| |
| |||||||
Log-Analyse und Auswertung: Das öffnen von Webseiten dauert nach einer Zeit sehr langeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
06.06.2013, 05:48
| #1 |
 |  Das öffnen von Webseiten dauert nach einer Zeit sehr lange Guten Tag, Es gibt etwas, was mich seit längerem richtig nervt. Das Laden von Webseiten, dauert nach einer bestimmten Zeit vom Rechner sehr lange und ich meine nicht damit, dass die Webseite lange braucht, sondern das Rad dreht sich und nach einer bestimmten Zeit (bsp. 3sec) öffnet sich die Webseite zack und wer jetzt meinen sollte, deine Internetverbindung ist langsam irrt sich hier, denn wenn ich den Rechner wieder neu starte, läuft es alles ohne Probleme und ja ich habe bei Google gesucht und leider hat mir bisher nichts davon geholfen und nein, der Ram ist auch nicht ausgelastet, das gleiche gilt auch für den Prozessor. Ich bedanke mich in dieser Stelle, für die Leute, die mir hier bei diesem Thread helfen werden. Meine Hardware: Intel Xeon E3-1230v2 (I7 ohne iGPU) Corsair Vengeance 8GB 1600mhz Gigabyte H77-DS3H Hitachi Ultrastar 1TB Log File: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 06:37:36, on 06.06.2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16576) Boot mode: Normal Running processes: C:\Program Files (x86)\Ares\Ares.exe C:\Users\****\AppData\Local\Akamai\netsession_win.exe C:\Users\****\AppData\Roaming\TorrentStream\engine\tsengine.exe C:\Users\****\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\Users\****\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\****\AppData\Roaming\TorrentStream\updater\tsupdate.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\****\Downloads\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Ask Toolbar BHO - {4D594333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" (file missing) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll O3 - Toolbar: Ask Toolbar - {4D594333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" (file missing) O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\****\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [TorrentStream] C:\Users\****\AppData\Roaming\TorrentStream\engine\tsengine.exe O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\****\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware server\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware server\vsocklib.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Ask Aktualisierungsdienst (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing) O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SProtection - Iminent - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: System Store (SystemStoreService) - Unknown owner - C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.6 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Server\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe O23 - Service: VMware Host Agent (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Server\vmware-hostd.exe O23 - Service: VMware Server Web Access (VMwareServerWebAccess) - Apache Software Foundation - C:\Program Files (x86)\VMware\VMware Server\tomcat\bin\Tomcat6.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12704 bytes Code:
ATTFilter OTL logfile created on: 06.06.2013 06:45:55 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,96 Gb Total Physical Memory | 5,45 Gb Available Physical Memory | 68,48% Memory free 15,92 Gb Paging File | 12,97 Gb Available in Paging File | 81,44% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 758,84 Gb Free Space | 81,47% Space Free | Partition Type: NTFS Computer Name: *****-PC | User Name: ***** | Logged in as *****istrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.06 06:44:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Downloads\OTL.exe PRC - [2013.06.06 06:37:00 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\*****\Downloads\HiJackThis204.exe PRC - [2013.06.03 11:57:49 | 003,085,264 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe PRC - [2013.05.23 07:47:12 | 002,839,592 | ---- | M] (Iminent) -- C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe PRC - [2013.05.23 07:44:09 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.04.26 09:09:38 | 000,169,096 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe PRC - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2013.04.15 11:14:14 | 000,027,256 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\tsengine.exe PRC - [2013.02.10 19:07:32 | 000,913,920 | ---- | M] (Ares Development Group) -- C:\Program Files (x86)\Ares\Ares.exe PRC - [2013.01.26 07:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\*****\AppData\Local\Akamai\netsession_win.exe PRC - [2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\tsupdate.exe PRC - [2012.06.28 17:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2012.05.20 18:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2012.05.15 16:17:26 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012.05.15 16:17:22 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012.05.10 16:20:34 | 000,165,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012.01.13 15:04:16 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe PRC - [2011.03.24 17:11:18 | 000,107,800 | ---- | M] (Octoshape ApS) -- C:\Users\*****\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe PRC - [2010.11.21 05:23:51 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe PRC - [2009.10.20 23:27:34 | 000,057,344 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\VMware\VMware Server\tomcat\bin\Tomcat6.exe PRC - [2009.10.20 15:22:06 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe PRC - [2009.10.20 15:21:56 | 000,326,192 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe PRC - [2009.10.20 15:21:20 | 000,322,096 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Server\vmware-hostd.exe PRC - [2009.10.20 15:21:20 | 000,121,392 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Server\vmware-authd.exe ========== Modules (No Company Name) ========== MOD - [2013.06.03 11:57:49 | 003,085,264 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe MOD - [2013.06.03 11:57:01 | 002,521,552 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll MOD - [2013.05.23 07:44:07 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll MOD - [2013.05.23 07:44:06 | 013,136,336 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll MOD - [2013.05.23 07:43:59 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll MOD - [2013.05.23 07:43:06 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\libglesv2.dll MOD - [2013.05.23 07:43:05 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\libegl.dll MOD - [2013.05.23 07:43:03 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll MOD - [2013.04.15 18:41:26 | 000,674,816 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\wx._misc_.pyd MOD - [2013.04.15 11:14:14 | 000,027,256 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\tsengine.exe MOD - [2013.01.29 18:20:40 | 000,082,944 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\cpyamf.util.pyd MOD - [2013.01.29 18:20:40 | 000,066,048 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\cpyamf.amf0.pyd MOD - [2012.11.29 23:59:32 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll MOD - [2012.11.14 18:00:08 | 000,018,944 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\pycompat.pyd MOD - [2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\tsupdate.exe MOD - [2012.06.25 14:49:20 | 001,482,820 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll MOD - [2012.06.21 15:58:06 | 002,826,311 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll MOD - [2012.06.21 14:31:46 | 000,618,563 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\work.dll MOD - [2012.06.20 15:11:58 | 000,294,912 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL MOD - [2012.05.22 20:12:56 | 001,331,266 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\SF.dll MOD - [2012.05.08 16:01:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll MOD - [2012.05.07 22:45:00 | 001,429,589 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll MOD - [2012.03.01 10:14:46 | 001,335,362 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\HM.dll MOD - [2012.02.07 18:38:58 | 000,358,912 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\pythoncom27.dll MOD - [2012.02.07 18:38:58 | 000,358,912 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\pythoncom27.dll MOD - [2012.02.07 18:37:24 | 000,098,816 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\win32api.pyd MOD - [2012.02.07 18:37:24 | 000,098,816 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\win32api.pyd MOD - [2012.02.07 18:36:30 | 000,024,064 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\win32pdh.pyd MOD - [2012.02.07 18:36:30 | 000,024,064 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\win32pdh.pyd MOD - [2012.02.07 18:36:08 | 000,111,616 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\win32file.pyd MOD - [2012.02.07 18:36:08 | 000,111,616 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\win32file.pyd MOD - [2012.02.07 18:35:46 | 000,110,080 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\pywintypes27.dll MOD - [2012.02.07 18:35:46 | 000,110,080 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\pywintypes27.dll MOD - [2012.01.13 15:04:16 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe MOD - [2011.10.18 10:26:16 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\STT.dll MOD - [2011.09.14 18:12:30 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll MOD - [2011.07.15 21:38:22 | 000,674,816 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\wx._misc_.pyd MOD - [2011.07.15 21:38:12 | 000,966,144 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\wx._controls_.pyd MOD - [2011.07.15 21:38:12 | 000,966,144 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\wx._controls_.pyd MOD - [2011.07.15 21:38:06 | 000,670,720 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\wx._windows_.pyd MOD - [2011.07.15 21:38:06 | 000,670,720 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\wx._windows_.pyd MOD - [2011.07.15 21:38:00 | 000,746,496 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\wx._gdi_.pyd MOD - [2011.07.15 21:38:00 | 000,746,496 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\wx._gdi_.pyd MOD - [2011.07.15 21:37:48 | 000,981,504 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\wx._core_.pyd MOD - [2011.07.15 21:37:48 | 000,981,504 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\wx._core_.pyd MOD - [2011.07.15 21:34:26 | 000,479,744 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_html_vc.dll MOD - [2011.07.15 21:34:26 | 000,479,744 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_html_vc.dll MOD - [2011.07.15 21:34:16 | 000,730,112 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_adv_vc.dll MOD - [2011.07.15 21:34:16 | 000,730,112 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_adv_vc.dll MOD - [2011.07.15 21:34:10 | 003,165,184 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_core_vc.dll MOD - [2011.07.15 21:34:10 | 003,165,184 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_core_vc.dll MOD - [2011.07.15 21:33:40 | 000,122,368 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\wxbase28uh_net_vc.dll MOD - [2011.07.15 21:33:40 | 000,122,368 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\wxbase28uh_net_vc.dll MOD - [2011.07.15 21:33:38 | 001,300,992 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\wxbase28uh_vc.dll MOD - [2011.07.15 21:33:38 | 001,300,992 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\wxbase28uh_vc.dll MOD - [2011.06.12 15:09:18 | 000,720,896 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\_ssl.pyd MOD - [2011.06.12 15:09:18 | 000,720,896 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\_ssl.pyd MOD - [2011.06.12 15:09:18 | 000,038,400 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\_socket.pyd MOD - [2011.06.12 15:09:18 | 000,038,400 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\_socket.pyd MOD - [2011.06.12 15:06:24 | 000,152,576 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\pyexpat.pyd MOD - [2011.06.12 15:06:24 | 000,152,576 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\pyexpat.pyd MOD - [2011.06.12 15:06:22 | 000,287,232 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\_hashlib.pyd MOD - [2011.06.12 15:06:22 | 000,287,232 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\_hashlib.pyd MOD - [2011.06.12 15:06:22 | 000,106,496 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\_ctypes.pyd MOD - [2011.06.12 15:06:22 | 000,011,776 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\select.pyd MOD - [2011.06.12 15:06:22 | 000,011,776 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\select.pyd MOD - [2011.06.12 15:06:20 | 000,688,128 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\unicodedata.pyd MOD - [2011.03.01 20:00:58 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll MOD - [2011.02.13 17:02:12 | 000,031,232 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\Crypto.Cipher.AES.pyd MOD - [2011.01.18 23:56:22 | 000,334,336 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\updater\lib\M2Crypto.__m2crypto.pyd MOD - [2011.01.18 23:56:22 | 000,334,336 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\M2Crypto.__m2crypto.pyd MOD - [2010.10.11 00:23:52 | 000,723,968 | ---- | M] () -- C:\Users\*****\AppData\Roaming\TorrentStream\engine\lib\apsw.pyd MOD - [2010.06.24 16:50:08 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll MOD - [2010.06.10 16:52:24 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll MOD - [2010.03.12 06:40:58 | 004,449,632 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll MOD - [2010.03.12 06:40:56 | 000,423,256 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Device.dll MOD - [2008.05.07 16:22:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll MOD - [2003.02.14 15:11:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll ========== Services (SafeList) ========== SRV:64bit: - [2013.03.29 03:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2012.12.16 13:25:38 | 000,123,664 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV:64bit: - [2012.05.30 14:11:34 | 000,149,544 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2012.04.20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:64bit: - [2010.05.20 16:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc) SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.06.03 11:57:49 | 003,085,264 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect) SRV - [2013.05.23 07:47:12 | 002,839,592 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe -- (SProtection) SRV - [2013.05.20 16:42:52 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service) SRV - [2013.05.15 17:08:22 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.15 12:08:44 | 002,467,664 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.05.01 08:09:52 | 000,296,448 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe -- (SystemStoreService) SRV - [2013.04.26 09:09:38 | 000,169,096 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP) SRV - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2013.02.28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2012.05.15 16:17:26 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.05.15 16:17:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.05.10 16:20:34 | 000,165,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2011.08.30 16:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009.10.20 23:27:34 | 000,057,344 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Server\tomcat\bin\Tomcat6.exe -- (VMwareServerWebAccess) SRV - [2009.10.20 15:22:06 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2009.10.20 15:21:56 | 000,326,192 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2009.10.20 15:21:20 | 000,322,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Server\vmware-hostd.exe -- (VMwareHostd) SRV - [2009.10.20 15:21:20 | 000,121,392 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Server\vmware-authd.exe -- (VMAuthdService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.05.19 15:54:56 | 000,067,584 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm) DRV:64bit: - [2013.04.12 11:41:28 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2013.03.29 04:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2013.03.29 03:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2013.02.22 09:17:06 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd) DRV:64bit: - [2013.02.22 09:17:06 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2013.02.22 09:17:06 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2013.02.14 13:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2013.01.31 11:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple) DRV:64bit: - [2013.01.29 18:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.12.16 13:25:34 | 000,202,632 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV:64bit: - [2012.11.26 18:05:24 | 000,075,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:64bit: - [2012.10.11 05:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam) DRV:64bit: - [2012.10.08 20:52:52 | 000,031,968 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012.05.30 14:10:50 | 000,016,168 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2012.05.20 18:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2012.05.20 18:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2012.05.20 18:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2012.04.25 09:07:18 | 000,104,560 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.12.02 12:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2011.11.02 11:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 15:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:64bit: - [2010.11.20 15:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:64bit: - [2010.11.20 13:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:64bit: - [2010.11.20 13:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:64bit: - [2010.07.01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV:64bit: - [2010.05.20 16:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo) DRV:64bit: - [2009.10.20 15:23:48 | 000,076,336 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2009.10.20 15:23:44 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2009.10.20 15:23:36 | 000,065,072 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2009.10.20 15:22:54 | 000,038,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2009.10.20 15:21:10 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:64bit: - [2009.10.20 15:21:10 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2013.06.06 05:58:43 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2013.06.06 05:58:29 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2013.05.28 17:00:54 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1A B0 C8 DD AE 16 CE 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: magicplayer@torrentstream.org:1.1.22 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\*****\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS) FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\Users\*****\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB) FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.12: C:\Users\*****\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)webbooster@iminent.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.06.04 19:33:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.04 19:33:33 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\*****\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org [2013.04.27 19:23:22 | 000,000,000 | ---D | M] [2013.06.04 18:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions [2013.06.04 18:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\aaaq1vc0.default\extensions [2013.06.04 18:01:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.27 19:23:22 | 000,000,000 | ---D | M] (TS Magic Player) -- C:\USERS\*****\APPDATA\ROAMING\TORRENTSTREAM\EXTENSIONS\FIREFOX\MAGICPLAYER@TORRENTSTREAM.ORG [2013.06.04 19:33:33 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2013.04.06 17:17:21 | 000,005,142 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\arccosine.xml [2013.06.04 19:33:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.06.04 19:33:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://search.babylon.com/?affID=120307&babsrc=HP_ss&mntrId=F6B8902B34A231A2 CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - Extension: Ask Toolbar = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaamlnbcjjkcgabjgbhdkjncianpaah\12.44960_0\ CHR - Extension: Google Docs = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: AdBlock = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\ CHR - Extension: Windows Media Player Extension for HTML5 = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\ CHR - Extension: YouTube Unblocker = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.4.3_0\ CHR - Extension: Google Mail = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013.06.05 15:12:52 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll (Simple Adblock) O2 - BHO: (Ask Toolbar) - {4D594333-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll (APN LLC.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {4D594333-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll (APN LLC.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\*****\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group) O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\*****\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS) O4 - HKCU..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" File not found O4 - HKCU..\Run: [TorrentStream] C:\Users\*****\AppData\Roaming\TorrentStream\engine\tsengine.exe () O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehavior***** = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Program Files (x86)\VMware\VMware Server\x64\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Program Files (x86)\VMware\VMware Server\x64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Server\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Server\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F32ABA1C-1E6A-479A-9E53-A7964C1AE152}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\gopher - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (expstart.exe) - C:\Windows\expstart.exe () O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.04 19:24:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2013.06.03 21:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive [2013.06.03 21:54:21 | 000,000,000 | R--D | C] -- C:\Users\*****\SkyDrive [2013.06.03 21:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive [2013.06.03 21:45:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2013.06.03 21:13:38 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll.backup [2013.06.03 21:13:36 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll.backup [2013.06.01 06:47:33 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer [2013.05.31 20:20:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2013.05.31 09:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunatic [2013.05.30 19:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnotherLifeClient [2013.05.30 19:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Another Life [2013.05.30 15:19:50 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Animake [2013.05.30 15:19:47 | 000,000,000 | ---D | C] -- C:\PROGRAMME [2013.05.30 15:03:34 | 000,000,000 | ---D | C] -- C:\Users\*****\.thumbnails [2013.05.30 15:02:14 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\fontconfig [2013.05.30 15:02:13 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\gegl-0.2 [2013.05.30 15:02:13 | 000,000,000 | ---D | C] -- C:\Users\*****\.gimp-2.8 [2013.05.30 14:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2013.05.29 18:58:57 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [2013.05.29 18:58:57 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker [2013.05.29 17:59:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digiturk [2013.05.29 17:58:39 | 000,000,000 | ---D | C] -- C:\Windows\symbols [2013.05.29 17:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\VS [2013.05.29 17:48:20 | 000,000,000 | ---D | C] -- C:\ATI [2013.05.27 17:21:59 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2013.05.27 17:21:59 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2013.05.27 17:21:59 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2013.05.27 17:21:59 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2013.05.27 17:21:59 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2013.05.27 17:21:59 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2013.05.27 17:21:59 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2013.05.27 17:21:59 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2013.05.27 17:21:59 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2013.05.27 17:21:59 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2013.05.27 17:21:59 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2013.05.27 17:21:59 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2013.05.27 17:21:59 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2013.05.27 17:21:59 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2013.05.27 17:21:58 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2013.05.27 17:21:58 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2013.05.27 17:21:57 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2013.05.27 17:21:57 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2013.05.27 17:21:57 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2013.05.27 17:21:57 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2013.05.27 17:21:57 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2013.05.27 17:21:57 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2013.05.27 17:21:57 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2013.05.27 17:21:56 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2013.05.27 17:21:56 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2013.05.27 17:21:56 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2013.05.27 17:21:56 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2013.05.27 17:21:56 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2013.05.27 17:21:56 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2013.05.27 17:21:56 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2013.05.27 17:21:55 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2013.05.27 17:21:55 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2013.05.27 17:21:55 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2013.05.27 17:21:55 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2013.05.27 17:21:55 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2013.05.27 17:21:55 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2013.05.27 17:21:55 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2013.05.27 17:21:55 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2013.05.27 17:21:55 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2013.05.27 17:21:55 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2013.05.27 17:21:55 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2013.05.27 17:21:55 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2013.05.27 17:21:54 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2013.05.27 17:21:54 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2013.05.27 17:21:54 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2013.05.27 17:21:54 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2013.05.27 17:21:54 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2013.05.27 17:21:54 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2013.05.27 17:21:54 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2013.05.27 17:21:54 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2013.05.27 17:21:54 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2013.05.27 17:21:54 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2013.05.27 17:21:54 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2013.05.27 17:21:54 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2013.05.27 17:21:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2013.05.27 17:21:54 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2013.05.27 17:21:54 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2013.05.27 17:21:54 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2013.05.27 17:21:54 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2013.05.27 17:21:54 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2013.05.27 17:21:54 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2013.05.27 17:21:54 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2013.05.27 17:21:54 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2013.05.27 17:21:54 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2013.05.27 17:21:53 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2013.05.27 17:21:53 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2013.05.27 17:21:53 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2013.05.27 17:21:53 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2013.05.27 17:21:53 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2013.05.27 17:21:53 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2013.05.27 17:21:53 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2013.05.27 17:21:53 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2013.05.27 17:21:53 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2013.05.27 17:21:53 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2013.05.27 17:21:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2013.05.27 17:21:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2013.05.27 17:21:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2013.05.27 17:21:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2013.05.27 17:21:53 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2013.05.27 17:21:53 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2013.05.27 17:21:53 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2013.05.27 17:21:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2013.05.27 17:21:52 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2013.05.27 17:21:52 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2013.05.27 17:21:52 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2013.05.27 17:21:52 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2013.05.27 17:21:52 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2013.05.27 17:21:52 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2013.05.27 17:21:51 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2013.05.27 17:21:51 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2013.05.27 17:21:50 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2013.05.27 17:21:50 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2013.05.27 17:21:48 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2013.05.27 17:21:48 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2013.05.27 17:21:48 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2013.05.27 17:21:48 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2013.05.27 17:21:48 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2013.05.27 17:21:48 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2013.05.27 17:21:47 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2013.05.27 17:21:47 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2013.05.27 17:21:47 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2013.05.27 17:21:47 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2013.05.27 17:21:47 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2013.05.27 17:21:47 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2013.05.27 17:21:46 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2013.05.27 17:21:46 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2013.05.27 17:21:46 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2013.05.27 17:21:46 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2013.05.27 17:21:46 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2013.05.27 17:21:46 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2013.05.27 17:21:46 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2013.05.27 17:21:46 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2013.05.27 17:21:46 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2013.05.27 17:21:46 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2013.05.27 17:21:46 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2013.05.27 17:21:46 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2013.05.27 17:21:45 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2013.05.27 17:21:45 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2013.05.27 17:21:45 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2013.05.27 17:21:45 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2013.05.27 17:21:45 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2013.05.27 17:21:45 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2013.05.27 17:21:45 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2013.05.27 17:21:45 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2013.05.27 17:21:44 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2013.05.27 17:21:44 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2013.05.27 17:21:43 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2013.05.27 17:21:43 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2013.05.27 17:21:43 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2013.05.27 17:21:43 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2013.05.24 19:50:31 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MySQL [2013.05.24 11:29:35 | 000,000,000 | ---D | C] -- C:\server [2013.05.24 08:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\MySQL [2013.05.24 07:44:11 | 000,000,000 | ---D | C] -- C:\Users\*****\VirtualBox VMs [2013.05.23 22:57:30 | 000,000,000 | ---D | C] -- C:\Users\*****\.VirtualBox [2013.05.23 22:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2013.05.23 22:56:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2013.05.23 22:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2013.05.22 13:11:56 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys [2013.05.22 13:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2013.05.22 13:11:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2013.05.20 16:42:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macromedia Shared [2013.05.20 16:39:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision [2013.05.20 16:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia [2013.05.20 16:39:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Macromedia [2013.05.19 15:54:56 | 000,067,584 | ---- | C] (Eugene V. Muzychenko) -- C:\Windows\SysNative\drivers\vrtaucbl.sys [2013.05.19 15:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable [2013.05.19 15:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual Audio Cable [2013.05.19 15:48:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork [2013.05.19 15:48:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork [2013.05.19 15:48:08 | 000,000,000 | ---D | C] -- C:\ProgramData\APN [2013.05.19 15:47:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam [2013.05.19 15:47:28 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\ManyCam [2013.05.19 15:47:28 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\ManyCam [2013.05.19 15:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ManyCam [2013.05.19 15:47:26 | 000,044,928 | ---- | C] (ManyCam LLC) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys [2013.05.19 15:47:05 | 000,519,304 | ---- | C] (Ask Partner Network) -- C:\Users\*****\Documents\APNSetup1.exe [2013.05.19 15:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp [2013.05.19 15:47:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ManyCam [2013.05.18 09:04:57 | 000,000,000 | ---D | C] -- C:\Users\*****\Screenshots [2013.05.18 09:02:53 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\ScreenCapture [2013.05.18 09:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen Capturer [2013.05.18 09:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Screen Capturer [2013.05.18 09:02:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ScreenCapture [2013.05.18 08:58:14 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Screen Recording Suite [2013.05.16 06:22:57 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.05.16 06:22:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.05.16 06:22:57 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.16 06:22:56 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.16 06:22:56 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.05.16 06:22:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.05.16 06:22:56 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.05.16 06:22:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.05.16 06:22:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.05.16 06:22:56 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.05.16 06:22:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.05.16 06:22:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.05.16 06:22:55 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.16 06:22:55 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.16 06:22:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.15 05:55:31 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.05.15 05:55:31 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013.05.15 05:55:25 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.05.15 05:55:25 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.05.15 05:55:25 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013.05.15 05:55:25 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013.05.15 05:55:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013.05.12 18:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn [2013.05.12 13:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7 [2013.05.12 13:51:32 | 000,000,000 | ---D | C] -- C:\Python27 [2013.05.11 22:02:39 | 000,000,000 | ---D | C] -- C:\5665b4540bce1692782821fd93bd8b [2013.05.10 21:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server [2013.05.10 21:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2013.05.10 21:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2013.05.10 21:27:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2013.05.10 21:26:39 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Visual Studio 2010 [2013.05.10 21:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express [2013.05.10 21:26:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 10.0 [2013.05.10 21:25:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0 [2013.05.10 21:25:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs [2013.05.10 21:25:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.06 06:43:13 | 000,016,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.06 06:43:13 | 000,016,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.06 06:15:06 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.06 06:08:45 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.06 05:58:43 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys [2013.06.06 05:58:43 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref [2013.06.06 05:58:29 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2013.06.06 05:58:25 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.06 05:40:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.06 05:40:52 | 2116,947,967 | -HS- | M] () -- C:\hiberfil.sys [2013.06.05 15:35:21 | 000,001,994 | ---- | M] () -- C:\Users\*****\Desktop\TeamViewer 8.lnk [2013.06.05 15:31:42 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini [2013.06.05 15:12:52 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.06.04 18:01:40 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.06.04 07:15:38 | 000,000,847 | ---- | M] () -- C:\Users\*****\Desktop\samp.lnk [2013.06.04 07:15:05 | 000,001,998 | ---- | M] () -- C:\Users\*****\Desktop\Minecraft&Updater.lnk [2013.06.03 22:46:48 | 000,001,969 | ---- | M] () -- C:\Users\*****\Desktop\Skype.lnk [2013.06.03 22:46:24 | 000,001,216 | ---- | M] () -- C:\Users\*****\Desktop\Movie Studio Platinum 12.0 (64-bit).lnk [2013.06.03 21:41:07 | 000,001,716 | ---- | M] () -- C:\Users\*****\Desktop\Remote Desktop Connection.lnk [2013.06.03 21:13:38 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll [2013.06.03 21:13:36 | 002,851,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll [2013.06.03 17:32:05 | 000,002,258 | -H-- | M] () -- C:\Users\*****\Documents\Default.rdp [2013.06.03 09:26:11 | 000,001,604 | ---- | M] () -- C:\Windows\Sandboxie.ini [2013.05.31 08:53:56 | 000,001,456 | ---- | M] () -- C:\Users\*****\AppData\Local\Adobe Für Web speichern 13.0 Prefs [2013.05.31 08:39:10 | 000,000,132 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen [2013.05.31 08:32:57 | 000,004,023 | ---- | M] () -- C:\Users\*****\AppData\Local\recently-used.xbel [2013.05.30 18:55:00 | 000,000,132 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen [2013.05.29 17:51:23 | 001,607,524 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.05.29 17:51:23 | 000,704,500 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.29 17:51:23 | 000,658,002 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.29 17:51:23 | 000,151,636 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.29 17:51:23 | 000,124,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.29 17:51:15 | 001,607,524 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.28 17:00:54 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\etdrv.sys [2013.05.26 10:13:02 | 000,002,218 | ---- | M] () -- C:\Users\*****\Desktop\Google Chrome.lnk [2013.05.24 08:57:07 | 000,000,236 | ---- | M] () -- C:\Windows\ODBCINST.INI [2013.05.19 15:54:56 | 000,067,584 | ---- | M] (Eugene V. Muzychenko) -- C:\Windows\SysNative\drivers\vrtaucbl.sys [2013.05.16 06:45:52 | 004,921,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.15 17:08:22 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.05.15 17:08:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.05.13 20:33:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf [2013.05.12 13:52:36 | 000,014,610 | ---- | M] () -- C:\Users\*****\socks.pyc [2013.05.12 13:52:36 | 000,006,655 | ---- | M] () -- C:\Users\*****\terminal.pyc [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.05 15:31:40 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini [2013.06.04 18:48:58 | 000,000,969 | ---- | C] () -- C:\Users\*****\Desktop\Ares.lnk [2013.06.04 18:01:40 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.06.04 07:15:38 | 000,000,847 | ---- | C] () -- C:\Users\*****\Desktop\samp.lnk [2013.06.04 07:15:05 | 000,001,998 | ---- | C] () -- C:\Users\*****\Desktop\Minecraft&Updater.lnk [2013.06.03 22:46:48 | 000,001,969 | ---- | C] () -- C:\Users\*****\Desktop\Skype.lnk [2013.06.03 22:46:24 | 000,001,216 | ---- | C] () -- C:\Users\*****\Desktop\Movie Studio Platinum 12.0 (64-bit).lnk [2013.06.03 21:54:21 | 000,002,176 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk [2013.06.03 21:46:02 | 000,002,001 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2013.06.03 21:46:02 | 000,001,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2013.06.03 21:46:02 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2013.06.03 21:41:07 | 000,001,716 | ---- | C] () -- C:\Users\*****\Desktop\Remote Desktop Connection.lnk [2013.06.03 21:07:36 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref [2013.05.31 08:44:48 | 000,001,456 | ---- | C] () -- C:\Users\*****\AppData\Local\Adobe Für Web speichern 13.0 Prefs [2013.05.31 08:39:10 | 000,000,132 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen [2013.05.31 08:32:57 | 000,004,023 | ---- | C] () -- C:\Users\*****\AppData\Local\recently-used.xbel [2013.05.30 14:57:22 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [2013.05.13 20:33:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf [2013.05.12 13:52:36 | 000,014,610 | ---- | C] () -- C:\Users\*****\socks.pyc [2013.05.12 13:52:36 | 000,006,655 | ---- | C] () -- C:\Users\*****\terminal.pyc [2013.05.12 13:48:45 | 000,013,785 | ---- | C] () -- C:\Users\*****\socks.py [2013.05.12 13:48:45 | 000,007,331 | ---- | C] () -- C:\Users\*****\terminal.py [2013.05.12 13:48:45 | 000,006,865 | ---- | C] () -- C:\Users\*****\torshammer.py [2013.04.28 14:47:35 | 000,000,446 | ---- | C] () -- C:\Users\*****\.swfinfo [2013.04.28 11:08:06 | 000,065,536 | -H-- | C] () -- C:\Windows\SysWow64\WebCamLib.dll [2013.04.11 07:01:36 | 000,000,579 | ---- | C] () -- C:\Users\*****\AppData\Roaming\All CPU MeterV3_Settings.ini [2013.04.06 12:37:02 | 000,004,510 | ---- | C] () -- C:\Users\*****\AppData\Roaming\CamStudio.cfg [2013.04.06 12:37:02 | 000,000,408 | ---- | C] () -- C:\Users\*****\AppData\Roaming\CamShapes.ini [2013.04.06 12:37:02 | 000,000,408 | ---- | C] () -- C:\Users\*****\AppData\Roaming\CamLayout.ini [2013.04.06 12:37:02 | 000,000,046 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Camdata.ini [2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2013.03.12 08:03:43 | 000,001,604 | ---- | C] () -- C:\Windows\Sandboxie.ini [2013.03.11 20:22:04 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll [2013.03.10 18:39:34 | 000,000,236 | ---- | C] () -- C:\Windows\ODBCINST.INI [2013.03.03 13:52:20 | 000,000,132 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen [2013.03.02 22:27:06 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe [2013.03.01 21:30:51 | 001,607,524 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.03.01 20:54:21 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2013.03.01 20:43:30 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2013.03.01 20:34:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2013.02.05 18:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2013.02.05 18:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2013.02.05 18:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2013.02.05 18:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2013.02.05 18:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2012.04.06 03:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.04.06 03:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 1100 bytes -> C:\Users\*****\AppData\Local\W2x6IGVyFi2:byW1MesiOuK7CgZcAMCSJJ < End of report > Geändert von DarkDevelope (06.06.2013 um 05:51 Uhr) Grund: OLT eingefügt |
|
06.06.2013, 08:20
| #2 |
| /// the machine /// TB-Ausbilder    | Das öffnen von Webseiten dauert nach einer Zeit sehr lange Hi,
__________________es fehlt noch die Extras.txt 
__________________ |
|
06.06.2013, 09:55
| #3 | |
| | Das öffnen von Webseiten dauert nach einer Zeit sehr langeZitat:
Wie finde ich die Extras.txt raus? Gruß Dark, |
|
06.06.2013, 10:01
| #4 |
| /// the machine /// TB-Ausbilder | Das öffnen von Webseiten dauert nach einer Zeit sehr lange Die wurde von OTL neben der OTL.txt angelegt. Aber lass mal. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches OTL log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.06.2013, 13:18
| #5 |
| | Das öffnen von Webseiten dauert nach einer Zeit sehr lange Hier bitte :-) ADWCleaner: Code:
ATTFilter # AdwCleaner v2.301 - Datei am 06/06/2013 um 14:05:13 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Admin - ADMIN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Admin\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : BrowserProtect
Gestoppt & Gelöscht : SProtection
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
Datei Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\aaaq1vc0.default\bprotector_extensions.sqlite
Gelöscht mit Neustart : C:\Program Files (x86)\askpartnernetwork
Gelöscht mit Neustart : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\ProgramData\APN
Ordner Gelöscht : C:\ProgramData\askpartnernetwork
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Iminent
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Temp\APN
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Iminent
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\d08cd1e73cb948
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\SimplyGen
Schlüssel Gelöscht : HKLM\Software\Umbrella
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\d08cd1e73cb948
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16576
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v12.0 (en-US)
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\aaaq1vc0.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v27.0.1453.110
Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.2462] : homepage = "hxxp://search.babylon.com/?affID=120307&babsrc=HP_ss&mntrId=F6B8902B34A231A2",
Gelöscht [l.2833] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/?affID=120307&babsrc=HP_ss&mntrId=F[...]
*************************
AdwCleaner[R1].txt - [25095 octets] - [06/06/2013 14:04:14]
AdwCleaner[S1].txt - [25144 octets] - [06/06/2013 14:05:13]
########## EOF - C:\AdwCleaner[S1].txt - [25205 octets] ##########
JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x64
Ran by Admin on 06.06.2013 at 14:10:00,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
Failed to delete: [Folder] "C:\Program Files (x86)\askpartnernetwork"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.06.2013 at 14:12:33,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter OTL logfile created on: 06.06.2013 14:14:18 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,96 Gb Total Physical Memory | 5,95 Gb Available Physical Memory | 74,76% Memory free 15,92 Gb Paging File | 13,67 Gb Available in Paging File | 85,84% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 758,79 Gb Free Space | 81,47% Space Free | Partition Type: NTFS Computer Name: ***-PC | User Name: *** | Logged in as ***istrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.06 06:44:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe PRC - [2013.05.29 07:27:40 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.04.26 09:09:38 | 000,169,096 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe PRC - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2013.04.15 11:14:14 | 000,027,256 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\tsengine.exe PRC - [2013.02.10 19:07:32 | 000,913,920 | ---- | M] (Ares Development Group) -- C:\Program Files (x86)\Ares\Ares.exe PRC - [2013.01.26 07:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\***\AppData\Local\Akamai\netsession_win.exe PRC - [2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\tsupdate.exe PRC - [2012.06.28 17:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2012.05.20 18:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2012.05.15 16:17:26 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012.05.15 16:17:22 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012.05.10 16:20:34 | 000,165,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012.01.13 15:04:16 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe PRC - [2011.03.24 17:11:18 | 000,107,800 | ---- | M] (Octoshape ApS) -- C:\Users\***\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe PRC - [2010.11.21 05:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe PRC - [2009.10.20 23:27:34 | 000,057,344 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\VMware\VMware Server\tomcat\bin\Tomcat6.exe PRC - [2009.10.20 15:22:06 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe PRC - [2009.10.20 15:21:56 | 000,326,192 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe PRC - [2009.10.20 15:21:20 | 000,322,096 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Server\vmware-hostd.exe PRC - [2009.10.20 15:21:20 | 000,121,392 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Server\vmware-authd.exe ========== Modules (No Company Name) ========== MOD - [2013.05.29 07:27:38 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll MOD - [2013.05.29 07:27:35 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll MOD - [2013.05.29 07:26:40 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll MOD - [2013.05.29 07:26:39 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll MOD - [2013.05.29 07:26:36 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll MOD - [2013.04.15 18:41:26 | 000,674,816 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\wx._misc_.pyd MOD - [2013.04.15 11:14:14 | 000,027,256 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\tsengine.exe MOD - [2013.01.29 18:20:40 | 000,082,944 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\cpyamf.util.pyd MOD - [2013.01.29 18:20:40 | 000,066,048 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\cpyamf.amf0.pyd MOD - [2012.11.29 23:59:32 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll MOD - [2012.11.14 18:00:08 | 000,018,944 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\pycompat.pyd MOD - [2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\tsupdate.exe MOD - [2012.06.25 14:49:20 | 001,482,820 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll MOD - [2012.06.21 15:58:06 | 002,826,311 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll MOD - [2012.06.21 14:31:46 | 000,618,563 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\work.dll MOD - [2012.06.20 15:11:58 | 000,294,912 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL MOD - [2012.05.22 20:12:56 | 001,331,266 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\SF.dll MOD - [2012.05.08 16:01:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll MOD - [2012.05.07 22:45:00 | 001,429,589 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll MOD - [2012.03.01 10:14:46 | 001,335,362 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\HM.dll MOD - [2012.02.07 18:38:58 | 000,358,912 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\pythoncom27.dll MOD - [2012.02.07 18:38:58 | 000,358,912 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\pythoncom27.dll MOD - [2012.02.07 18:37:24 | 000,098,816 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\win32api.pyd MOD - [2012.02.07 18:37:24 | 000,098,816 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\win32api.pyd MOD - [2012.02.07 18:36:30 | 000,024,064 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\win32pdh.pyd MOD - [2012.02.07 18:36:30 | 000,024,064 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\win32pdh.pyd MOD - [2012.02.07 18:36:08 | 000,111,616 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\win32file.pyd MOD - [2012.02.07 18:36:08 | 000,111,616 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\win32file.pyd MOD - [2012.02.07 18:35:46 | 000,110,080 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\pywintypes27.dll MOD - [2012.02.07 18:35:46 | 000,110,080 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\pywintypes27.dll MOD - [2012.01.13 15:04:16 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe MOD - [2011.10.18 10:26:16 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\STT.dll MOD - [2011.09.14 18:12:30 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll MOD - [2011.07.15 21:38:22 | 000,674,816 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\wx._misc_.pyd MOD - [2011.07.15 21:38:12 | 000,966,144 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\wx._controls_.pyd MOD - [2011.07.15 21:38:12 | 000,966,144 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\wx._controls_.pyd MOD - [2011.07.15 21:38:06 | 000,670,720 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\wx._windows_.pyd MOD - [2011.07.15 21:38:06 | 000,670,720 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\wx._windows_.pyd MOD - [2011.07.15 21:38:00 | 000,746,496 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\wx._gdi_.pyd MOD - [2011.07.15 21:38:00 | 000,746,496 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\wx._gdi_.pyd MOD - [2011.07.15 21:37:48 | 000,981,504 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\wx._core_.pyd MOD - [2011.07.15 21:37:48 | 000,981,504 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\wx._core_.pyd MOD - [2011.07.15 21:34:26 | 000,479,744 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_html_vc.dll MOD - [2011.07.15 21:34:26 | 000,479,744 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_html_vc.dll MOD - [2011.07.15 21:34:16 | 000,730,112 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_adv_vc.dll MOD - [2011.07.15 21:34:16 | 000,730,112 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_adv_vc.dll MOD - [2011.07.15 21:34:10 | 003,165,184 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_core_vc.dll MOD - [2011.07.15 21:34:10 | 003,165,184 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_core_vc.dll MOD - [2011.07.15 21:33:40 | 000,122,368 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\wxbase28uh_net_vc.dll MOD - [2011.07.15 21:33:40 | 000,122,368 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\wxbase28uh_net_vc.dll MOD - [2011.07.15 21:33:38 | 001,300,992 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\wxbase28uh_vc.dll MOD - [2011.07.15 21:33:38 | 001,300,992 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\wxbase28uh_vc.dll MOD - [2011.06.12 15:09:18 | 000,720,896 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\_ssl.pyd MOD - [2011.06.12 15:09:18 | 000,720,896 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\_ssl.pyd MOD - [2011.06.12 15:09:18 | 000,038,400 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\_socket.pyd MOD - [2011.06.12 15:09:18 | 000,038,400 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\_socket.pyd MOD - [2011.06.12 15:06:24 | 000,152,576 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\pyexpat.pyd MOD - [2011.06.12 15:06:24 | 000,152,576 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\pyexpat.pyd MOD - [2011.06.12 15:06:22 | 000,287,232 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\_hashlib.pyd MOD - [2011.06.12 15:06:22 | 000,287,232 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\_hashlib.pyd MOD - [2011.06.12 15:06:22 | 000,106,496 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\_ctypes.pyd MOD - [2011.06.12 15:06:22 | 000,011,776 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\select.pyd MOD - [2011.06.12 15:06:22 | 000,011,776 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\select.pyd MOD - [2011.06.12 15:06:20 | 000,688,128 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\unicodedata.pyd MOD - [2011.03.01 20:00:58 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll MOD - [2011.02.13 17:02:12 | 000,031,232 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\Crypto.Cipher.AES.pyd MOD - [2011.01.18 23:56:22 | 000,334,336 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\updater\lib\M2Crypto.__m2crypto.pyd MOD - [2011.01.18 23:56:22 | 000,334,336 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\M2Crypto.__m2crypto.pyd MOD - [2010.10.11 00:23:52 | 000,723,968 | ---- | M] () -- C:\Users\***\AppData\Roaming\TorrentStream\engine\lib\apsw.pyd MOD - [2010.06.24 16:50:08 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll MOD - [2010.06.10 16:52:24 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll MOD - [2010.03.12 06:40:58 | 004,449,632 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll MOD - [2010.03.12 06:40:56 | 000,423,256 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Device.dll MOD - [2008.05.07 16:22:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll MOD - [2003.02.14 15:11:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll ========== Services (SafeList) ========== SRV:64bit: - [2013.03.29 03:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2012.12.16 13:25:38 | 000,123,664 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV:64bit: - [2012.05.30 14:11:34 | 000,149,544 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2012.04.20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:64bit: - [2010.05.20 16:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc) SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.05.20 16:42:52 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service) SRV - [2013.05.15 17:08:22 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.15 12:08:44 | 002,467,664 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.05.01 08:09:52 | 000,296,448 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe -- (SystemStoreService) SRV - [2013.04.26 09:09:38 | 000,169,096 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP) SRV - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2013.02.28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2012.05.15 16:17:26 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.05.15 16:17:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.05.10 16:20:34 | 000,165,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2011.08.30 16:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009.10.20 23:27:34 | 000,057,344 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Server\tomcat\bin\Tomcat6.exe -- (VMwareServerWebAccess) SRV - [2009.10.20 15:22:06 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2009.10.20 15:21:56 | 000,326,192 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2009.10.20 15:21:20 | 000,322,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Server\vmware-hostd.exe -- (VMwareHostd) SRV - [2009.10.20 15:21:20 | 000,121,392 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Server\vmware-authd.exe -- (VMAuthdService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.05.19 15:54:56 | 000,067,584 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm) DRV:64bit: - [2013.04.12 11:41:28 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2013.03.29 04:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2013.03.29 03:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2013.02.22 09:17:06 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd) DRV:64bit: - [2013.02.22 09:17:06 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2013.02.22 09:17:06 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2013.02.14 13:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2013.01.31 11:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple) DRV:64bit: - [2013.01.29 18:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.12.16 13:25:34 | 000,202,632 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV:64bit: - [2012.11.26 18:05:24 | 000,075,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:64bit: - [2012.10.11 05:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam) DRV:64bit: - [2012.10.08 20:52:52 | 000,031,968 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012.05.30 14:10:50 | 000,016,168 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2012.05.20 18:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2012.05.20 18:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2012.05.20 18:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2012.04.25 09:07:18 | 000,104,560 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.12.02 12:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2011.11.02 11:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 15:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:64bit: - [2010.11.20 15:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:64bit: - [2010.11.20 13:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:64bit: - [2010.11.20 13:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:64bit: - [2010.07.01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV:64bit: - [2010.05.20 16:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo) DRV:64bit: - [2009.10.20 15:23:48 | 000,076,336 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2009.10.20 15:23:44 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2009.10.20 15:23:36 | 000,065,072 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2009.10.20 15:22:54 | 000,038,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2009.10.20 15:21:10 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:64bit: - [2009.10.20 15:21:10 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2013.06.06 14:07:31 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2013.06.06 14:07:15 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2013.05.28 17:00:54 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1A B0 C8 DD AE 16 CE 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: magicplayer@torrentstream.org:1.1.22 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\***\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS) FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\Users\***\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB) FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.12: C:\Users\***\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.06.04 19:33:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.04 19:33:33 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\***\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org [2013.04.27 19:23:22 | 000,000,000 | ---D | M] [2013.06.04 18:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2013.06.04 18:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\aaaq1vc0.default\extensions [2013.06.04 18:01:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.27 19:23:22 | 000,000,000 | ---D | M] (TS Magic Player) -- C:\USERS\***\APPDATA\ROAMING\TORRENTSTREAM\EXTENSIONS\FIREFOX\MAGICPLAYER@TORRENTSTREAM.ORG [2013.06.04 19:33:33 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2013.04.06 17:17:21 | 000,005,142 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\arccosine.xml [2013.06.04 19:33:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.06.04 19:33:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npoctoshape.dll CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Power Challenge Loader (Enabled) = C:\Users\***\AppData\LocalLow\POWERC~1\nppowerloader.dll CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\***\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll CHR - plugin: Torrent Stream P2P Multimedia Plug-in 2 (Enabled) = C:\Users\***\AppData\Roaming\TorrentStream\player\npts_plugin.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll O1 HOSTS File: ([2013.06.05 15:12:52 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll (Simple Adblock) O2 - BHO: (Ask Toolbar) - {4D594333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {4D594333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" File not found O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\***\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group) O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\***\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS) O4 - HKCU..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" File not found O4 - HKCU..\Run: [TorrentStream] C:\Users\***\AppData\Roaming\TorrentStream\engine\tsengine.exe () O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehavior*** = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Program Files (x86)\VMware\VMware Server\x64\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Program Files (x86)\VMware\VMware Server\x64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Server\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Server\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F32ABA1C-1E6A-479A-9E53-A7964C1AE152}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\gopher - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (expstart.exe) - C:\Windows\expstart.exe () O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.06 14:09:58 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.06.06 14:09:52 | 000,000,000 | ---D | C] -- C:\JRT [2013.06.04 19:24:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2013.06.03 21:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive [2013.06.03 21:54:21 | 000,000,000 | R--D | C] -- C:\Users\***\SkyDrive [2013.06.03 21:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive [2013.06.03 21:45:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2013.06.03 21:13:38 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll.backup [2013.06.03 21:13:36 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll.backup [2013.06.01 06:47:33 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer [2013.05.31 20:20:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2013.05.31 09:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunatic [2013.05.30 19:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnotherLifeClient [2013.05.30 19:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Another Life [2013.05.30 15:19:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Animake [2013.05.30 15:19:47 | 000,000,000 | ---D | C] -- C:\PROGRAMME [2013.05.30 15:03:34 | 000,000,000 | ---D | C] -- C:\Users\***\.thumbnails [2013.05.30 15:02:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\fontconfig [2013.05.30 15:02:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\gegl-0.2 [2013.05.30 15:02:13 | 000,000,000 | ---D | C] -- C:\Users\***\.gimp-2.8 [2013.05.30 14:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2013.05.29 18:58:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [2013.05.29 18:58:57 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker [2013.05.29 17:59:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digiturk [2013.05.29 17:58:39 | 000,000,000 | ---D | C] -- C:\Windows\symbols [2013.05.29 17:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\VS [2013.05.29 17:48:20 | 000,000,000 | ---D | C] -- C:\ATI [2013.05.27 17:21:59 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2013.05.27 17:21:59 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2013.05.27 17:21:59 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2013.05.27 17:21:59 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2013.05.27 17:21:59 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2013.05.27 17:21:59 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2013.05.27 17:21:59 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2013.05.27 17:21:59 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2013.05.27 17:21:59 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2013.05.27 17:21:59 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2013.05.27 17:21:59 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2013.05.27 17:21:59 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2013.05.27 17:21:59 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2013.05.27 17:21:59 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2013.05.27 17:21:58 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2013.05.27 17:21:58 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2013.05.27 17:21:57 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2013.05.27 17:21:57 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2013.05.27 17:21:57 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2013.05.27 17:21:57 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2013.05.27 17:21:57 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2013.05.27 17:21:57 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2013.05.27 17:21:57 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2013.05.27 17:21:56 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2013.05.27 17:21:56 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2013.05.27 17:21:56 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2013.05.27 17:21:56 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2013.05.27 17:21:56 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2013.05.27 17:21:56 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2013.05.27 17:21:56 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2013.05.27 17:21:55 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2013.05.27 17:21:55 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2013.05.27 17:21:55 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2013.05.27 17:21:55 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2013.05.27 17:21:55 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2013.05.27 17:21:55 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2013.05.27 17:21:55 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2013.05.27 17:21:55 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2013.05.27 17:21:55 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2013.05.27 17:21:55 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2013.05.27 17:21:55 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2013.05.27 17:21:55 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2013.05.27 17:21:54 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2013.05.27 17:21:54 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2013.05.27 17:21:54 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2013.05.27 17:21:54 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2013.05.27 17:21:54 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2013.05.27 17:21:54 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2013.05.27 17:21:54 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2013.05.27 17:21:54 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2013.05.27 17:21:54 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2013.05.27 17:21:54 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2013.05.27 17:21:54 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2013.05.27 17:21:54 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2013.05.27 17:21:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2013.05.27 17:21:54 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2013.05.27 17:21:54 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2013.05.27 17:21:54 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2013.05.27 17:21:54 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2013.05.27 17:21:54 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2013.05.27 17:21:54 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2013.05.27 17:21:54 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2013.05.27 17:21:54 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2013.05.27 17:21:54 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2013.05.27 17:21:53 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2013.05.27 17:21:53 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2013.05.27 17:21:53 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2013.05.27 17:21:53 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2013.05.27 17:21:53 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2013.05.27 17:21:53 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2013.05.27 17:21:53 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2013.05.27 17:21:53 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2013.05.27 17:21:53 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2013.05.27 17:21:53 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2013.05.27 17:21:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2013.05.27 17:21:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2013.05.27 17:21:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2013.05.27 17:21:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2013.05.27 17:21:53 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2013.05.27 17:21:53 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2013.05.27 17:21:53 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2013.05.27 17:21:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2013.05.27 17:21:52 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2013.05.27 17:21:52 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2013.05.27 17:21:52 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2013.05.27 17:21:52 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2013.05.27 17:21:52 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2013.05.27 17:21:52 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2013.05.27 17:21:51 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2013.05.27 17:21:51 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2013.05.27 17:21:50 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2013.05.27 17:21:50 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2013.05.27 17:21:48 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2013.05.27 17:21:48 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2013.05.27 17:21:48 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2013.05.27 17:21:48 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2013.05.27 17:21:48 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2013.05.27 17:21:48 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2013.05.27 17:21:47 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2013.05.27 17:21:47 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2013.05.27 17:21:47 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2013.05.27 17:21:47 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2013.05.27 17:21:47 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2013.05.27 17:21:47 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2013.05.27 17:21:46 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2013.05.27 17:21:46 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2013.05.27 17:21:46 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2013.05.27 17:21:46 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2013.05.27 17:21:46 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2013.05.27 17:21:46 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2013.05.27 17:21:46 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2013.05.27 17:21:46 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2013.05.27 17:21:46 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2013.05.27 17:21:46 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2013.05.27 17:21:46 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2013.05.27 17:21:46 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2013.05.27 17:21:45 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2013.05.27 17:21:45 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2013.05.27 17:21:45 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2013.05.27 17:21:45 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2013.05.27 17:21:45 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2013.05.27 17:21:45 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2013.05.27 17:21:45 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2013.05.27 17:21:45 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2013.05.27 17:21:44 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2013.05.27 17:21:44 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2013.05.27 17:21:43 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2013.05.27 17:21:43 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2013.05.27 17:21:43 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2013.05.27 17:21:43 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2013.05.24 19:50:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MySQL [2013.05.24 11:29:35 | 000,000,000 | ---D | C] -- C:\server [2013.05.24 08:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\MySQL [2013.05.24 07:44:11 | 000,000,000 | ---D | C] -- C:\Users\***\VirtualBox VMs [2013.05.23 22:57:30 | 000,000,000 | ---D | C] -- C:\Users\***\.VirtualBox [2013.05.23 22:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2013.05.23 22:56:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2013.05.23 22:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2013.05.22 13:11:56 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys [2013.05.22 13:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2013.05.22 13:11:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2013.05.20 16:42:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macromedia Shared [2013.05.20 16:39:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision [2013.05.20 16:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia [2013.05.20 16:39:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Macromedia [2013.05.19 15:54:56 | 000,067,584 | ---- | C] (Eugene V. Muzychenko) -- C:\Windows\SysNative\drivers\vrtaucbl.sys [2013.05.19 15:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable [2013.05.19 15:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual Audio Cable [2013.05.19 15:48:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork [2013.05.19 15:47:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam [2013.05.19 15:47:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ManyCam [2013.05.19 15:47:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ManyCam [2013.05.19 15:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ManyCam [2013.05.19 15:47:26 | 000,044,928 | ---- | C] (ManyCam LLC) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys [2013.05.19 15:47:05 | 000,519,304 | ---- | C] (Ask Partner Network) -- C:\Users\***\Documents\APNSetup1.exe [2013.05.19 15:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp [2013.05.19 15:47:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ManyCam [2013.05.18 09:04:57 | 000,000,000 | ---D | C] -- C:\Users\***\Screenshots [2013.05.18 09:02:53 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ScreenCapture [2013.05.18 09:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen Capturer [2013.05.18 09:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Screen Capturer [2013.05.18 09:02:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ScreenCapture [2013.05.18 08:58:14 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Screen Recording Suite [2013.05.16 06:22:57 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.05.16 06:22:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.05.16 06:22:57 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.16 06:22:56 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.16 06:22:56 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.05.16 06:22:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.05.16 06:22:56 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.05.16 06:22:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.05.16 06:22:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.05.16 06:22:56 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.05.16 06:22:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.05.16 06:22:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.05.16 06:22:55 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.16 06:22:55 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.16 06:22:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.15 05:55:31 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.05.15 05:55:31 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013.05.15 05:55:25 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.05.15 05:55:25 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.05.15 05:55:25 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013.05.15 05:55:25 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013.05.15 05:55:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013.05.12 18:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn [2013.05.12 13:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7 [2013.05.12 13:51:32 | 000,000,000 | ---D | C] -- C:\Python27 [2013.05.11 22:02:39 | 000,000,000 | ---D | C] -- C:\5665b4540bce1692782821fd93bd8b [2013.05.10 21:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server [2013.05.10 21:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2013.05.10 21:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2013.05.10 21:27:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2013.05.10 21:26:39 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Visual Studio 2010 [2013.05.10 21:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express [2013.05.10 21:26:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 10.0 [2013.05.10 21:25:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0 [2013.05.10 21:25:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs [2013.05.10 21:25:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.06 14:11:03 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.06 14:08:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.06 14:07:31 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys [2013.06.06 14:07:31 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref [2013.06.06 14:07:15 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2013.06.06 14:06:55 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.06 14:06:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.06 14:06:43 | 2116,947,967 | -HS- | M] () -- C:\hiberfil.sys [2013.06.06 14:06:10 | 000,016,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.06 14:06:10 | 000,016,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.06 14:05:39 | 000,000,153 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat [2013.06.05 15:35:21 | 000,001,994 | ---- | M] () -- C:\Users\***\Desktop\TeamViewer 8.lnk [2013.06.05 15:31:42 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini [2013.06.05 15:12:52 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.06.04 18:01:40 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.06.04 07:15:38 | 000,000,847 | ---- | M] () -- C:\Users\***\Desktop\samp.lnk [2013.06.04 07:15:05 | 000,001,998 | ---- | M] () -- C:\Users\***\Desktop\Minecraft&Updater.lnk [2013.06.03 22:46:48 | 000,001,969 | ---- | M] () -- C:\Users\***\Desktop\Skype.lnk [2013.06.03 22:46:24 | 000,001,216 | ---- | M] () -- C:\Users\***\Desktop\Movie Studio Platinum 12.0 (64-bit).lnk [2013.06.03 21:41:07 | 000,001,716 | ---- | M] () -- C:\Users\***\Desktop\Remote Desktop Connection.lnk [2013.06.03 21:13:38 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll [2013.06.03 21:13:36 | 002,851,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll [2013.06.03 17:32:05 | 000,002,258 | -H-- | M] () -- C:\Users\***\Documents\Default.rdp [2013.06.03 09:26:11 | 000,001,604 | ---- | M] () -- C:\Windows\Sandboxie.ini [2013.05.31 08:53:56 | 000,001,456 | ---- | M] () -- C:\Users\***\AppData\Local\Adobe Für Web speichern 13.0 Prefs [2013.05.31 08:39:10 | 000,000,132 | ---- | M] () -- C:\Users\***\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen [2013.05.31 08:32:57 | 000,004,023 | ---- | M] () -- C:\Users\***\AppData\Local\recently-used.xbel [2013.05.30 18:55:00 | 000,000,132 | ---- | M] () -- C:\Users\***\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen [2013.05.29 17:51:23 | 001,607,524 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.05.29 17:51:23 | 000,704,500 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.29 17:51:23 | 000,658,002 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.29 17:51:23 | 000,151,636 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.29 17:51:23 | 000,124,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.29 17:51:15 | 001,607,524 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.28 17:00:54 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\etdrv.sys [2013.05.26 10:13:02 | 000,002,218 | ---- | M] () -- C:\Users\***\Desktop\Google Chrome.lnk [2013.05.24 08:57:07 | 000,000,236 | ---- | M] () -- C:\Windows\ODBCINST.INI [2013.05.19 15:54:56 | 000,067,584 | ---- | M] (Eugene V. Muzychenko) -- C:\Windows\SysNative\drivers\vrtaucbl.sys [2013.05.16 06:45:52 | 004,921,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.15 17:08:22 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.05.15 17:08:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.05.13 20:33:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf [2013.05.12 13:52:36 | 000,014,610 | ---- | M] () -- C:\Users\***\socks.pyc [2013.05.12 13:52:36 | 000,006,655 | ---- | M] () -- C:\Users\***\terminal.pyc [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.06 14:05:31 | 000,000,153 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat [2013.06.05 15:31:40 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini [2013.06.04 18:48:58 | 000,000,969 | ---- | C] () -- C:\Users\***\Desktop\Ares.lnk [2013.06.04 18:01:40 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.06.04 07:15:38 | 000,000,847 | ---- | C] () -- C:\Users\***\Desktop\samp.lnk [2013.06.04 07:15:05 | 000,001,998 | ---- | C] () -- C:\Users\***\Desktop\Minecraft&Updater.lnk [2013.06.03 22:46:48 | 000,001,969 | ---- | C] () -- C:\Users\***\Desktop\Skype.lnk [2013.06.03 22:46:24 | 000,001,216 | ---- | C] () -- C:\Users\***\Desktop\Movie Studio Platinum 12.0 (64-bit).lnk [2013.06.03 21:54:21 | 000,002,176 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk [2013.06.03 21:46:02 | 000,002,001 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2013.06.03 21:46:02 | 000,001,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2013.06.03 21:46:02 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2013.06.03 21:41:07 | 000,001,716 | ---- | C] () -- C:\Users\***\Desktop\Remote Desktop Connection.lnk [2013.06.03 21:07:36 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref [2013.05.31 08:44:48 | 000,001,456 | ---- | C] () -- C:\Users\***\AppData\Local\Adobe Für Web speichern 13.0 Prefs [2013.05.31 08:39:10 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen [2013.05.31 08:32:57 | 000,004,023 | ---- | C] () -- C:\Users\***\AppData\Local\recently-used.xbel [2013.05.30 14:57:22 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [2013.05.13 20:33:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf [2013.05.12 13:52:36 | 000,014,610 | ---- | C] () -- C:\Users\***\socks.pyc [2013.05.12 13:52:36 | 000,006,655 | ---- | C] () -- C:\Users\***\terminal.pyc [2013.05.12 13:48:45 | 000,013,785 | ---- | C] () -- C:\Users\***\socks.py [2013.05.12 13:48:45 | 000,007,331 | ---- | C] () -- C:\Users\***\terminal.py [2013.05.12 13:48:45 | 000,006,865 | ---- | C] () -- C:\Users\***\torshammer.py [2013.04.28 14:47:35 | 000,000,446 | ---- | C] () -- C:\Users\***\.swfinfo [2013.04.28 11:08:06 | 000,065,536 | -H-- | C] () -- C:\Windows\SysWow64\WebCamLib.dll [2013.04.11 07:01:36 | 000,000,579 | ---- | C] () -- C:\Users\***\AppData\Roaming\All CPU MeterV3_Settings.ini [2013.04.06 12:37:02 | 000,004,510 | ---- | C] () -- C:\Users\***\AppData\Roaming\CamStudio.cfg [2013.04.06 12:37:02 | 000,000,408 | ---- | C] () -- C:\Users\***\AppData\Roaming\CamShapes.ini [2013.04.06 12:37:02 | 000,000,408 | ---- | C] () -- C:\Users\***\AppData\Roaming\CamLayout.ini [2013.04.06 12:37:02 | 000,000,046 | ---- | C] () -- C:\Users\***\AppData\Roaming\Camdata.ini [2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2013.03.12 08:03:43 | 000,001,604 | ---- | C] () -- C:\Windows\Sandboxie.ini [2013.03.11 20:22:04 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll [2013.03.10 18:39:34 | 000,000,236 | ---- | C] () -- C:\Windows\ODBCINST.INI [2013.03.03 13:52:20 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen [2013.03.02 22:27:06 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe [2013.03.01 21:30:51 | 001,607,524 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.03.01 20:54:21 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2013.03.01 20:43:30 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2013.03.01 20:34:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2013.02.05 18:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2013.02.05 18:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2013.02.05 18:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2013.02.05 18:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2013.02.05 18:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2012.04.06 03:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.04.06 03:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 1100 bytes -> C:\Users\***\AppData\Local\W2x6IGVyFi2:byW1MesiOuK7CgZcAMCSJJ < End of report > |
|
06.06.2013, 13:20
| #6 |
| /// the machine /// TB-Ausbilder | Das öffnen von Webseiten dauert nach einer Zeit sehr langeESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches OTL log. Noch Probleme?
__________________ --> Das öffnen von Webseiten dauert nach einer Zeit sehr lange |
|
06.06.2013, 13:21
| #7 | |
| | Das öffnen von Webseiten dauert nach einer Zeit sehr langeZitat:
Extras von Heute Morgen: Code:
ATTFilter OTL Extras logfile created on: 06.06.2013 06:45:55 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\****\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,96 Gb Total Physical Memory | 5,45 Gb Available Physical Memory | 68,48% Memory free
15,92 Gb Paging File | 12,97 Gb Available in Paging File | 81,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 758,84 Gb Free Space | 81,47% Space Free | Partition Type: NTFS
Computer Name: ****-PC | User Name: **** | Logged in as ****istrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{087606B5-4410-411D-8261-090FBF4133DC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0DFC0FEE-E690-4D16-B33F-B755E268FA75}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{208C5D07-24E6-47D5-8A13-FB676EBD24C7}" = rport=138 | protocol=17 | dir=out | app=system |
"{2233F86A-DD17-4F8F-980C-3A0C5E3F421A}" = lport=139 | protocol=6 | dir=in | app=system |
"{284B78D6-483E-4F5A-A33C-6527A6C29DA4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2A1FAB1F-11FB-4423-A699-1AB04856B39C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3507922C-8CEC-469B-AB79-3BE8111CD973}" = lport=2869 | protocol=6 | dir=in | app=system |
"{35BEEC76-49CB-4387-9F9C-BA522B66567D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3EFC6B7E-7664-42E5-B23A-C1287D020616}" = lport=137 | protocol=17 | dir=in | app=system |
"{3F1446A7-1DC0-4CFD-9D2A-CD133394BB7E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{46CEC699-FF15-4F96-B3C5-4D79FAA15112}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4C2BBC2D-37A6-48F8-BF36-CD454FC9D1B9}" = rport=137 | protocol=17 | dir=out | app=system |
"{4E03D585-08EA-4FDD-8E66-983B999BDB12}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5AC84ED4-F035-4ACD-AFAE-89EFC441B73E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{81894463-6B7B-4BF9-93C5-7A9A9CC5ACC8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{84E45C02-6EBC-4029-BE05-E112D15D469F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8AF91FA3-3173-49BE-84B7-30476D47FCA3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A11EDABF-AA34-451D-B381-135388FC2BBB}" = rport=139 | protocol=6 | dir=out | app=system |
"{D77EC09B-ED57-4ECF-9D75-A06EB3569C3A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D93F7900-60C9-48F3-8C11-A8B1B4DECF84}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E23E7D9F-F5BF-47BD-9164-EAB6834340A0}" = lport=445 | protocol=6 | dir=in | app=system |
"{E426F92E-4698-466A-8EA4-103F7950AACA}" = rport=445 | protocol=6 | dir=out | app=system |
"{E502CA38-0CE4-44AD-A896-99EEA359D555}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00652D74-A0E4-436B-9B86-F3FEBE757C29}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware server\vmware-hostd.exe |
"{05B5AC6C-FA6D-4FC2-9C7D-F4BE89DA4AAA}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\apowersoftac.dll |
"{06AA1610-2DDD-4F56-8117-6177D058D2F1}" = protocol=17 | dir=in | app=c:\users\****\desktop\debbo v3.5\debbo v3.5 with v28 furni.exe |
"{11C49244-09E8-4B60-A265-25E49B4C52FB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{1A9ECE55-EE22-4D20-A31F-CAB27C0395ED}" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\darccomet\darkcomet.exe |
"{1AAAD59B-A388-456F-9891-3D34919CB869}" = protocol=6 | dir=in | app=c:\users\****\desktop\neuer ordner\novofatum 3.exe |
"{1B98131D-CCC5-4E74-B3A1-80751799091D}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{1E093DFE-AA43-4323-822B-FFF1579E1F2B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1EAFD276-F022-4AFE-8910-2500CA03CAF0}" = protocol=17 | dir=in | app=c:\users\****\desktop\hablog v10 [fixed]\resource (final).exe |
"{216923B3-01FF-405B-B050-2A3867ED95E3}" = protocol=17 | dir=in | app=c:\program files (x86)\simpletv 0.4.7 r3\tv.exe |
"{281BAA5A-89B4-4210-B7BB-D56CF5554D3A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{28359955-59F0-478C-B324-1D3E2F30BFB9}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware server\vmware-hostd.exe |
"{2A44A630-E2B2-4EAF-8728-B4E66483DC49}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{2DEE989E-66DA-4E3B-A999-4E44340BE0DC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2EC8836F-9ECF-48A9-BBA1-167C490FB207}" = dir=in | app=c:\users\****\appdata\local\microsoft\skydrive\skydrive.exe |
"{2FA71F09-55C3-4166-AAEB-B813842E3785}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{3510DB0E-645F-4271-A065-DA0C37E02415}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3B44961A-676C-4E3F-9AEB-AACFDA328025}" = protocol=6 | dir=in | app=c:\users\****\desktop\neuer ordner\novofatum r3.exe |
"{3C83E45F-CA90-46EA-8FA6-3568386598A0}" = protocol=6 | dir=in | app=c:\users\****\desktop\emulator\bcstorm\bin\debug\butterfly emulator.vshost.exe |
"{3D59A666-DE07-4EE5-B00A-39A12650327F}" = protocol=58 | dir=in | app=system |
"{3D69D976-A05C-4517-B5E3-3F31661BC792}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4172BEC2-CA02-450E-ABE4-5AF270DF153D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{45A54E8D-588A-4916-8F9E-CA7F51443306}" = protocol=6 | dir=in | app=c:\users\****\desktop\debbo 4\debboproject v4 - public beta.exe |
"{4B9A7EDD-D204-43BA-93EC-7915F2140D46}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{4D1E9CED-35BF-4E0C-AAC3-B982F40D8D43}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\apowersoftsrv.dll |
"{51244659-E8AE-4336-B855-8B8B2D665FF3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{51DBE0E7-B147-4CC8-BD9C-C6FA0531E174}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{549F649F-FF56-4F78-B76A-7E7EEEE55CCE}" = protocol=6 | dir=in | app=c:\users\****\desktop\bcstorm\bin\debug\butterfly emulator.vshost.exe |
"{559E5ACC-AAEB-4B87-BAE0-D46990E9354F}" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{5B97D3ED-5FAB-4B37-8FBC-315B5B19C297}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6290D3B5-C13D-4EA2-B58F-FF76B531852E}" = protocol=17 | dir=in | app=c:\users\****\desktop\emulator\bcstorm\bin\debug\butterfly emulator.vshost.exe |
"{62A08AB9-B766-4D3A-A8D8-7A34A5E93C70}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{63D95B03-D60F-42CD-BDE5-B456A6EE9B15}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware server\vmware-authd.exe |
"{698BF58C-03E0-4B30-A6EE-B2ADB028F875}" = dir=in | app=c:\program files (x86)\iminent\iminent.exe |
"{6C331772-1132-432A-AA47-09F9F4094A9E}" = protocol=6 | dir=in | app=c:\users\****\desktop\fstorm\bin\debug\butterfly emulator.vshost.exe |
"{6F500E80-B188-4395-803C-94054E147E96}" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{747B9F67-31C5-48BC-97D6-138D7FC78DB4}" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\habbo\retro hotel\emulator\bcstorm\bin\debug\butterfly emulator.vshost.exe |
"{75B3CF18-2CD5-4D88-9C1D-96C48FEFC0C1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{76B022E1-B74A-4FF6-ADE5-44DC8D6FD6D2}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware server\vmware-authd.exe |
"{7B495F06-4F17-4B76-B45B-BD25E0148FED}" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\habbo\scripting tools\novo fatum r3\novofatum r3.exe |
"{7BBB5C64-3F39-4D26-9C3D-46C5A83C331A}" = dir=in | app=c:\program files (x86)\iminent\iminent.messengers.exe |
"{7BEC3D7E-4023-4E90-8063-AB73EE4EC06E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{7CE0AC89-0A98-401D-84C3-6BA79810D032}" = protocol=6 | dir=in | app=c:\program files (x86)\simpletv 0.4.7 r3\tv.exe |
"{7FA6A765-09AE-4C11-AE88-9376417CB059}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware server\vmware-authd.exe |
"{849A15E9-8809-4034-9873-208114F9610C}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{853564D5-C6A0-45E5-9C0E-4ED53EEB01A4}" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\darccomet\darkcomet.exe |
"{898CE5BF-224A-4489-A610-D42974B344E8}" = protocol=6 | dir=in | app=c:\users\****\desktop\novo fatum r2\novofatum light.exe |
"{8D76F90A-0016-4757-8254-D2A3D3920BB3}" = protocol=6 | dir=in | app=c:\server\apache\bin\httpd.exe |
"{8F3D7814-5F9D-487A-919F-D6EFA13DC6D2}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{93E31C23-926E-4504-9476-40AC746164E5}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware server\vmware-hostd.exe |
"{A09323D0-1D5A-4B80-9882-73B2BC71A1F8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{A35CAF95-0F0C-4D86-826F-0E8A2D159745}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A36ECB60-B20F-437F-A525-E49CCB216BDE}" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\habbo\scripting tools\novo fatum r3\novofatum r3.exe |
"{A3C2761D-DDDC-4D58-B625-3828AB47337F}" = protocol=17 | dir=in | app=c:\users\****\desktop\fstorm\bin\debug\butterfly emulator.vshost.exe |
"{A5F29CAB-A3FB-485A-BB93-3CF4AFD9A5A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A6F8CA76-A6E2-454A-AD71-C7B0855F45E1}" = protocol=17 | dir=in | app=c:\users\****\desktop\neuer ordner\novofatum 3.exe |
"{AB584D56-2AB2-433B-95C5-A991AE874C57}" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\habbo\retro hotel\emulator\bcstorm\bin\debug\butterfly emulator.vshost.exe |
"{AB98F9B2-7737-4BC2-8E98-D5DB3FF04AE5}" = protocol=17 | dir=in | app=c:\users\****\appdata\roaming\torrentstream\engine\tsengine.exe |
"{AD4B8B0B-7618-4786-BC70-793164E5BAB3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{AFE60499-2D11-4651-90F7-328349B33421}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B14E5CFC-5B42-40A8-8C0A-34CD498E398F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B33C2FA4-56EB-425B-97F9-1BD82859CD9E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B3E5ACEA-1C15-4CD1-A6B1-19AF97F950D9}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware server\vmware-authd.exe |
"{B4785512-261A-470D-B57A-52471568C028}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B51E6A3E-6D29-4FFC-B3D5-AD02A26DECC6}" = protocol=17 | dir=in | app=c:\users\****\desktop\habbotr\debbo v3.5\debbo v3.5 with v28 furni.exe |
"{B894782D-5F6A-4CE8-91C8-B2E40BF0175B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{B9EA6B58-50ED-4D4E-B6C2-6A192BC3029F}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\apowersoftdump.dll |
"{B9F95A7C-2DA8-4623-8520-13EC64D34BA5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{BABF48BF-408C-42B5-84AC-3947FADFB928}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{BF2041FA-4AC6-4902-9F30-443F10B57B9F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{BF281236-FB13-4309-9D88-4E5FC974B756}" = protocol=6 | dir=out | app=system |
"{C3731184-697A-4CDF-9505-70251A863B4D}" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\software\dark comet\darkcomet.exe |
"{C86845CC-1C0F-4851-83AC-9EC599366906}" = protocol=6 | dir=in | app=c:\users\****\desktop\debbo v3.5\debbo v3.5 with v28 furni.exe |
"{CFD91293-ABCB-4CA9-A0AF-FBE04BE56CA2}" = protocol=17 | dir=in | app=c:\server\mysql\bin\mysqld.exe |
"{D3643989-244C-4B5C-8370-E65A773A18C8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D4D38AE8-9770-4E37-A74C-1EF6A07F87DD}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\apowersoftplayer.dll |
"{D64E5817-5939-4F8A-8922-E4448AC2C85D}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware server\vmware-hostd.exe |
"{D8201835-E5FF-4C07-87B3-02580C1CB775}" = protocol=6 | dir=in | app=c:\users\****\appdata\roaming\torrentstream\engine\tsengine.exe |
"{D8B4F742-2616-43C1-A6AE-65C094C13147}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{D9C943B1-0700-41C3-8FB0-4888E7026C00}" = protocol=6 | dir=in | app=c:\users\****\desktop\hablog v10 [fixed]\resource (final).exe |
"{DABBEECE-61CD-4CD8-A8AE-2D2DF89578D2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DC30C8C7-F4A3-4D9B-95B3-2E70CDEB41CF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{DC5DEAEE-71BF-4083-8969-D5997B8741F8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DCD822A4-6AEE-41B7-8354-6B9D8A199F9F}" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{DE3A8912-C0C3-4C08-A2A4-DC8709587835}" = protocol=17 | dir=in | app=c:\users\****\desktop\neuer ordner\novofatum r3.exe |
"{E327AEDD-ED39-4636-86F8-6DB2C9D1D0A3}" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\software\dark comet\darkcomet.exe |
"{E3B371FA-AB80-403F-9C68-F6C2B813301D}" = protocol=17 | dir=in | app=c:\users\****\desktop\bcstorm\bin\debug\butterfly emulator.vshost.exe |
"{E8BD4A6A-5CD8-416C-A9C6-FCD322A5E3B7}" = protocol=17 | dir=in | app=c:\users\****\downloads\files\ts player.exe |
"{E8E4D788-A732-4015-8355-72DE165A9A05}" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{EA632989-C5D4-4CF7-BD2E-21917F03BEAF}" = protocol=17 | dir=in | app=c:\users\****\desktop\debbo 4\debboproject v4 - public beta.exe |
"{EB7621E8-F8DA-4A65-8A91-7063AFA8332A}" = protocol=17 | dir=in | app=c:\server\apache\bin\httpd.exe |
"{EBEEBEF6-CBD7-41E6-AA57-62B88E3A4B45}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F1D96DF7-72FA-4BB3-AC12-CAF2EC82D8C2}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{F6C818CE-9E0C-4FCE-931F-CF6295191714}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{F75A4DA4-E238-4648-89DE-C1840A4A01B4}" = protocol=17 | dir=in | app=c:\users\****\desktop\novo fatum r2\novofatum light.exe |
"{F884D717-2FF0-435C-9DDD-BEBA781A72AB}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\streaming video recorder.exe |
"{F889CDF9-74D1-4CEC-975A-62DB359CF28C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA9FDD37-707D-476F-B63E-CE5D2777FAD9}" = protocol=6 | dir=in | app=c:\users\****\desktop\habbotr\debbo v3.5\debbo v3.5 with v28 furni.exe |
"{FC91244E-BAA2-49BB-82EF-7C47F7C42679}" = protocol=6 | dir=in | app=c:\server\mysql\bin\mysqld.exe |
"{FFB76735-A4EA-4512-BF6E-5CA65C0DAB52}" = protocol=6 | dir=in | app=c:\users\****\downloads\files\ts player.exe |
"TCP Query User{14E6D9FD-199C-4E9C-B0FB-892BA871D9AF}C:\users\****\appdata\roaming\torrentstream\engine\tsengine.exe" = protocol=6 | dir=in | app=c:\users\****\appdata\roaming\torrentstream\engine\tsengine.exe |
"TCP Query User{18E8E1CF-DD19-4E17-8AA5-04C75053731B}C:\users\****\desktop\ordner\habbo\retro hotel\phoenix 3.11.0\phoenix 3.0.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\habbo\retro hotel\phoenix 3.11.0\phoenix 3.0.exe |
"TCP Query User{1AA647DB-7333-4802-9698-4DBB91FE1BB0}C:\users\****\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe" = protocol=6 | dir=in | app=c:\users\****\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe |
"TCP Query User{1DC1E180-E4E3-46D4-A362-D9EF709E2633}C:\users\****\desktop\novo fatum r2\novofatum light.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\novo fatum r2\novofatum light.exe |
"TCP Query User{2C374D55-02C9-493D-82AB-8D8748D3B138}C:\users\****\desktop\debbo 4\debboproject v4 - public beta.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\debbo 4\debboproject v4 - public beta.exe |
"TCP Query User{2EA3F36E-D08B-4E0E-AED0-35E9174A4327}C:\users\****\desktop\ordner\habbo\retro hotel\emulator\bcstorm\bin\debug\butterfly emulator.vshost.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\habbo\retro hotel\emulator\bcstorm\bin\debug\butterfly emulator.vshost.exe |
"TCP Query User{306DDA97-9014-4F4B-A6FC-C4F903D9C741}C:\users\****\desktop\ordner\habbo\scripting tools\novo fatum r3\novofatum r3.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\habbo\scripting tools\novo fatum r3\novofatum r3.exe |
"TCP Query User{3088EFB0-B3B6-4AC0-91CB-F473FF771884}C:\program files (x86)\simpletv 0.4.7 r3\tv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\simpletv 0.4.7 r3\tv.exe |
"TCP Query User{350431ED-0D66-4E19-B182-C90A28D4F2BA}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{38DDF3B2-7723-4ED5-A9AE-EA2825E52929}C:\users\****\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\****\appdata\local\akamai\netsession_win.exe |
"TCP Query User{399C800F-76C4-467B-A307-DADF8ADBB8BE}C:\server\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\server\mysql\bin\mysqld.exe |
"TCP Query User{39DD7FE2-26B1-4C83-931E-0F77214ABBBF}C:\xampp\filezillaftp\filezilla server.exe" = protocol=6 | dir=in | app=c:\xampp\filezillaftp\filezilla server.exe |
"TCP Query User{3E427168-DC2E-4076-BD1C-CE4DDA80D007}C:\users\****\desktop\ordner\habbo\retro hotel\phoenix 3.7.1\free phoenix 3.7.1 build 13800 i2.3.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\habbo\retro hotel\phoenix 3.7.1\free phoenix 3.7.1 build 13800 i2.3.exe |
"TCP Query User{3F5B3F50-DB60-4BD6-9F4B-12FD59795313}C:\users\****\desktop\emulator\bcstorm\bin\debug\butterfly emulator.vshost.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\emulator\bcstorm\bin\debug\butterfly emulator.vshost.exe |
"TCP Query User{453E3380-D310-466A-BBED-CF9BCD93C663}C:\users\****\desktop\bcstorm\bin\debug\butterfly emulator.vshost.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\bcstorm\bin\debug\butterfly emulator.vshost.exe |
"TCP Query User{4983E923-7814-4268-B434-BC1980DDB2B1}C:\users\****\desktop\ordner\habbo\retro hotel\old school\woodpecker\woodpecker emulator\bin\debug\woodpecker.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\habbo\retro hotel\old school\woodpecker\woodpecker emulator\bin\debug\woodpecker.exe |
"TCP Query User{4A8FF676-71CC-49B1-87BC-40842A9C001A}C:\users\****\desktop\firewind 1.0.4880.21731\firewind emulator.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\firewind 1.0.4880.21731\firewind emulator.exe |
"TCP Query User{52E8DBD2-54B1-4679-A227-A64EA2773D90}C:\users\****\desktop\phoenix 3.7.1\free phoenix 3.7.1 build 13800 i2.3.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\phoenix 3.7.1\free phoenix 3.7.1 build 13800 i2.3.exe |
"TCP Query User{647FD568-2E92-403D-8BD5-5A0623EF400F}C:\users\****\downloads\bittorrent_7.8.0.29112.exe" = protocol=6 | dir=in | app=c:\users\****\downloads\bittorrent_7.8.0.29112.exe |
"TCP Query User{700BE7F7-D841-41D4-A94B-689C92BB88B1}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe |
"TCP Query User{7277FDBC-51A4-4E35-B70E-580A036073AC}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe |
"TCP Query User{771BDA41-21E6-4333-8606-A54EB0B24930}C:\users\****\desktop\ordner\habbo\retro hotel\phoenix emulator\phoenix 3.0.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\habbo\retro hotel\phoenix emulator\phoenix 3.0.exe |
"TCP Query User{7F63AC1A-80DC-416A-AB92-821F912DEB1F}C:\users\****\desktop\hablog v10 [fixed]\resource (final).exe" = protocol=6 | dir=in | app=c:\users\****\desktop\hablog v10 [fixed]\resource (final).exe |
"TCP Query User{91CF026E-0462-43EC-A11E-8D6B74EFB726}C:\users\****\downloads\files\ts player.exe" = protocol=6 | dir=in | app=c:\users\****\downloads\files\ts player.exe |
"TCP Query User{9872FD89-C9E4-47AF-9D80-42600A417504}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{A4594103-B70E-4B9A-8206-9DC4ED7A0F46}C:\users\****\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\****\appdata\local\akamai\netsession_win.exe |
"TCP Query User{A98A9BCD-7678-4D47-8689-D2DB3FAFA46D}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{AEFCBD6B-D273-4BFE-B261-9876856084BD}C:\users\****\desktop\ordner\software\hakops-rat\hakops-rat.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\software\hakops-rat\hakops-rat.exe |
"TCP Query User{B8D3C564-BC88-4526-8925-FA5A9648F1A8}C:\users\****\desktop\neuer ordner\novofatum r3.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\neuer ordner\novofatum r3.exe |
"TCP Query User{C30C3E7C-7FD5-4EEB-AE53-3FFA6BDCC73D}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{C5E3ABF2-DD27-4C68-BE8E-717BA1734456}C:\users\****\downloads\bittorrent_7.8.0.29112.exe" = protocol=6 | dir=in | app=c:\users\****\downloads\bittorrent_7.8.0.29112.exe |
"TCP Query User{C6394E1A-284A-4465-8DF2-7E5E5BB8FE58}C:\users\****\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\****\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{C7AB1C79-C445-4ABF-BC5A-517A5DF642C5}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{D2CD1D8D-5CAE-4C82-B7EF-BBB61F7F0437}C:\users\****\desktop\fstorm\bin\debug\butterfly emulator.vshost.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\fstorm\bin\debug\butterfly emulator.vshost.exe |
"TCP Query User{D63BE039-4F82-4FFF-AD1D-21449563B48F}C:\users\****\desktop\ordner\darccomet\darkcomet.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\darccomet\darkcomet.exe |
"TCP Query User{D8C878ED-1E92-4710-921F-A8FFC3102E70}C:\users\****\desktop\neuer ordner\novofatum 3.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\neuer ordner\novofatum 3.exe |
"TCP Query User{DC3D1220-1E89-41FB-9AA0-53771732DF68}C:\server\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\server\apache\bin\httpd.exe |
"TCP Query User{E19981B9-B330-4794-A5BA-1768DA0DDCCA}C:\users\****\desktop\ordner\software\dark comet\darkcomet.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\ordner\software\dark comet\darkcomet.exe |
"TCP Query User{EE30FA23-1F78-4463-860A-64A6F9F5B4BF}C:\users\****\desktop\debbo v3.5\debbo v3.5 with v28 furni.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\debbo v3.5\debbo v3.5 with v28 furni.exe |
"TCP Query User{F6E9A836-E162-471C-B45B-BDB76AF8A6AA}C:\users\****\desktop\neuer ordner\debboproject v4 - public beta.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\neuer ordner\debboproject v4 - public beta.exe |
"TCP Query User{FC629E46-4C25-420C-9F42-632BF13995A9}C:\users\****\desktop\habbotr\debbo v3.5\debbo v3.5 with v28 furni.exe" = protocol=6 | dir=in | app=c:\users\****\desktop\habbotr\debbo v3.5\debbo v3.5 with v28 furni.exe |
"UDP Query User{0198FC77-0292-4827-92FE-D54D2012D219}C:\xampp\filezillaftp\filezilla server.exe" = protocol=17 | dir=in | app=c:\xampp\filezillaftp\filezilla server.exe |
"UDP Query User{140525E9-6A45-4B55-848E-88E4F8526D6F}C:\users\****\desktop\phoenix 3.7.1\free phoenix 3.7.1 build 13800 i2.3.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\phoenix 3.7.1\free phoenix 3.7.1 build 13800 i2.3.exe |
"UDP Query User{1468A6AB-794D-469A-B710-002A8279605D}C:\users\****\desktop\neuer ordner\novofatum r3.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\neuer ordner\novofatum r3.exe |
"UDP Query User{1480987D-19F4-49DC-9FF7-4DD5AB7BDEB6}C:\users\****\desktop\ordner\software\hakops-rat\hakops-rat.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\software\hakops-rat\hakops-rat.exe |
"UDP Query User{16E942E8-9124-469B-82A6-8F9D0A17D86D}C:\users\****\desktop\hablog v10 [fixed]\resource (final).exe" = protocol=17 | dir=in | app=c:\users\****\desktop\hablog v10 [fixed]\resource (final).exe |
"UDP Query User{1B9E4FC7-5DA3-4C83-8CB4-B4CF1CEDD38B}C:\users\****\desktop\ordner\habbo\retro hotel\old school\woodpecker\woodpecker emulator\bin\debug\woodpecker.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\habbo\retro hotel\old school\woodpecker\woodpecker emulator\bin\debug\woodpecker.exe |
"UDP Query User{1BFC3A53-EA22-46E6-A630-51F99EBAAB43}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{1C60AD82-B0C4-4D28-86EF-A540DFF77A55}C:\users\****\desktop\debbo v3.5\debbo v3.5 with v28 furni.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\debbo v3.5\debbo v3.5 with v28 furni.exe |
"UDP Query User{239D7016-E4C4-49FB-AA9D-E9A133D8533A}C:\users\****\downloads\bittorrent_7.8.0.29112.exe" = protocol=17 | dir=in | app=c:\users\****\downloads\bittorrent_7.8.0.29112.exe |
"UDP Query User{276B9CD7-A9D6-47E1-9353-E5ECF3B09A4D}C:\users\****\desktop\ordner\habbo\retro hotel\phoenix 3.11.0\phoenix 3.0.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\habbo\retro hotel\phoenix 3.11.0\phoenix 3.0.exe |
"UDP Query User{36FD3401-674C-4566-9F8A-56AA969E05BB}C:\users\****\desktop\ordner\habbo\retro hotel\emulator\bcstorm\bin\debug\butterfly emulator.vshost.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\habbo\retro hotel\emulator\bcstorm\bin\debug\butterfly emulator.vshost.exe |
"UDP Query User{3C4EFF1A-2F4A-4C9E-A4D1-36390D5D6DEB}C:\users\****\desktop\neuer ordner\novofatum 3.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\neuer ordner\novofatum 3.exe |
"UDP Query User{4A6D16DA-D3AD-4D83-8539-924FC4756916}C:\users\****\desktop\emulator\bcstorm\bin\debug\butterfly emulator.vshost.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\emulator\bcstorm\bin\debug\butterfly emulator.vshost.exe |
"UDP Query User{4EFD67D0-917A-4479-AE41-CE95D5236F77}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{609661B6-596D-4FD8-BF2E-06CAD8717793}C:\users\****\downloads\bittorrent_7.8.0.29112.exe" = protocol=17 | dir=in | app=c:\users\****\downloads\bittorrent_7.8.0.29112.exe |
"UDP Query User{62A70C49-2102-4520-937B-446E9F75DDB6}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{6593F050-3078-4ABD-9ABF-FD009BEB26A3}C:\users\****\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe" = protocol=17 | dir=in | app=c:\users\****\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe |
"UDP Query User{66109E36-1A81-4550-A5EE-1897418DDC1B}C:\server\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\server\mysql\bin\mysqld.exe |
"UDP Query User{6B75BE00-A2E2-4D6D-B619-338D0844DD3C}C:\users\****\desktop\neuer ordner\debboproject v4 - public beta.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\neuer ordner\debboproject v4 - public beta.exe |
"UDP Query User{6CDAA0D6-F69E-437A-8C11-DDF63AE0A1B5}C:\users\****\desktop\ordner\habbo\retro hotel\phoenix emulator\phoenix 3.0.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\habbo\retro hotel\phoenix emulator\phoenix 3.0.exe |
"UDP Query User{6DA9FDAE-7073-42E5-96D9-17D17B0766E1}C:\users\****\desktop\fstorm\bin\debug\butterfly emulator.vshost.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\fstorm\bin\debug\butterfly emulator.vshost.exe |
"UDP Query User{73C0B98A-E5F5-4408-B571-F0CF12308886}C:\users\****\desktop\debbo 4\debboproject v4 - public beta.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\debbo 4\debboproject v4 - public beta.exe |
"UDP Query User{742E8439-B8A2-4216-99E3-CD875CFC8168}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe |
"UDP Query User{81B56ECE-F3AA-49C2-8ECC-F1270D3D7175}C:\users\****\desktop\ordner\habbo\retro hotel\phoenix 3.7.1\free phoenix 3.7.1 build 13800 i2.3.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\habbo\retro hotel\phoenix 3.7.1\free phoenix 3.7.1 build 13800 i2.3.exe |
"UDP Query User{8383B427-D64F-4AA4-B98D-751CFB00A101}C:\users\****\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\****\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{90E06CC8-0EFE-4B8E-92A5-530D19AD817C}C:\users\****\appdata\roaming\torrentstream\engine\tsengine.exe" = protocol=17 | dir=in | app=c:\users\****\appdata\roaming\torrentstream\engine\tsengine.exe |
"UDP Query User{953CC2D5-11AB-494D-B915-D328607A4E00}C:\users\****\desktop\ordner\software\dark comet\darkcomet.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\software\dark comet\darkcomet.exe |
"UDP Query User{970A0031-2640-4D0A-B280-B9564A17A417}C:\users\****\desktop\firewind 1.0.4880.21731\firewind emulator.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\firewind 1.0.4880.21731\firewind emulator.exe |
"UDP Query User{9CFF52E1-C3E8-45C6-A4C5-9B36DD08DA40}C:\users\****\desktop\ordner\habbo\scripting tools\novo fatum r3\novofatum r3.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\habbo\scripting tools\novo fatum r3\novofatum r3.exe |
"UDP Query User{A0B35519-EB06-441C-9BA6-041F2948DF12}C:\users\****\desktop\habbotr\debbo v3.5\debbo v3.5 with v28 furni.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\habbotr\debbo v3.5\debbo v3.5 with v28 furni.exe |
"UDP Query User{A33B321D-8FAA-4843-8F67-9E5E31F7C476}C:\users\****\desktop\ordner\darccomet\darkcomet.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\ordner\darccomet\darkcomet.exe |
"UDP Query User{BC3C8508-D390-4270-8170-3857D9B61098}C:\program files (x86)\simpletv 0.4.7 r3\tv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\simpletv 0.4.7 r3\tv.exe |
"UDP Query User{D09D5E76-0477-486D-BE72-060F1092D461}C:\users\****\desktop\bcstorm\bin\debug\butterfly emulator.vshost.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\bcstorm\bin\debug\butterfly emulator.vshost.exe |
"UDP Query User{DC108BE2-73B9-40C0-982D-DD0DB4A116B5}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe |
"UDP Query User{E5B47E51-61C1-4D31-8285-983974DE60AA}C:\users\****\downloads\files\ts player.exe" = protocol=17 | dir=in | app=c:\users\****\downloads\files\ts player.exe |
"UDP Query User{E6162A80-3FB7-44EA-A7E2-131CF97E32F0}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{EA4A3132-A4A0-4B25-A1AF-F5E3D36DC1C3}C:\server\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\server\apache\bin\httpd.exe |
"UDP Query User{EC37820A-3C2F-48FE-B174-140C916AD066}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{F150419A-BB98-483A-90DA-F424A7055EA0}C:\users\****\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\****\appdata\local\akamai\netsession_win.exe |
"UDP Query User{F48A120C-552E-4656-AA28-7B4A392F06D8}C:\users\****\desktop\novo fatum r2\novofatum light.exe" = protocol=17 | dir=in | app=c:\users\****\desktop\novo fatum r2\novofatum light.exe |
"UDP Query User{F52536D5-7FFC-4965-AA46-38A943E2E795}C:\users\****\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\****\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003B37AE-21F5-5BC5-F5EB-CD60A8928696}" = AMD Accelerated Video Transcoding
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C1DE303-E41B-44BA-8ABA-B7F09D857001}" = Oracle VM VirtualBox 4.2.12
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{20c31435-2a0a-4580-be8b-ac06fc243ca5}" = Python 2.7 (64-bit)
"{216B40EF-9DFE-4207-A7C1-0DBE818ACE82}" = MySQL Connector/ODBC 3.51
"{24F93B56-61F5-415F-85B9-AA444DA34AFC}" = Microsoft-Maus- und Tastatur-Center
"{29AFE1B0-26A4-11E1-BFD4-F04DA23A5C58}" = MSVCRT Redists
"{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1" = Streaming Video Recorder V4.3.1
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{35D00343-3BFA-46A1-C6DD-FFD770501E0B}" = AMD Drag and Drop Transcoding
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{653B9326-BD45-53BE-681A-A49CAAEE8A3C}" = ccc-utility64
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{6C3C3A70-958D-11E2-B0E5-F04DA23A5C58}" = Movie Studio Platinum 12.0 (64-bit)
"{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.6
"{7E708ADE-6575-11E2-8713-F04DA23A5C58}" = MSVCRT Redists
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5 DEU Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}" = AMD Catalyst Install Manager
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{A2585A63-ADD2-3F54-9819-125E680CC7E1}" = Microsoft .NET Framework 4.5 DEU Language Pack
"{AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0}" = AMD Media Foundation Decoders
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B9E62002-BD74-30EC-9049-93E0E003C736}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{C214301F-F5D7-36D9-B3A2-1467C5586495}" = Microsoft Help Viewer 1.1 Language Pack - DEU
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F1590230-97C5-11E2-892D-1040F3E7010F}" = MSVCRT Redists
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.63.0
"GIMP-2_is1" = GIMP 2.8.4
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.8.0 (64-bit)
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Help Viewer 1.1 Language Pack - DEU" = Microsoft Help Viewer 1.1 Language Pack - DEU
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
"Sandboxie" = Sandboxie 3.76 (64-bit)
"Unlocker" = Unlocker 1.9.2
"Virtual Audio Cable 4.9" = Virtual Audio Cable 4.9
"VLC media player" = VLC media player 2.0.6
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{04B83666-3A62-452B-85D3-70F8117F2329}_is1" = CamStudio version 2.7
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{118D6CE9-5F18-42F9-958A-14676A629FDE}" = Iminent
"{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}" = CCC Help Dutch
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect
"{1B305614-536F-47B0-917D-140C1D2477BA}}_is1" = AnotherLife Client Version 1.0.1
"{1D1D81AD-E6B1-497D-8419-7D2E5DDC124D}" = XSplit
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2367FAB6-055A-4923-835F-F57F7BBBA363}_is1" = Paint XP version 1.1
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{338CD56F-1CDC-CF32-33F6-DED2DF92284E}" = CCC Help French
"{35B32BE5-E234-473E-8894-446E2360F458}" = Digiturk_Wmc
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0626.1
"{46458556-5C46-79A9-A6FF-81DF1F8B2729}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D594333-0076-A76A-76A7-A758B70B0802}" = Ask Toolbar
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{519D68B8-A768-4CDC-E4C9-B115D49CED93}" = CCC Help Norwegian
"{51D383BC-D988-8C1E-FAA1-BC5260A32A87}" = CCC Help Polish
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5A883D2B-D279-0D01-6E62-B810AFD8CC62}" = Catalyst Control Center InstallProxy
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5E21B617-F52E-BB10-92F9-C8AB2C799A8A}" = Adobe Download Assistant
"{5FD88490-011C-4DF1-B886-F298D955171B}" = MySQL Connector Net 5.2.5
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67A4760F-9804-CCF6-C319-27840ED77924}" = CCC Help Korean
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6BE5E4A9-D88B-532D-26E6-883C32BF098A}" = CCC Help Thai
"{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}" = Catalyst Control Center
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75B7DF80-925B-11E2-94F5-F04DA23A5C58}" = Sound Forge Audio Studio 10.0
"{7DD62206-7B6C-E32E-BD11-B49B3B089D16}" = CCC Help Danish
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1" = Ashampoo Burning Studio 2013 v.11.0.6
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9739158D-EDED-D628-9865-1460B5A7FAE3}" = CCC Help Portuguese
"{9802B19D-04B3-7D0A-B76B-8B3C2931D8BD}" = Adobe Captivate Quiz Results Analyzer
"{9809124C-0C4C-2367-7889-1E16D8EF1AAF}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}" = CCC Help Greek
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB13F192-49FC-A065-F15C-746B10CC43C8}" = CCC Help Japanese
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AE548812-D611-608D-61C6-7E40F28573A2}" = CCC Help Russian
"{AF08C71F-F822-4416-87A9-2BBF5A8A5F12}" = VMware Server
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B4920103-09F6-4AD2-B150-CFC4474D2DDC}" = Simple Adblock
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BC63AEF9-1367-9F7C-5926-52E56450EDCD}" = CCC Help Spanish
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C1E2D27F-B363-588E-8859-9EF7F4EBF418}" = CCC Help Chinese Traditional
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C668416A-9213-4058-B7F2-01A42D85559D}" = Microsoft SQL Server System CLR Types
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}" = CCC Help Swedish
"{D81641E8-ABF1-3D07-803B-60E8FC619368}" = Microsoft Visual C# 2010 Express - DEU
"{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}" = CCC Help German
"{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}" = CCC Help English
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}" = Catalyst Control Center Localization All
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}" = CCC Help Czech
"{E42939AE-9660-11E2-9A0D-F04DA23A5C58}" = DVD Architect Studio 5.0
"{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}" = Catalyst Control Center Graphics Previews Common
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}" = Microsoft SQL Server 2008 R2 Management Objects
"{E9463114-898C-7C2A-2C47-E9ABC63F5D43}" = CCC Help Finnish
"{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1" = Screen Recording Suite V2.4.8
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F9706A8C-D740-42CA-8703-E08EDD0F0778}" = LogMeIn Hamachi
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF10AC4D-3349-99DA-3E58-5197CEA1D833}" = CCC Help Italian
"{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}" = CCC Help Turkish
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Ares" = Ares 2.2.4
"bi_uninstaller" = Bundled software uninstaller
"BSPlayerp" = BS.Player PRO
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"Free Studio_is1" = Free Studio version 2013
"Google Chrome" = Google Chrome
"HxD Hex Editor_is1" = HxD Hex Editor version 1.7.7.0
"IMBoosterARP" = Iminent
"ImgBurn" = ImgBurn
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0626.1
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"LogMeIn Hamachi" = LogMeIn Hamachi
"Macromedia Director MX 2004" = Macromedia Director MX 2004
"ManyCam" = ManyCam 3.1.53
"Microsoft Visual C# 2010 Express - DEU" = Microsoft Visual C# 2010 Express - DEU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"MinecraftAlpha" = MinecraftAlpha
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"PhotoScape" = PhotoScape
"PremiumSoft Navicat Lite_is1" = PremiumSoft Navicat Lite 10.0
"QuizResultsAnalyzer.C0CA58D26EB27EF0DDD094CE3C4337F3360F5EE2.1" = Adobe Captivate Quiz Results Analyzer
"Rainmeter" = Rainmeter
"Revo Uninstaller" = Revo Uninstaller 1.94
"Screen Capturer" = Screen Capturer
"SimpleTV 0.4.5 B2 Turkish" = SimpleTV 0.4.5 B2 Turkish
"SimpleTV 0.4.7 r3" = SimpleTV 0.4.7 r3
"Sothink SWF Decompiler 7.0 + Sothink SWF Editor 1.0_is1" = Sothink SWF Decompiler
"SpeedFan" = SpeedFan (remove only)
"TeamViewer 8" = TeamViewer 8
"Tunatic" = Tunatic
"Winamp" = Winamp
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.47-2
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"FileZilla Client" = FileZilla Client 3.6.0.2
"MyFreeCodec" = MyFreeCodec
"Octoshape Streaming Services" = Octoshape Streaming Services
"Power Loader" = Power Challenge Game Plugin
"SkyDriveSetup.exe" = Microsoft SkyDrive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TorrentStream" = Torrent Stream 2.0.8.12
"Winamp Detect" = Winamp Algılayıcı
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.06.2013 15:31:53 | Computer Name = ****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NovoFatum R3.exe, Version: 1.0.0.0,
Zeitstempel: 0x5148a932 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
Zeitstempel: 0x50b8479b Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000000000009e5d
ID
des fehlerhaften Prozesses: 0xc04 Startzeit der fehlerhaften Anwendung: 0x01ce5fc7aa1fb517
Pfad
der fehlerhaften Anwendung: C:\Users\****\Desktop\Neuer Ordner\NovoFatum R3.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: 138fa64b-cbbb-11e2-b72c-005056c00008
Error - 02.06.2013 15:33:21 | Computer Name = ****-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 02.06.2013 15:33:21 | Computer Name = ****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NovoFatum R3.exe, Version: 1.0.0.0,
Zeitstempel: 0x5148a932 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
Zeitstempel: 0x50b8479b Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000000000009e5d
ID
des fehlerhaften Prozesses: 0x1fc4 Startzeit der fehlerhaften Anwendung: 0x01ce5fc7dba93fd7
Pfad
der fehlerhaften Anwendung: C:\Users\****\Desktop\Neuer Ordner\NovoFatum R3.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: 48650d06-cbbb-11e2-b72c-005056c00008
Error - 02.06.2013 16:12:16 | Computer Name = ****-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 02.06.2013 16:12:17 | Computer Name = ****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NovoFatum R3.exe, Version: 1.0.0.0,
Zeitstempel: 0x5148a932 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
Zeitstempel: 0x50b8479b Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000000000009e5d
ID
des fehlerhaften Prozesses: 0x1b24 Startzeit der fehlerhaften Anwendung: 0x01ce5fc812288c3e
Pfad
der fehlerhaften Anwendung: C:\Users\****\Desktop\Neuer Ordner\NovoFatum R3.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: b8633c85-cbc0-11e2-b72c-005056c00008
Error - 02.06.2013 16:19:35 | Computer Name = ****-PC | Source = Application Hang | ID = 1002
Description = Programm GTA_SA.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1594 Startzeit:
01ce5fcdfeff2df7 Endzeit: 74 Anwendungspfad: C:\Users\****\Desktop\Ordner\GTA San
Andreas\GTA San Andreas\GTA_SA.exe Berichts-ID:
Error - 02.06.2013 16:19:47 | Computer Name = ****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: gta_sa.exe, Version: 0.0.0.0, Zeitstempel:
0x427101ca Name des fehlerhaften Moduls: gta_sa.exe, Version: 0.0.0.0, Zeitstempel:
0x427101ca Ausnahmecode: 0xc0000005 Fehleroffset: 0x000dd5a3 ID des fehlerhaften Prozesses:
0x1e2c Startzeit der fehlerhaften Anwendung: 0x01ce5fce812fa789 Pfad der fehlerhaften
Anwendung: C:\Users\****\Desktop\Ordner\GTA San Andreas\GTA San Andreas\gta_sa.exe
Pfad
des fehlerhaften Moduls: C:\Users\****\Desktop\Ordner\GTA San Andreas\GTA San
Andreas\gta_sa.exe Berichtskennung: c4992734-cbc1-11e2-b72c-005056c00008
Error - 02.06.2013 17:46:51 | Computer Name = ****-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.06.2013 00:51:22 | Computer Name = ****-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.06.2013 03:06:43 | Computer Name = ****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GTA_SA.exe, Version: 0.0.0.0, Zeitstempel:
0x427101ca Name des fehlerhaften Moduls: samp.dll_unloaded, Version: 0.0.0.0, Zeitstempel:
0x51101d7d Ausnahmecode: 0xc0000005 Fehleroffset: 0x044a53ad ID des fehlerhaften Prozesses:
0x17ac Startzeit der fehlerhaften Anwendung: 0x01ce6028dca331b8 Pfad der fehlerhaften
Anwendung: C:\Users\****\Desktop\Ordner\GTA San Andreas\GTA San Andreas\GTA_SA.exe
Pfad
des fehlerhaften Moduls: samp.dll Berichtskennung: 24cb0e8c-cc1c-11e2-aedb-005056c00008
Error - 03.06.2013 03:06:52 | Computer Name = ****-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 02.05.2013 07:40:11 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
VMware Host Agent erreicht.
Error - 02.05.2013 07:40:11 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "VMware Host Agent" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 02.05.2013 09:13:15 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
System Store erreicht.
Error - 02.05.2013 09:13:15 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "System Store" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error - 03.05.2013 06:58:54 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
System Store erreicht.
Error - 03.05.2013 06:58:54 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "System Store" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error - 03.05.2013 15:15:43 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
System Store erreicht.
Error - 03.05.2013 15:15:43 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "System Store" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error - 05.05.2013 15:12:16 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
System Store erreicht.
Error - 05.05.2013 15:12:16 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "System Store" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
< End of report >
|
|
06.06.2013, 13:43
| #8 |
| /// the machine /// TB-Ausbilder | Das öffnen von Webseiten dauert nach einer Zeit sehr lange Dann jetzt bitte obiger Anleitung folgen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.06.2013, 13:48
| #9 | |
| | Das öffnen von Webseiten dauert nach einer Zeit sehr langeZitat:
Ich nutze Windows 7 Pro 64x |
|
06.06.2013, 13:55
| #10 |
| /// the machine /// TB-Ausbilder | Das öffnen von Webseiten dauert nach einer Zeit sehr lange joah, kommr vor, dann jetzt ESET
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.06.2013, 14:53
| #11 | |
| | Das öffnen von Webseiten dauert nach einer Zeit sehr langeZitat:
|
|
06.06.2013, 15:12
| #12 |
| /// the machine /// TB-Ausbilder | Das öffnen von Webseiten dauert nach einer Zeit sehr lange Nee, schön fertig laufen lassen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.06.2013, 20:14
| #13 | |
| | Das öffnen von Webseiten dauert nach einer Zeit sehr langeZitat:
|
|
07.06.2013, 06:44
| #14 |
| /// the machine /// TB-Ausbilder | Das öffnen von Webseiten dauert nach einer Zeit sehr lange Entscheide dich mal. Willst Du Hilfe? Dann mach das was ich anweise oder Ich kann Dir nicht sagen ob die Kiste sauber ist und sauber bleibt.....
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.06.2013, 06:48
| #15 | |
| | Das öffnen von Webseiten dauert nach einer Zeit sehr langeZitat:
|
|
| Themen zu Das öffnen von Webseiten dauert nach einer Zeit sehr lange |
| .dll, acrobat update, adobe, adobe flash player, akamai, askpartnernetwork, ausgelastet, bho, explorer, file, flash player, google, helper, hijack, hijackthis, internet explorer, langsam, logfile, microsoft, monitor, neu, plug-in, security, software, softwareupdater, sprotection, usb, virtualbox, visual studio, windows, wmp, wscript.exe, öffnet |
Linear-Darstellung
