla\firefox\profiles\yksloj73.default\searchplugins\delta.xml [2013.02.04 16:36:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.11.03 03:25:58 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.07.30 20:48:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012.09.05 17:16:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.10.21 15:25:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013.03.31 23:46:27 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.03.31 23:46:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.04.24 21:41:19 | 000,006,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2013.03.31 23:46:25 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.03.31 23:46:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.03.31 23:46:25 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.03.31 23:46:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.31 23:46:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - No CLSID value found. O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (Hercules®) O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) O4 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) O4 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-2539292132-395309747-3638915529-1001\..Trusted Domains: sony.com ([]* in Trusted sites) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Key error.) O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1701DECB-2E39-4713-AD42-92009466C8B3}: DhcpNameServer = 85.94.224.1 85.94.224.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4EF9AA8-4C78-494E-89BF-A2397239E4DA}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.02 18:15:38 | 000,354,299 | ---- | C] (Farbar) -- C:\Users\Gary\Desktop\FSS.exe [2013.05.02 18:14:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe [2013.04.29 17:14:26 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Riptide [2013.04.24 21:48:51 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\AutomaticSolution Software [2013.04.24 21:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoClickerbyShocker [2013.04.24 21:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker by Shocker [2013.04.24 21:41:38 | 000,000,000 | ---D | C] -- C:\Users\Gary\Local Settings [2013.04.24 21:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2013.04.24 21:41:09 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Babylon [2013.04.22 22:19:35 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Emulator [2013.04.22 20:27:14 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\Schoul [2013.04.21 19:36:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip [2013.04.21 19:36:31 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\WinZip [2013.04.21 19:36:20 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip [2013.04.21 19:36:19 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip [2013.04.19 22:01:08 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\FLT [2013.04.19 21:34:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BioShock Infinite [2013.04.17 18:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.04.17 18:21:55 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.04.17 18:21:55 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.04.17 18:21:55 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.04.11 01:03:53 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.04.11 01:03:53 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.04.11 01:03:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.04.11 01:03:52 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.04.11 01:03:51 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.04.11 01:03:51 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.04.11 01:03:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.04.11 01:03:51 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.04.11 01:03:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.04.11 01:03:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.04.11 01:03:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.04.11 01:03:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.04.11 01:03:49 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.04.11 01:03:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.04.11 01:03:49 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.04.10 19:02:45 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.04.10 19:02:44 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.04.10 19:02:43 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013.04.10 19:02:43 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013.04.10 19:02:43 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013.04.10 19:02:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013.04.10 19:02:29 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.04.10 19:02:27 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.04.10 19:02:26 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.04.10 19:02:26 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013.04.10 19:02:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013.04.10 19:02:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013.04.05 21:22:55 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\Videoen [2013.04.05 21:08:27 | 000,000,000 | R--D | C] -- C:\Users\Gary\Documents\Ubisoft [2013.04.05 19:18:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM [2013.04.05 19:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE [2013.04.05 18:25:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.02 18:15:38 | 000,354,299 | ---- | M] (Farbar) -- C:\Users\Gary\Desktop\FSS.exe [2013.05.02 18:14:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe [2013.05.02 18:13:15 | 000,000,208 | ---- | M] () -- C:\Users\Gary\Desktop\chkhd.bat [2013.05.02 18:04:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.02 17:46:50 | 000,149,966 | ---- | M] () -- C:\Users\Gary\Desktop\problem1.png [2013.05.02 17:37:44 | 000,014,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.02 17:37:44 | 000,014,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.02 17:37:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.02 16:23:24 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.02 16:23:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.02 16:23:10 | 536,174,591 | -HS- | M] () -- C:\hiberfil.sys [2013.05.01 22:09:01 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2539292132-395309747-3638915529-1001UA.job [2013.05.01 19:09:01 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2539292132-395309747-3638915529-1001Core.job [2013.05.01 14:14:27 | 000,000,024 | ---- | M] () -- C:\Users\Gary\random.dat [2013.05.01 14:11:10 | 000,000,024 | ---- | M] () -- C:\Users\Gary\jagexappletviewer.preferences [2013.05.01 14:07:46 | 000,000,032 | ---- | M] () -- C:\Users\Gary\jagex_cl_runescape_LIVE.dat [2013.04.24 21:48:51 | 000,001,154 | ---- | M] () -- C:\Users\Public\Desktop\Auto Clicker by Shocker.lnk [2013.04.24 21:37:31 | 000,000,117 | ---- | M] () -- C:\Users\Gary\Desktop\bunnyhop.ahk [2013.04.22 16:28:19 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.04.22 16:28:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.04.21 22:17:06 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.21 22:17:06 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.21 22:17:06 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.21 22:17:06 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.21 22:17:06 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.19 21:51:57 | 000,002,235 | ---- | M] () -- C:\Users\Public\Desktop\Launch BioShock Infinite.lnk [2013.04.11 16:38:37 | 004,882,272 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.04 05:35:05 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.04.04 05:30:10 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.04.04 05:29:44 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.04.04 05:24:24 | 000,256,112 | ---- | M] () -- C:\Users\Gary\Desktop\163523_10200930456444971_1065856204_n.jpg [2013.04.04 05:23:29 | 000,000,865 | ---- | M] () -- C:\Users\Gary\AppData\Local\recently-used.xbel [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.02 18:13:02 | 000,000,208 | ---- | C] () -- C:\Users\Gary\Desktop\chkhd.bat [2013.05.02 17:46:48 | 000,149,966 | ---- | C] () -- C:\Users\Gary\Desktop\problem1.png [2013.04.24 21:48:51 | 000,001,154 | ---- | C] () -- C:\Users\Public\Desktop\Auto Clicker by Shocker.lnk [2013.04.19 21:51:57 | 000,002,235 | ---- | C] () -- C:\Users\Public\Desktop\Launch BioShock Infinite.lnk [2013.04.04 05:23:29 | 000,000,865 | ---- | C] () -- C:\Users\Gary\AppData\Local\recently-used.xbel [2013.04.04 05:03:39 | 000,256,112 | ---- | C] () -- C:\Users\Gary\Desktop\163523_10200930456444971_1065856204_n.jpg [2013.02.22 21:31:00 | 000,000,043 | ---- | C] () -- C:\Users\Gary\jagex_cl_oldschool_LIVE.dat [2013.02.22 21:31:00 | 000,000,024 | ---- | C] () -- C:\Users\Gary\random.dat [2012.12.19 18:18:48 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2012.10.30 23:30:24 | 000,075,040 | ---- | C] () -- C:\Program Files (x86)\Common Files\SpeechUninstall.exe [2012.01.29 17:16:15 | 000,094,378 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\icarus-dxdiag.xml [2012.01.05 03:11:47 | 000,000,032 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE.dat [2011.12.13 21:19:22 | 000,000,132 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011.10.08 22:30:48 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011.09.28 22:24:59 | 000,000,600 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\winscp.rnd [2011.09.28 21:50:16 | 000,004,608 | ---- | C] () -- C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.09.19 00:24:35 | 000,000,129 | ---- | C] () -- C:\Users\Gary\jagex_runescape_preferences2.dat [2011.09.19 00:23:58 | 000,000,035 | ---- | C] () -- C:\Users\Gary\jagex_runescape_preferences.dat [2011.09.19 00:23:49 | 000,000,024 | ---- | C] () -- C:\Users\Gary\jagexappletviewer.preferences [2011.09.12 21:30:11 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.09.07 18:12:16 | 000,007,610 | ---- | C] () -- C:\Users\Gary\AppData\Local\Resmon.ResmonCfg [2011.05.31 08:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll [2011.05.31 08:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.12.29 00:31:05 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\.minecraft [2012.08.31 23:31:04 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Awesomium [2013.04.24 21:41:09 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Babylon [2013.03.31 18:24:16 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\CPUControl [2011.10.23 16:24:30 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\eType [2012.01.08 18:16:48 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\gamigoGr [2012.01.08 17:46:59 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\GetRightToGo [2012.11.02 03:41:49 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\gtk-2.0 [2011.12.08 18:09:59 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\ImgBurn [2012.01.08 17:49:30 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\launcher [2012.05.26 23:23:03 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Leadertech [2012.05.22 23:13:00 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\LolClient [2012.05.24 04:55:33 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\LolClient2 [2012.01.08 17:49:30 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Martial Empires Launcher [2013.04.22 22:28:32 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Mp3tag [2012.10.18 20:45:41 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\OpenOffice.org [2011.09.26 23:54:31 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Opera [2012.01.02 19:19:25 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\PhotoScape [2011.11.26 01:39:45 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Publish Providers [2012.01.02 18:46:56 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\redsn0w [2012.05.09 18:20:33 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\RIFT [2012.08.02 20:28:09 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\six-zsync [2011.11.26 01:39:41 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Sony [2012.05.09 18:30:43 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Sony Creative Software Inc [2012.10.22 18:01:00 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Spesoft Text To MP3 [2011.10.13 23:06:17 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Structorizer [2012.12.19 18:59:04 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\systweak [2013.03.20 23:14:59 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\TeamViewer [2013.03.04 17:45:52 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\ts3overlay [2011.10.13 23:06:17 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Unimozer [2013.04.19 21:37:11 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\UseNeXT [2013.04.01 03:13:51 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\uTorrent [2012.04.04 00:24:03 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\WindSolutions [2012.12.02 23:05:12 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\YourFileDownloader ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 02.05.2013 18:17:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gary\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00001007 | Country: Luxemburg | Language: DEL | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 3,12 Gb Available Physical Memory | 51,93% Memory free
12,00 Gb Paging File | 8,66 Gb Available in Paging File | 72,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 140,08 Gb Free Space | 30,08% Space Free | Partition Type: NTFS
Computer Name: GARY-PC | User Name: Gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-2539292132-395309747-3638915529-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1BB352AC-BE22-45AE-8C9E-48DE36ED18B6}" = rport=138 | protocol=17 | dir=out | app=system |
"{1CB89051-3148-4BEF-A850-9A03BF923ED2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1E8C18BC-0EB4-49D8-B552-6AEFA5E50CDE}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{24A28F10-73EF-45D0-9DD1-D10F7649C2DF}" = lport=3390 | protocol=6 | dir=in | app=system |
"{27902E68-F8B9-4A4D-852E-E4AB2C3B296E}" = lport=138 | protocol=17 | dir=in | app=system |
"{2B5449CB-F57F-43DF-98C6-222F2E3064FD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{326533A1-E9E5-4CC3-8F06-8AAE9DFDF86D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{36EB6509-014A-4164-B900-E05338A8CBEF}" = rport=139 | protocol=6 | dir=out | app=system |
"{39F605CB-1612-4E07-91D2-908B0EC5468A}" = lport=10244 | protocol=6 | dir=in | app=system |
"{3E031A6F-D66F-4BCB-B8A4-9CD861B027F5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3E57E187-EDF7-456A-B2BB-68C0E4EF5912}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3F58012C-4D00-40F2-B28F-F4047501B287}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3FED597E-2D3B-41FC-8C35-062F8B969462}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{44C85A4C-99D1-4BAF-9E41-90F0976429CA}" = rport=137 | protocol=17 | dir=out | app=system |
"{473DCC77-377B-477B-B8C0-CD7A1FE49AEA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5409D32E-6815-42DA-8739-3CB598C03AD0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{55D7D7D7-0830-4760-93E8-EEBD33B322B9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{578792E0-5DDB-4C18-A091-AF3638973700}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5D3E96C4-6322-4A95-9B10-97C4F11521D1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5FE0901D-AA99-400E-B8C9-FF60A2C38D56}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{6B263012-69B0-4974-974C-138D54AE587E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{71B98031-3508-449F-A22D-B85207F02371}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{7398F06B-0AC6-4127-9585-1489B6B6D87A}" = lport=139 | protocol=6 | dir=in | app=system |
"{76E135F7-50FA-4058-A118-EA022BB97988}" = lport=10243 | protocol=6 | dir=in | app=system |
"{784EC6D1-E6A7-4111-A002-1848E706AC59}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{808F8BCD-9CBB-4BA8-A89E-2F0AAE22D75A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{82376790-A6CC-46C9-B810-64DA0749D747}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{878A88DE-2F06-48B3-85C6-23CB8E2689C9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90DB39B4-3D34-4744-876B-A89DB8105B57}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{955BE126-40AA-4D34-B95F-8F3438BC0C70}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{98BC5541-C5E1-4168-931D-140BFACC174C}" = rport=445 | protocol=6 | dir=out | app=system |
"{9C6B55E0-DBD0-45C9-8144-209578CF748F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9C944E0A-B81C-456F-B63C-E75324F88D40}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A601C598-A80F-4926-8581-FDF808D337D5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A922066C-0365-43CD-B27E-B9A5911F8046}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B0233A3D-DD06-4DA7-B1E5-AE7D1366E420}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B98B0482-C6E3-46B7-8212-FDAC7AF3E06C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C4C7E8A9-773B-4A7C-B0FE-9B11AEAC6129}" = lport=445 | protocol=6 | dir=in | app=system |
"{C5495588-B85D-4A77-9E9C-594098D3689F}" = lport=137 | protocol=17 | dir=in | app=system |
"{C5B0BE79-3DC1-44A1-8D43-3A078E5EA850}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CD9280F7-9646-47DB-90D1-97CCC1499321}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D151D655-3208-44A2-B6E0-517850F86408}" = lport=10244 | protocol=6 | dir=in | app=system |
"{D3CEE879-3DB2-4136-8D0E-9BD9F5C55450}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC82CE4E-79BF-4729-B7E4-19342383E45D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DFC9355F-D03E-49AF-9E32-4ED827EBB774}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E0CAEF3D-DEE6-4DEB-B7A5-55A5DCF1A3ED}" = lport=3390 | protocol=6 | dir=in | app=system |
"{E2A95F2C-480D-44CF-8442-AA58B416DD76}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E3112506-4081-407E-B329-303CBD171D83}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E6619DC4-EF68-4F4C-9E59-E2B87A390979}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E9DA301D-861B-4736-9127-E08A8DE0C1B0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ECBBDD9D-A724-49E0-BCC1-B17D5D5F2D78}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F02B0A71-56E1-4C72-A5F0-189EE67DA625}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F2300D43-CC91-4597-8DDC-DBF3F3400844}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{F73B7AEB-D750-476D-9E60-291DF658C818}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FA2A69F0-1026-4BF2-97A8-58E5AA0DA9F5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FAEBABA3-E5CA-4666-8BFB-F8D77415A99A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF38A9CC-3DF0-4D08-B026-4600512C5B42}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{025CCA33-5BB2-43B3-9D77-149342DC8070}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{09DF8D2C-3E34-402C-ABFA-C9FCAC20B267}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0D1C0780-5DBC-4DDD-A5F9-3C6B91C8C281}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{0EB1A353-7ECF-4F22-95C0-DA18B81206BB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{12B04FB6-1CF5-4B2D-A9FB-326AE496CC97}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{136A155E-0861-428D-8D24-B69018845ACB}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{1A07053C-6051-42A8-8D57-C3A6C7681BD9}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{1D9AC403-29BC-4875-BCAE-67BD1B34C65A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{228F4299-C03B-4745-8949-C363CD2C3B37}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{275C15DB-8409-4355-BAF2-61C6C7C7EAA4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2AB92D99-5C59-449A-AD60-BAC79EA58E6B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2FF99DCC-2DE7-44AE-AA27-58BC0EE4A6E4}" = dir=out | app=%systemdrive%\fraps\fraps.exe |
"{348C0BEB-3EE1-459F-A312-7EF50786931A}" = dir=in | app=c:\users\gary\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{36021385-1328-4A89-BB78-F43ED287D270}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{36129B76-00EB-4B0A-BCD5-E7CB88FCAE06}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{364E9A36-7FCB-4274-86A3-36464597A3F7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{369A6D07-4C37-4188-BCF7-D35287671ACC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\unreal1394\garrysmod\hl2.exe |
"{38492018-36A4-4C2C-8B9B-122FBA9E6D67}" = dir=in | app=c:\users\gary\documents\the war z\warz.exe |
"{38666921-9C51-4D5D-98CE-B41931E17ECA}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{4594252B-4082-4468-A26A-2F436DB763AD}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{477F8812-9429-45F3-8571-C298DBA4BD0F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{47E8800F-7842-44A6-A768-BFBE7E51AA56}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4A56EF81-D007-417D-923B-DE6E827F6951}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{52EA5E5D-C347-406E-9889-6CA515C54A87}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5326AB3D-2C20-4638-9D1D-2FC6955837CA}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{53D1AEE2-16F7-4C8C-9D3F-05523A66F2B9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\diriptide\deadislandgame_x86_rwdi.exe |
"{543FD33B-5597-420E-8E98-C407E3FB49FC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\diriptide\deadislandgame_x86_rwdi.exe |
"{5732847E-CE24-43AE-BAC3-6D893CEF8F75}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires\empiresx.exe |
"{5B422671-C9FE-437E-A703-E7A1B91C02BB}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{5BB63703-EFC8-44C8-ABB8-957CD145E36F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\day of defeat source\hl2.exe |
"{5FBBD07E-079B-4DF9-ACBC-967997F26CB3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{62E6822F-8265-4516-843C-F8CC763B8010}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6524064E-67E9-4F62-A9C8-DBA74AD8AEC2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\day of defeat source\hl2.exe |
"{674F566B-862B-4B5E-A938-4D323F56BEC8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6803E080-0AD1-4F3B-8CFB-22CFD979B0AC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{69C562C9-EC49-4367-B8BE-D6883FE3D726}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{6ADCBFCB-370F-4167-8036-2CAD226C6725}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6ECDFB69-DBAE-40C5-83A3-E03C9B5164BE}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{6F1E16F4-433D-4700-BF63-9AD995A575C3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6F9B07AB-7905-4796-B90D-96A4FFDAAA23}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{75D572F2-B309-48F9-9236-451F8F9C7A70}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{7C8943AD-E69D-4E77-A25C-29C0007B9574}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7D03D476-F338-4C2C-84A5-262F2DBC3BE8}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7F23E80D-F6EA-47FE-A0FA-9A388F307F0F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{863F621E-A57E-4045-B326-8297553FC7B4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{8DD8E892-30B2-4B36-BEA9-C9134596D1E7}" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{8E9AF1FA-4A1C-484D-895B-7F68DA84CD4A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{8F81040C-64B0-49A3-A956-856D9860651B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8FFEFAA7-CF6C-46BB-8E0B-9FBE2A63B8BB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{926CEB46-B37D-45BB-8EC8-D300B5AE34F3}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{939C492A-668F-46E8-A8CE-332AD80C5558}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{9837AF4C-48AF-4E2C-A7F2-99507B56A60E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires\empiresx.exe |
"{9D984049-0293-42BD-BBE8-4ED630DCAE54}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{A23219F7-99A5-4DEB-B9F6-1C50F6A3063D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A272BA61-C598-4D4C-A5DB-A80A6CE8F840}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A3EA314E-A795-4436-9511-C0E4C8C7E716}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AA9C4C7C-4059-451F-9069-FA047DEA339F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{AB919CAA-AC11-4654-8A0D-4863978187F7}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{B0CFFDDA-DF26-44C5-B4F3-8AA1F2C5CDC1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B625BB6A-3F52-4B67-9C5C-F25BB6E187C6}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B64CC79C-545E-4241-9997-A31F1998886E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B74B583C-8292-4E00-951B-E33CFB94BB0B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{BCDC1832-3CB8-4866-B08A-B107C8C0D6D3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE6C8B0B-3E77-405F-97E7-17B0126AB4F8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{BEF45614-4820-4692-A55F-64DB4D48A02B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C4152128-924F-40D9-AA20-D933C5070A15}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C4C0696D-EF4E-4AD5-980B-85AA176AEAD8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{C888470F-3F3E-45F4-AF86-12363700FE2F}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{CBDC1038-D056-43F8-8A33-CC6CC666168D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{CC57BD7F-633C-43F9-891A-C436C93FCE98}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{CFFE4A31-38B6-456C-A40B-983589945A36}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D21AE977-D507-4255-9438-6FE62FBB0449}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D72EFC0C-B60F-4213-8BAD-247B6B678521}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{DAE8CF9B-8AA7-4A95-9B39-65D7AE1C33E1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{DC0F1CFC-B694-489B-B375-4B6FBBCBBD12}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DDED0CD6-1348-4D33-B504-027A2817A5B4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DFD88C36-3498-4D06-996C-D41EE8175A4A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E19AFEC5-CA1B-4817-B4E0-56984DBA69A4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{E81C0593-AC2C-4DD2-AC2D-CA6A45BA64C9}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{EC353433-501A-4443-AF32-795CF1F3B08E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\unreal1394\garrysmod\hl2.exe |
"{F14C19F3-C6BF-4543-848D-DEA44AB039EF}" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{F2095E2D-BB1E-44BD-91AB-B94E259233D9}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{F248FD1E-41EB-44A9-A163-0CA5E04050F5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{F2EC7FD1-D9B6-4730-974C-C3606B69DD3C}" = protocol=6 | dir=out | app=system |
"{F72464CE-9481-4DA3-9385-8F7C2806056A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F7550465-23AA-4005-8CA5-0B71E6C0A8BB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{FA4D5F80-3592-4209-8D18-25FB14A196EA}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{FD0C94F2-A53B-47AB-A863-43A921DEC978}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"TCP Query User{31FF8F72-D28A-4C5E-8D98-C1F338695296}C:\users\gary\documents\usenext\wizard\antichamber v1 steam - rip cracked - richvsm\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\users\gary\documents\usenext\wizard\antichamber v1 steam - rip cracked - richvsm\binaries\win32\udk.exe |
"TCP Query User{3DA3B93E-D311-438E-8330-6D4C843F8774}C:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe |
"TCP Query User{41E1108D-83BF-4620-A226-296AA94CC5F4}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe |
"TCP Query User{50A67CDE-9F07-45AF-A6E6-CB97D2D1B30A}C:\users\gary\documents\the war z\warz.exe" = protocol=6 | dir=in | app=c:\users\gary\documents\the war z\warz.exe |
"TCP Query User{57380EEF-9CE6-4622-B9C6-958086C49888}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{7A4C8304-CE6D-4D43-BD2B-ADFDF59F4BD6}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |
"TCP Query User{91BC5E00-C35F-48B8-A13C-3CF2A570BA75}C:\udk\dream of the blood moon\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\udk\dream of the blood moon\binaries\win32\udk.exe |
"TCP Query User{C3A98595-F240-4D2D-AE38-C6B7F069E541}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{E19F5DA8-21AC-410C-9675-5133435C171F}C:\program files (x86)\microsoft games\age of empires\empiresx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires\empiresx.exe |
"TCP Query User{F5316B2C-5A9A-4EB8-8E98-10D5DD7FBFC5}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{FA77D159-5B11-49F4-B86B-D1CC8A5BA87D}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{07A98548-20C3-43F2-9EFC-906C60F11F56}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{3774951D-DBD3-4C00-8662-4690B1C9FACC}C:\users\gary\documents\the war z\warz.exe" = protocol=17 | dir=in | app=c:\users\gary\documents\the war z\warz.exe |
"UDP Query User{5868CB0F-3B26-452A-A3C5-F16A1B63C247}C:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe |
"UDP Query User{6C78938B-F65A-499D-B3C4-6E90CE2CEDBA}C:\program files (x86)\microsoft games\age of empires\empiresx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires\empiresx.exe |
"UDP Query User{8460E313-6D20-40A5-84C3-F3FA72B39C0A}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{97ADACA7-4455-44B2-900B-D31668AB5DCB}C:\udk\dream of the blood moon\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\udk\dream of the blood moon\binaries\win32\udk.exe |
"UDP Query User{9B45D91D-3E71-4B1D-9041-17C5BCC9891B}C:\users\gary\documents\usenext\wizard\antichamber v1 steam - rip cracked - richvsm\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\users\gary\documents\usenext\wizard\antichamber v1 steam - rip cracked - richvsm\binaries\win32\udk.exe |
"UDP Query User{9E1436B5-0AAF-4450-9650-8B8673F01473}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{AA1728F6-D287-4C4F-8936-BA544021F2C9}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |
"UDP Query User{B92F7EC0-6E25-4ECF-BC22-9EB704AB190C}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{C96308F8-AE06-41E2-B452-715AA5ABD19E}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D9}" = WinZip 17.0
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AutoHotkey" = AutoHotkey 1.1.09.04
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Speccy" = Speccy
"UDK-bd4bcb10-a22f-40e9-9dee-e40254da611d" = Dream of the Blood Moon
"UDK-f0ea111a-45b7-45fa-8a75-da41e668b27c" = My Game Long Name
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33999F1F-EA46-4E55-A239-1BA803235396}" = Hercules DJ Products Series drivers
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F28F11-404B-4CEA-92FF-37BF476F239E}" = VirtualDJ PRO Full
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7C5B1ECD-FE93-4FB2-A51A-06451BA49969}" =
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2EDC0F-B7C2-11E0-BE17-0013D3D69929}" = Vegas Movie Studio HD Platinum 11.0
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9E3E3D64-5A2A-4CEF-A500-EB71188DBA90}" = OpenOffice.org 3.4.1
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A85FCCBE-31AB-4312-A5A9-165FF3B0BF90}" = RuneScape Launcher 1.2.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = The War Z version 1.0
"{C0E3B891-B7C3-11E0-A2BD-001320F83A25}" = MSVCRT Redists
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E04FD66D-ADDD-48A0-B766-4111945C09D4}" = RAMDisk
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"aTube Catcher" = aTube Catcher
"Audacity_is1" = Audacity 1.2.6
"Auto Clicker by Shocker_is1" = Auto Clicker by Shocker
"Avira AntiVir Desktop" = Avira Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BattlEye for OA" = BattlEye for OA Uninstall
"BioShock Infinite_is1" = BioShock Infinite
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CPU-Control_is1" = CPU-Control
"Fraps" = Fraps (remove only)
"Guild Wars 2" = Guild Wars 2
"ImgBurn" = ImgBurn
"Metin2_is1" = Metin2
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.55
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 12.14.1738" = Opera 12.14
"PhotoScape" = PhotoScape
"PowerISO" = PowerISO
"QuickPar" = QuickPar 0.9
"Sniper Ghost Warrior 2_is1" = Sniper Ghost Warrior 2
"Speech Support" = Speech Support
"Steam App 1250" = Killing Floor
"Steam App 216250" = Dead Island Riptide
"Steam App 224580" = Arma 2: DayZ Mod
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 4000" = Garry's Mod
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steam App 570" = Dota 2
"Steam App 730" = Counter-Strike: Global Offensive
"Switch" = Switch Audiodatei-Konverter
"TeamViewer 8" = TeamViewer 8
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"UseNeXT by Tangysoft_is1" = UseNeXT by Tangysoft
"uTorrent" = µTorrent
"WavePad" = WavePad Audiobearbeitungs-Software
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"Winload Toolbar" = Winload Toolbar
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.3.5
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2539292132-395309747-3638915529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.04.2013 10:38:48 | Computer Name = Gary-PC | Source = Application Hang | ID = 1002
Description = Programm DeadIslandGame_x86_rwdi.exe, Version 1.0.0.0 kann nicht mehr
unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 11cc Startzeit: 01ce45b0634fe47f Endzeit: 108 Anwendungspfad:
C:\Program Files (x86)\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
Berichts-ID:
a6522dca-b1a3-11e2-b192-001d60a2765f
Error - 30.04.2013 12:25:17 | Computer Name = Gary-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.6.0.5920,
Zeitstempel: 0x510610d1 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0006de2d ID des fehlerhaften
Prozesses: 0x166c Startzeit der fehlerhaften Anwendung: 0x01ce45bcbbfa806c Pfad der
fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.9\deploy\LolClient.exe
Pfad
des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.9\deploy\Adobe
AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: 8acffc55-b1b2-11e2-b192-001d60a2765f
Error - 01.05.2013 06:14:29 | Computer Name = Gary-PC | Source = MsiInstaller | ID = 11609
Description =
Error - 01.05.2013 06:22:23 | Computer Name = Gary-PC | Source = Application Hang | ID = 1002
Description = Programm DeadIslandGame_x86_rwdi.exe, Version 1.0.0.0 kann nicht mehr
unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: c60 Startzeit: 01ce4655b6893258 Endzeit: 91 Anwendungspfad:
C:\Program Files (x86)\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
Berichts-ID:
fa614926-b248-11e2-a0ac-001d60a2765f
Error - 01.05.2013 06:23:53 | Computer Name = Gary-PC | Source = Application Hang | ID = 1002
Description = Programm DeadIslandGame_x86_rwdi.exe, Version 1.0.0.0 kann nicht mehr
unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 410 Startzeit: 01ce4655e4a97d45 Endzeit: 63 Anwendungspfad:
C:\Program Files (x86)\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
Berichts-ID:
27d2fee6-b249-11e2-a0ac-001d60a2765f
Error - 01.05.2013 07:51:38 | Computer Name = Gary-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\WinZip\adxloader.dll.Manifest".
Fehler in Manifest- oder Richtliniendatei "C:\Program Files\WinZip\adxloader.dll.Manifest"
in Zeile 2. Das Stammelement der Manifestdatei muss assembliert sein.
Error - 01.05.2013 07:53:41 | Computer Name = Gary-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 01.05.2013 09:54:44 | Computer Name = Gary-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16537,
Zeitstempel: 0x512347f7 Name des fehlerhaften Moduls: MSHTML.dll, Version: 10.0.9200.16540,
Zeitstempel: 0x5125ef5c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003c086 ID des fehlerhaften
Prozesses: 0x12d0 Startzeit der fehlerhaften Anwendung: 0x01ce466c0444c62b Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Pfad
des fehlerhaften Moduls: C:\Windows\system32\MSHTML.dll Berichtskennung: ad270ec8-b266-11e2-a0ac-001d60a2765f
Error - 02.05.2013 11:29:35 | Computer Name = Gary-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.6.0.5920,
Zeitstempel: 0x510610d1 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0006de2d ID des fehlerhaften
Prozesses: 0x121c Startzeit der fehlerhaften Anwendung: 0x01ce47432e41f627 Pfad der
fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.10\deploy\LolClient.exe
Pfad
des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.10\deploy\Adobe
AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: 175010b5-b33d-11e2-a5c6-001d60a2765f
Error - 02.05.2013 12:13:30 | Computer Name = Gary-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16537,
Zeitstempel: 0x512347f7 Name des fehlerhaften Moduls: nvwgf2um.dll, Version: 9.18.13.1407,
Zeitstempel: 0x5116d87b Ausnahmecode: 0xc0000005 Fehleroffset: 0x001aa7ee ID des fehlerhaften
Prozesses: 0x54c Startzeit der fehlerhaften Anwendung: 0x01ce474fd6713c5c Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Pfad
des fehlerhaften Moduls: C:\Windows\system32\nvwgf2um.dll Berichtskennung: 3a0c9f26-b343-11e2-a5c6-001d60a2765f
[ Media Center Events ]
Error - 10.11.2011 13:31:13 | Computer Name = Gary-PC | Source = MCUpdate | ID = 0
Description = 18:31:13 - Fehler beim Herstellen der Internetverbindung. 18:31:13
- Serververbindung konnte nicht hergestellt werden..
Error - 10.11.2011 13:31:22 | Computer Name = Gary-PC | Source = MCUpdate | ID = 0
Description = 18:31:18 - Fehler beim Herstellen der Internetverbindung. 18:31:18
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 02.05.2013 12:25:46 | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%126
Error - 02.05.2013 12:25:46 | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%126
Error - 02.05.2013 12:25:48 | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%126
Error - 02.05.2013 12:25:48 | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%126
Error - 02.05.2013 12:25:52 | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%126
Error - 02.05.2013 12:25:52 | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%126
Error - 02.05.2013 12:25:54 | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%126
Error - 02.05.2013 12:26:04 | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%126
Error - 02.05.2013 12:26:16 | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%126
Error - 02.05.2013 12:26:18 | Computer Name = Gary-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: %%126
< End of report >
|
|
06.05.2013, 20:27
| #6 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 - PC friert unregelmäßg einZitat:
Zitat:
 Siehe auch => http://www.trojaner-board.de/95393-c...-software.html Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden. Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!! Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein! In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials
__________________ --> Windows 7 - PC friert unregelmäßg ein |
|
| Themen zu Windows 7 - PC friert unregelmäßg ein |
| administrator, auslastung, autostart, computer, datei, dateien, dnsclient, einfrieren, explorer, friert, log, malwarebytes, mediyes, microsoft, musik, problem, prozessor, rechtsklick, ruckel, screenshot, sekunden, system, system32, task-manager, temperatur, trojaner, windows, windows7 |
