| |
| |||||||
Log-Analyse und Auswertung: CPU Auslastung extrem hoch, PC und Maus ruckeltWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
15.03.2015, 15:50
| #1 |
 |  CPU Auslastung extrem hoch, PC und Maus ruckelt Hallo, seit meinem leztzten Neustart ist mein PC recht langsam, ruckert ziemlich oft, die Maus "stottert" und die Auslastung des PCs ist stets im Leerlauf extrem hoch (80%). Ich weiß nun nicht mehr weiter. Habe wie in anderen Themen beschrieben OTL runte rgeladen, die Einstellungen so übernommen und poste nun die beiden Ausgabedateien, in der Hoffnung, dass mir jemand helfen kann. Code:
ATTFilter Extras.txt
OTL Extras logfile created on: 15.03.2015 15:21:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tweid_000\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17690)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,43 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 14,03% Memory free
9,89 Gb Paging File | 1,27 Gb Available in Paging File | 12,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917,43 Gb Total Space | 842,31 Gb Free Space | 91,81% Space Free | Partition Type: NTFS
Drive D: | 12,60 Gb Total Space | 1,60 Gb Free Space | 12,66% Space Free | Partition Type: NTFS
Drive E: | 6,90 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 1863,01 Gb Total Space | 1748,34 Gb Free Space | 93,84% Space Free | Partition Type: NTFS
Computer Name: PC | User Name: tweidner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Program Files (x86)\combit\cRM\Tools\editor\Scite.exe %1 (Neil Hodgson neilh@scintilla.org, Modifications by combit GmbH, www.combit.net)
jsefile [edit] -- C:\Program Files (x86)\combit\cRM\\Tools\editor\Scite.exe %1 (Neil Hodgson neilh@scintilla.org, Modifications by combit GmbH, www.combit.net)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [edit] -- C:\Program Files (x86)\combit\cRM\\Tools\editor\Scite.exe %1 (Neil Hodgson neilh@scintilla.org, Modifications by combit GmbH, www.combit.net)
vbsfile [edit] -- C:\Program Files (x86)\combit\cRM\Tools\editor\Scite.exe %1 (Neil Hodgson neilh@scintilla.org, Modifications by combit GmbH, www.combit.net)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Program Files (x86)\combit\cRM\Tools\editor\Scite.exe %1 (Neil Hodgson neilh@scintilla.org, Modifications by combit GmbH, www.combit.net)
jsefile [edit] -- C:\Program Files (x86)\combit\cRM\\Tools\editor\Scite.exe %1 (Neil Hodgson neilh@scintilla.org, Modifications by combit GmbH, www.combit.net)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [edit] -- C:\Program Files (x86)\combit\cRM\\Tools\editor\Scite.exe %1 (Neil Hodgson neilh@scintilla.org, Modifications by combit GmbH, www.combit.net)
vbsfile [edit] -- C:\Program Files (x86)\combit\cRM\Tools\editor\Scite.exe %1 (Neil Hodgson neilh@scintilla.org, Modifications by combit GmbH, www.combit.net)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016F8625-FB39-4025-BF34-CC13AB8947E9}" = lport=5357 | protocol=6 | dir=in | name=ws-eventing tcp port 5357 |
"{0828E0BF-C26C-4B4F-8FA2-85E51BE2EB4F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A313BE9-B763-437F-A7E0-F6B947B04AC3}" = lport=49505 | protocol=6 | dir=in | name=sqlserver |
"{12CE3434-20EF-4A77-9119-ED2D707BABAA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1D97A980-C84A-48E2-95DF-9C5F51ACC673}" = lport=1434 | protocol=17 | dir=in | name=sqlbrowser |
"{2A97F62F-0E78-435F-BC9E-81F6470F4AC3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2B9B52B6-8A92-4A78-93A8-5D90C8F127A2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{2E762EA2-343C-4305-AC31-149F8E76081F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2FD91177-2599-4B64-995A-203238A85DE8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{30A877DD-5B16-47AD-A719-BB5661E373B6}" = rport=137 | protocol=17 | dir=out | app=system |
"{34867F40-105A-49EF-AE65-F813892B254B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{35A3592F-352C-442B-B2F3-91BE9F0261BE}" = rport=138 | protocol=17 | dir=out | app=system |
"{3B71A46E-7D78-4DAD-B624-8F11909E4D89}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{491D4E0C-6D52-46B4-B10D-A3BA264D4D83}" = lport=139 | protocol=6 | dir=in | app=system |
"{4E7399B5-D88A-4CE3-A503-1B9596DE130C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4FC2E291-C165-4D84-A5B9-B34FE4FA2C3B}" = rport=445 | protocol=6 | dir=out | app=system |
"{6891F199-5AF9-4F91-B019-A689491AF859}" = lport=138 | protocol=17 | dir=in | app=system |
"{743ACCE7-6D18-43BF-8F78-D281D4D9C98A}" = rport=139 | protocol=6 | dir=out | app=system |
"{7CC64735-FA5E-4242-8C1D-5F475FF78FDB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8FB72EC9-B123-4C20-AFB2-D7DC30E80C7C}" = lport=445 | protocol=6 | dir=in | app=system |
"{9BEC5618-612F-4589-88C9-3A3EFC86301C}" = lport=137 | protocol=17 | dir=in | app=system |
"{C4F8037B-4826-4BF5-8D15-9A38F42FE7AF}" = lport=1434 | protocol=17 | dir=in | name=sqlbrowser |
"{CE84BE2B-2068-44CE-A799-D2D37985CB4F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D0D8D555-2AEE-4A2E-A690-CBD27C7906EB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DFEEEFD9-BA90-4629-A50F-79530160C140}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F3D67B4B-87CC-4EBA-ABD7-3B8321B2A280}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FAD80D41-32A6-4232-886E-C8164715AA06}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FDA18FD7-C94C-4CD9-B838-37FBF3B5A675}" = lport=49505 | protocol=6 | dir=in | name=sqlserver |
"{FE3D6AA5-D9CD-4C8A-A5CD-F36488F61EA5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03E6983F-DBF5-428B-B487-C5F60BA60D46}" = protocol=6 | dir=in | app=c:\program files (x86)\buhl\business\buero plus next\bpnext.exe |
"{05DB1966-CE68-4F88-A3D0-30C8D9843B56}" = dir=out | name=- games app - |
"{095F5422-D808-4AAA-9CAD-31A9FD293E54}" = dir=in | name=microsoft mahjong |
"{09F55C49-CE01-451A-92B1-AF2703BA1334}" = dir=in | name=mcafee® central for hp |
"{0A0F1456-7E6F-4FDF-B142-AAFCC35C7D68}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{0A867667-5A4C-45DE-8EEC-586A581887FD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1260E79A-F988-404B-BCBE-C5745CE134CF}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{1441465F-9E4E-477A-8047-B9954274426B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1641E708-2107-4EF0-839C-BE343BF58238}" = dir=out | name=hp registration |
"{187052E8-12D6-48C6-A02F-428EA24F78F2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1C552D1B-5C3A-44E9-B959-7A76C95CA8B1}" = dir=out | name=hp all-in-one printer remote |
"{1D8A0DF1-95DC-4203-B345-383CC3DE169A}" = dir=out | name=windows_ie_ac_001 |
"{1E4233C2-CDFA-482E-BBF4-52D0460D2210}" = dir=out | name=@{microsoft.bingweather_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{1F9BC7ED-8A02-44EC-B895-0E68B254BB7B}" = dir=out | name=onenote |
"{21E7354E-6D21-41F3-8D2F-75CD422553AD}" = dir=out | name=@{microsoft.bingnews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{23DF0A86-159E-4E90-858E-2020F1D74577}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{24027F5F-C14D-4DF1-B96A-59FCAC2FF533}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.253_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{2C64C5AB-DA1D-4633-9E56-E41C17D8BA64}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2CD4E45D-8E3E-4355-B8AF-E704B4EE01B2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{30DA0D95-52FB-4B88-8792-BEBDE1FEDDBE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{31097D77-C9E4-4A90-983C-ED6EF6B6665B}" = dir=out | name=microsoft solitaire collection |
"{37D5CD7F-D073-4FFC-99BE-A06E8C20910C}" = dir=in | name=onenote |
"{3C3F90BC-058D-4097-B682-740D320048FA}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa manager 13\manager13.exe |
"{3E80A1EA-95EA-4991-8108-DD4D8D735DD7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{478CA9EA-2EB8-497A-B100-AEB8F59BCAD4}" = dir=out | name=@{microsoft.bingtravel_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{489C2130-B07C-4281-9137-87049B9D66A7}" = protocol=17 | dir=in | app=c:\program files (x86)\buhl\business\daten\bpserver.exe |
"{4A12A665-31A6-401C-A1C1-765DF92A20A5}" = dir=out | name=sonic dash |
"{4CDD24C1-145E-4236-89BA-199B6EEC953D}" = dir=out | name=box |
"{4F8DEDE5-DD9F-45D5-92BA-EA4DFC07518E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{501FC5EA-BEDD-444B-9CBB-55E7BC56FAAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{52469985-EFBE-4342-BE90-A0C28D006B7C}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{59257F58-389A-4FB9-A434-3CE4A19AE2F4}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa manager 13\manager13.exe |
"{59FD95DA-ADCC-420B-AF93-E8E60232235A}" = dir=in | name=sonic dash |
"{5A99B3C7-4A97-4241-8707-F9238FEE9239}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5AA79B41-AA9D-4BD9-ACDF-57691897E3C2}" = dir=out | name=mcafee® central for hp |
"{5E0A95A1-46BC-4C67-8B02-C725853BBE51}" = dir=in | app=c:\program files\hp\hp officejet 4630 series\bin\faxapplications.exe |
"{5EBB0FD1-734F-4199-875C-C9D236109932}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6045525B-1040-484C-B976-9FA6C1208E8E}" = dir=in | name=hp connected photo |
"{62CBD775-D62E-41AB-9974-CAFF428F53D8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6462EFAB-B701-40CE-AFB2-167CDEF86883}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{674A0F2B-C8E2-493B-BA27-718179F86C22}" = dir=out | name=hp connected photo |
"{6799C2A7-AF7B-41AD-83AF-5C7F62C80065}" = dir=out | name=windows_ie_ac_001 |
"{6E8EFEFC-06FC-4747-8DA3-EE8934C602F0}" = dir=in | app=c:\program files\hp\hp officejet 4630 series\bin\digitalwizards.exe |
"{6E987F4D-FA34-4DA5-96CC-2CD930179765}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{76ED655E-0FDD-4856-8A8C-47EC1F3721E3}" = dir=in | name=skype |
"{81132386-B571-42B1-A3A1-27A60C96304B}" = protocol=6 | dir=out | app=system |
"{8835306E-C04A-41D0-9802-F1F34E490D23}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{8B917CDC-6308-4B72-A60B-DF117AD10E2A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{8DDA99BA-A873-4D7B-81FD-204E2EC361FA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{93F5A324-A172-4CCB-A2AD-DD7470677742}" = dir=in | app=c:\users\tweid_000\appdata\local\microsoft\skydrive\skydrive.exe |
"{94BF6C10-2031-4E6C-A661-9C024DEDF950}" = dir=out | name=@{ad2f1837.gettingstartedwithwindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A68AD303-24BB-488F-8F12-B198D96C4A22}" = dir=in | name=accuweather for windows 8 |
"{A71CF7D2-CE47-429F-A354-53C81135D28A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A76FEAB2-BE3C-4278-8C29-FEB448B1D064}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A97E8799-F86D-48F2-A321-BEC86F39FE1B}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{AEEF3C53-6868-41AF-B737-7D284996C7A2}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 13\game\fifa13.exe |
"{AEF7ABB3-8DDD-4583-AB93-E04E9109DEE4}" = dir=in | app=c:\program files\hp\hp officejet 4630 series\bin\hpnetworkcommunicatorcom.exe |
"{B410CEAB-DC90-4EF3-AC31-475D2862E239}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd.exe |
"{B5FFD111-35BB-421F-8759-3ED63AF2CC33}" = dir=out | name=skype |
"{B6E16278-E610-444B-A33E-9987656BF087}" = protocol=58 | dir=in | app=system |
"{B9386A35-9157-4031-BB17-BBCE8EEE3012}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BE1AA21E-5426-412E-905F-9B5D4DDF862F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BEDB82CB-BD2F-4490-BB97-04C781275818}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 13\game\fifa13.exe |
"{C0A027A3-B45A-451C-85E6-466E22ABF0D8}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{C52DA103-357C-43D9-A427-54BCC2B30BDA}" = dir=in | app=c:\program files\hp\hp officejet 4630 series\bin\sendafax.exe |
"{C6F6528C-5352-4DCF-BEBA-38E92D4BB320}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{CA923A26-3671-493F-A68B-14A15007A129}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CBE6A957-609F-45ED-9450-1B43CD9910E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D30885E9-40E5-47F6-AF8E-F8507C3C25E1}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{D4876116-8240-49A8-81FA-B29EB4021722}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D5115B3F-06B3-4421-9010-7B569C5C84F3}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{D5D15FA2-81C4-4FA1-9497-E57D2F15D443}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DD0B693E-49E1-4FC1-9CE9-F3711C8B317B}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{E03D4857-F604-40D4-94D3-B64385EE4BFE}" = dir=out | name=@{microsoft.zunevideo_2.6.434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{E3312E21-AF30-45A6-8410-6D362551277A}" = dir=in | name=microsoft solitaire collection |
"{E3AA89F8-17E9-445F-B09E-64108BF70320}" = dir=out | name=@{microsoft.bingsports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{E7DE874C-4645-442A-9B03-FB185E5A4ED9}" = dir=in | name=hp all-in-one printer remote |
"{E8D9CD32-8AF1-40BB-B44E-3815C56070F5}" = protocol=6 | dir=in | app=c:\program files (x86)\buhl\business\daten\bpserver.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE70CC27-9B9E-4688-BBF4-281BAA5F0B98}" = dir=out | name=accuweather for windows 8 |
"{EF7B4B4D-0390-4F1B-A0B6-590E3C50ED35}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{F1DB557F-129B-4100-9243-DF835B964450}" = dir=out | name=@{microsoft.bingfinance_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{F3F035FC-93AB-4F60-B491-BBFBED783CF6}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{F504353D-F010-46AC-B823-8712F64A2DF2}" = protocol=17 | dir=in | app=c:\program files (x86)\buhl\business\buero plus next\bpnext.exe |
"{F61502F7-E582-4E6A-A121-B55008486959}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F66081C0-C9D3-4E9A-A344-DBA1A23B19CF}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F833E6EB-5E93-4548-88B5-A2A4B7EFF561}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F8540923-16FC-441C-B95A-36E26BFB39AC}" = dir=in | app=c:\program files\hp\hp officejet 4630 series\bin\devicesetup.exe |
"{F8F705AA-3A7C-43CE-B50F-49D80168782B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FC3A9DED-62A2-4792-A442-A858A18F8048}" = dir=out | name=hp connected music |
"{FF0734C6-F67D-4444-8205-13FCEAD741AB}" = dir=out | name=microsoft mahjong |
"{FFA25130-3B63-4B77-B094-2D05DA7FA2F9}" = dir=in | name=@{ad2f1837.gettingstartedwithwindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}" = Inst5675
"{314FAD12-F785-4471-BCE8-AB506642B9A1}" = HP SimplePass
"{3566FFED-696A-4260-8F12-073426CAC951}" = HP Officejet 4630 series - Grundlegende Software für das Gerät
"{3917CF9F-DF46-406E-B524-CA0F150C70D7}" = Studie zur Verbesserung von HP Officejet 4630 series
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{5668F133-C5A9-40A1-B467-63779EDEA37F}" = Nitro Pro 9
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{6B755ED9-C2D3-BFB1-7BFE-DDD01D088BC6}" = AMD Catalyst Install Manager
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}" = DisableMSDefender
"{7CC317AF-84DC-4C6B-9894-453545969892}" = Intel(R) Technology Access
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{878F6913-7421-4713-97F7-0A736EE2A188}" = Inst5676
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{992B55F9-FD13-42C5-8B3C-B7E9F998A969}" = Microsoft SQL Server 2008 R2 Native Client
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{D1E8F2D7-7794-4245-B286-87ED86C1893C}" = HP Registration Service
"{DC4E8BD4-4CF2-1A6E-352F-3595BA269EAD}" = ccc-utility64
"{FBBA9369-3A6B-4EE3-9C53-DA0D29C2FC95}" = Microsoft SQL Server VSS Writer
"O365HomePremRetail - de-de" = Microsoft Office 365 - de-de
"WinRAR archiver" = WinRAR 5.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{020617D7-2F72-4D02-BF59-A5CBC1761177}" = SQL Server 2008 R2 SP2 Management Studio
"{033B535A-1AFF-435D-B8D9-B0B83A800569}" = SQL Server 2008 R2 SP2 Full text search
"{063A2C4D-9098-4CFA-A39F-D9ECC8A678E9}" = Microsoft Sync Services for ADO.NET v2.0 (x86) de
"{06600E94-1C34-40E2-AB09-D30AECF78172}" = HP Documentation
"{06A7EA72-0F00-4D53-A81C-A5D925711141}" = SQL Server 2008 R2 SP2 Full text search
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08B9332C-26DB-4EF3-85D6-6DC62B937681}" = HP Officejet 4630 series Hilfe
"{0E282EE1-78BC-E7FA-42EC-41DB1CDB022A}" = CCC Help Swedish
"{11CF3ABC-DFB0-47DE-B31F-71CB995A12D7}_is1" = Mein Büro
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{13CE6A18-2936-49E5-B10C-148A12C035DD}" = Unternehmer Suite Professional
"{143203CB-9E09-4D9D-91F1-D000EC6E1F87}" = SQL Server 2008 R2 SP2 BI Development Studio
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{181943CD-BE9A-0A8C-7EC6-A6760B40AE8A}" = CCC Help Russian
"{19ABCFE2-7EED-11E3-B98A-00163E98E7D6}" = Evernote v. 5.1.1
"{1c3caad7-d0ad-4f7c-87e0-f47627304993}" = Intel(R) Technology Access
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{22E319C7-2C1A-3CE4-9D2E-EF42FE8F1AE2}" = CCC Help German
"{236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"{23F70562-02F4-4805-ACF5-6E52BAD167C2}" = SQL Server 2008 R2 SP2 Reporting Services
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{34927EBC-98D4-4D53-98BE-510DF5999F50}" = Adobe AIR
"{3888A22E-1A9E-4DBE-A93B-42385141F37D}" = Microsoft SQL Server Compact 3.5 SP2 Query Tools DEU
"{38A0D5E4-9FF3-8823-53AD-61B9E7287C0B}" = CCC Help Turkish
"{39337565-330E-4ab6-A9AE-AC81E0720B10}" = Cyberlink PhotoDirector
"{3B9F2A30-6230-37E3-A23F-AA996C6EE1F3}" = Microsoft Visual Studio 2008 Shell (integrated mode) - DEU
"{3BDEDA44-E016-4643-A740-68618D8CCFA2}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{3C9E16B0-E1F0-F7B6-B2D3-1E43CF46A9A8}" = CCC Help French
"{3D0D9604-0173-488D-9694-2638C44D7579}" = PDF Architect 2 Create Module
"{3DB6DB0A-93F2-9D1C-4DB7-F43126F17C67}" = CCC Help Greek
"{3F85FF86-EAF3-0C6E-519C-28A8BD73822E}" = CCC Help Chinese Standard
"{40F47DAD-703F-26BB-6A92-775E6C4AD8F8}" = CCC Help Hungarian
"{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}" = Intel(R) Update Manager
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{455EA559-80C4-8522-88D0-D12905A34CF5}" = CCC Help English
"{46DCC796-99C1-EF26-F57B-C778E4A9537F}" = Catalyst Control Center Graphics Previews Common
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 SP2 Database Engine Shared
"{4E611C9E-17CA-A090-491C-E28828472C04}" = Catalyst Control Center Localization All
"{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{5066E836-D960-45A2-AB12-81545003451D}" = Jurassic Park Operation Genesis Demo
"{50ABF86D-0BDB-31AD-97FD-E8A55564EBF9}" = Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU
"{515F078E-9714-4E67-A3B2-5E5944526C25}" = SQL Server 2008 R2 Reporting Services
"{5208B524-E290-4FEB-E22F-218FA21A39A8}" = CCC Help Thai
"{5AF949BD-97C9-5948-81F4-82B173E90D2D}" = CCC Help Spanish
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = SQL Server 2008 R2 SP2 Database Engine Services
"{667831A0-519D-A32A-6234-153C6FB6BC3B}" = AutorennbahnplanerNG
"{6715BEB5-01F1-41AC-B44B-0A78CD50C433}" = G DATA TOTAL PROTECTION
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6CB91EC7-3DA7-47DE-8E16-5353F3B35A01}" = combit Relationship Manager 7
"{6CE0033A-CBEE-1C00-28C8-CE17120DFA38}" = CCC Help Czech
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{6E9CFEF5-0245-411F-8587-CF83DF9D4B05}" = SQL Server 2008 R2 SP2 Database Engine Services
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App für HP
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75D3EC46-F79A-35AB-246F-75F15B22497B}" = CCC Help Finnish
"{78033A38-50E2-4A65-823F-C1B34DF9FE41}" = Microsoft SQL Server 2008 R2-Richtlinien
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7E170132-3C17-48E9-D3D8-61CC81D20278}" = AMD Catalyst Control Center
"{7F28165B-148D-4672-AA21-469D9E6E3CB6}" = Alcor Micro USB Card Reader Driver
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{80AF0300-866F-400F-A350-D53E3C3E34E0}" = FUSSBALL MANAGER 13
"{82368AA0-377A-9D54-E244-BDEADB0F7721}" = CCC Help Korean
"{8343C2D8-09DF-38B3-9D1A-A26148918E45}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8B0A956F-9BE6-495B-AF80-7B5B42061D79}" = PDF Architect 2 Edit Module
"{8C696B4B-6AB1-44BC-9416-96EAC474CABE}" = HP Support Assistant
"{8DD113A8-811A-404E-A4D7-443D014946AC}" = Microsoft SQL Server Browser
"{8E2409D2-C7E8-85BC-7B76-8DCB4F39F9BC}" = CCC Help Danish
"{8e690a0f-e7e1-4a8c-a54c-7f2560a13b5e}" = Nitro Pro 9
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{90120000-00A4-0407-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0407-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{92906ADC-9482-4DDB-870D-0F1F535EAD91}" = SQL Server 2008 R2 SP2 Common Files
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95572018-FA53-0B14-2B16-D99A737ADFBC}" = CCC Help Chinese Traditional
"{9834C252-52E5-1EA9-EF68-704EDDC336B4}" = CCC Help Dutch
"{99A254A9-BCC6-414E-BAE9-E226C4A1C867}" = CCC Help Italian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA2D735-3375-42D4-9A61-3FFEF82599D6}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{A0AD384B-B5F7-7F1C-D9A0-2317502725D2}" = CCC Help Norwegian
"{A1910519-5548-C9C9-0494-CF752A35D0E3}" = CCC Help Polish
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{A31C1733-DF14-457B-A913-59915BCA4B73}" = Catalyst Control Center - Branding
"{AB8A9818-0809-49A7-8A13-C08BD7F13A42}" = Microsoft SQL Server 2008 R2-Setup (Deutsch)
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B2B7B1C8-7C8B-476C-BE2C-049731C55992}" = HP Support Information
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 SP2 Database Engine Services
"{B64EC067-D28B-8E08-971D-CBF39222FF87}" = CCC Help Portuguese
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{B8E9F8A1-9F4D-43D5-ABD6-1DF067FAA469}" = SQL Server 2008 R2 SP2 Database Engine Services
"{C6C7E94A-90C8-41BE-9CAF-E0F38C08FA74}" = SQL Server 2008 R2 SP2 BI Development Studio
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 SP2 Common Files
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D3619F81-03DC-98D0-8832-D8A3DF7D897E}" = CCC Help Japanese
"{D3718A38-34C6-86C0-E896-3D831BEED01D}" = Catalyst Control Center InstallProxy
"{D691E998-CF53-4F6C-AC20-E4284660E0E7}" = PDF Architect 2 View Module
"{DC39A078-4D4C-4EF2-9CAF-69D342D74125}" = Microsoft Sync Framework Runtime v1.0 (x86) de
"{DD43EA67-DAF3-4879-BFF7-E534675BDEA5}" = HP PC Hardware Diagnostics UEFI
"{E10B39DF-C167-4B79-B9C2-AA1570ACBB1D}" = SQL Server 2008 R2 SP2 Management Studio
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E9380A3D-7A10-4988-B2A1-22A41C137D9F}" = SQL Server 2008 R2 SP2 Database Engine Shared
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}" = Energy Star
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"AmUStor" = Alcor Micro USB Card Reader Driver
"AutorennbahnplanerNG" = AutorennbahnplanerNG
"Design & Print 1.0.5" = Design & Print
"Flash Decompiler Trillix_is1" = Flash Decompiler Trillix
"HP Photo Creations" = HP Photo Creations
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}" = HP SimplePass
"InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = Cyberlink PhotoDirector
"InstallShield_{5066E836-D960-45A2-AB12-81545003451D}" = Jurassic Park Operation Genesis Demo
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"IsoBuster_is1" = IsoBuster 3.5
"Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1
"Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU" = Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Mozilla Firefox 36.0.1 (x86 de)" = Mozilla Firefox 36.0.1 (x86 de)
"Mozilla Thunderbird 31.5.0 (x86 de)" = Mozilla Thunderbird 31.5.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Online Poststelle_is1" = Online Poststelle - Druckertreiber 2.1.102
"Origin" = Origin
"PDF Architect 2" = PDF Architect 2
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WTA-00a8e233-4f02-4766-bcd1-93e12d6a1524" = Trinklit Supreme
"WTA-04794927-2fc4-430a-8af1-9f879efadda8" = Governor of Poker 2 Premium Edition
"WTA-07559a42-44a8-447a-8731-e52e33635f3d" = Plants vs. Zombies - Game of the Year
"WTA-0c266e63-fc88-404e-9d01-78e2fd3a137a" = Jewel Match 3
"WTA-1c21eb43-ffdb-4c59-b8d1-7d4c0673ee54" = Ranch Rush 2 - Premium Edition
"WTA-2332fe35-d4f6-4f89-9eae-358ef2c55fd0" = Bejeweled 3
"WTA-44b7a51f-b9d2-441d-a03b-9808e2f10dc9" = Build-a-lot
"WTA-5fe45501-1c55-4330-aa6f-430b3d509cfb" = Crazy Chicken Soccer
"WTA-6bd3d2d3-8590-4818-8b7b-5027560557b3" = Youda Jewel Shop
"WTA-9228e7de-d995-4803-8ea7-5cccc8717007" = Vacation Quest™ - Australia
"WTA-946f048f-bbdf-4dca-bcbb-253f2a62a064" = Virtual Families
"WTA-a10a96f6-480c-4c81-a814-bcfab52c38c0" = Polar Bowler
"WTA-adb7fa4a-50d3-4735-a838-d5682518b82a" = Wedding Dash
"WTA-b1786b29-5bfe-4158-9ddd-d60d8a0fab1e" = Building the Great Wall of China Collector's Edition
"WTA-eef406da-7ad4-4603-8ecb-f3ca06a9a541" = Farm Frenzy
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive
"Pokki" = Host App Service
"Pokki_122032f0c5ed06b9fa27e05dbe3eb50614903dda" = eBay
"Pokki_34e8f5c0c9e5744bf2cdb514283762dd0524776b" = FarmVille 2
"Pokki_76f57b4f4c47bb9be5a61f33564f4ce99c295a7c" = Dropbox
"Pokki_d25e316a7812ebb3c4f8e18291ce53ba535b8659" = YouTube for Pokki
"Pokki_Start_Menu" = Start Menu
"ZetaProducer12" = Zeta Producer 12 12.2.0 (nur entfernen)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 15.03.2015 05:19:55 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 15.03.2015 05:19:55 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1469
Error - 15.03.2015 05:19:55 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1469
Error - 15.03.2015 06:01:03 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: b57c8 Startzeit: 01d05f05cf16ea68 Endzeit: 4294967295 Anwendungspfad:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID:
1b750ff1-cafa-11e4-826c-a0d3c14d3297 Vollständiger Name des fehlerhaften Pakets:
microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID,
die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error - 15.03.2015 07:13:40 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: cc0b8 Startzeit: 01d05f0ef242b645 Endzeit: 4294967295 Anwendungspfad:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID:
5367d1b4-cb04-11e4-826c-a0d3c14d3297 Vollständiger Name des fehlerhaften Pakets:
microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID,
die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error - 15.03.2015 07:13:44 | Computer Name = PC | Source = Report Server Windows Service (SQLEXPRESS) | ID = 107
Description = Report Server Windows Service (SQLEXPRESS) kann nicht mit der Berichtsserver-Datenbank
verbunden werden.
Error - 15.03.2015 08:06:02 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: db62c Startzeit: 01d05f1754429432 Endzeit: 4294967295 Anwendungspfad:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID:
a13e9593-cb0b-11e4-826c-a0d3c14d3297 Vollständiger Name des fehlerhaften Pakets:
microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID,
die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error - 15.03.2015 09:36:03 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: f62a8 Startzeit: 01d05f23e82db81e Endzeit: 4294967295 Anwendungspfad:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID:
35125673-cb18-11e4-826c-a0d3c14d3297 Vollständiger Name des fehlerhaften Pakets:
microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID,
die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error - 15.03.2015 10:06:00 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: fd730 Startzeit: 01d05f2818051b25 Endzeit: 4294967295 Anwendungspfad:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID:
650b6a47-cb1c-11e4-826c-a0d3c14d3297 Vollständiger Name des fehlerhaften Pakets:
microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID,
die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error - 15.03.2015 10:36:05 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 104958 Startzeit: 01d05f2c48ea9b35 Endzeit: 4294967295 Anwendungspfad:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID:
980ec4f2-cb20-11e4-826c-a0d3c14d3297 Vollständiger Name des fehlerhaften Pakets:
microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID,
die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
[ System Events ]
Error - 13.03.2015 17:16:48 | Computer Name = PC | Source = DCOM | ID = 10010
Description =
Error - 13.03.2015 17:17:25 | Computer Name = PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst G DATA Personal Firewall konnte nach dem Empfang eines
Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error - 14.03.2015 08:41:41 | Computer Name = PC | Source = DCOM | ID = 10010
Description =
Error - 14.03.2015 08:41:41 | Computer Name = PC | Source = DCOM | ID = 10010
Description =
Error - 14.03.2015 08:46:25 | Computer Name = PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst G DATA Personal Firewall konnte nach dem Empfang eines
Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error - 14.03.2015 08:46:29 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: %%1062
Error - 14.03.2015 17:11:25 | Computer Name = PC | Source = DCOM | ID = 10010
Description =
Error - 14.03.2015 17:11:25 | Computer Name = PC | Source = DCOM | ID = 10010
Description =
Error - 14.03.2015 17:11:25 | Computer Name = PC | Source = DCOM | ID = 10010
Description =
Error - 14.03.2015 17:11:25 | Computer Name = PC | Source = DCOM | ID = 10010
Description =
< End of report >
|
|
15.03.2015, 15:51
| #2 |
| | OTL.txt [CODE]OTL.txtOTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 15.03.2015 15:21:57 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tweid_000\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17690) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,43 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 14,03% Memory free 9,89 Gb Paging File | 1,27 Gb Available in Paging File | 12,80% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 917,43 Gb Total Space | 842,31 Gb Free Space | 91,81% Space Free | Partition Type: NTFS Drive D: | 12,60 Gb Total Space | 1,60 Gb Free Space | 12,66% Space Free | Partition Type: NTFS Drive E: | 6,90 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 1863,01 Gb Total Space | 1748,34 Gb Free Space | 93,84% Space Free | Partition Type: NTFS Computer Name: PC | User Name: tweidner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\tweid_000\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\tweid_000\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Buhl\Business\Daten\BpServer.exe (microtech GmbH) PRC - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (WildTangent) PRC - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\PDF Architect 2\ws.exe (pdfforge GmbH) PRC - C:\Program Files (x86)\PDF Architect 2\creator-ws.exe (pdfforge GmbH) PRC - C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe (G Data Software AG) PRC - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe (G Data Software AG) PRC - C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.) PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) PRC - C:\Program Files (x86)\Buhl\Mein Büro\DB-Server\bin\delserv.exe (Firebird Project) PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) PRC - C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG) PRC - C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG) PRC - C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe (G Data Software AG) PRC - C:\Program Files (x86)\Buhl\Mein Büro\DB-Server\bin\delguard.exe () ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Origin\platforms\qwindows.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qtiff.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qmng.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qjpeg.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qico.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qgif.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qtga.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qwbmp.dll () MOD - C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll () MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll () MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll () MOD - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll () MOD - C:\Users\tweid_000\AppData\Local\Pokki\Engine\avcodec-54.dll () MOD - C:\Users\tweid_000\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\tweid_000\AppData\Local\Pokki\Engine\avformat-54.dll () MOD - C:\Users\tweid_000\AppData\Local\Pokki\Engine\avutil-51.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (IEEtwCollectorService) -- C:\windows\SysNative\IEEtwCollector.exe (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation) SRV:64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation) SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation) SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Origin Client Service) -- C:\Program Files (x86)\Origin\OriginClientService.exe (Electronic Arts) SRV - (BuhlBusinessServer) -- C:\Program Files (x86)\Buhl\Business\Daten\BpServer.exe (microtech GmbH) SRV - (Intel(R) -- C:\Programme\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe (Intel(R) Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (GamesAppIntegrationService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (WildTangent) SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) SRV - (PDF Architect 2) -- C:\Program Files (x86)\PDF Architect 2\ws.exe (pdfforge GmbH) SRV - (pdfforge CrashHandler) -- C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe (pdfforge GmbH) SRV - (PDF Architect 2 Creator) -- C:\Program Files (x86)\PDF Architect 2\creator-ws.exe (pdfforge GmbH) SRV - (GDFwSvc) -- C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe (G Data Software AG) SRV - (GDBackupSvc) -- C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe (G Data Software AG) SRV - (PrintNotify) -- C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (NitroUpdateService) -- C:\Programme\Nitro\Pro 9\Nitro_UpdateService.exe () SRV - (nlsX86cc) -- C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.) SRV - (NitroDriverReadSpool9) -- C:\Programme\Nitro\Pro 9\NitroPDFDriverService9x64.exe (Nitro PDF Software) SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) SRV - (deltraDBServer) -- C:\Program Files (x86)\Buhl\Mein Büro\DB-Server\bin\delserv.exe (Firebird Project) SRV - (TSNxGService) -- C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe (G DATA Software) SRV - (iumsvc) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe () SRV - (GDTunerSvc) -- C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe (G Data Software AG) SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) SRV - (AVKWCtl) -- C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe (G Data Software AG) SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation) SRV - (omniserv) -- C:\Programme\Hewlett-Packard\SimplePass\OmniServ.exe (Softex Inc.) SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company) SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.) SRV - (AVKService) -- C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe (G Data Software AG) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation) SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (deltraDBGuard) -- C:\Program Files (x86)\Buhl\Mein Büro\DB-Server\bin\delguard.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys (G Data Software) DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\drivers\PktIcpt.sys (G Data Software AG) DRV:64bit: - (TS4NT) -- C:\Windows\SysNative\drivers\TS4nt.sys (G Data Software) DRV:64bit: - (GDKBFlt) -- C:\Windows\SysNative\drivers\GDKBFlt64.sys (G Data Software AG) DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G Data Software AG) DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys (G Data Software AG) DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys (G Data Software AG) DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\drivers\GDBehave.sys (G Data Software AG) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies) DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation) DRV:64bit: - (NetTap630) -- C:\Windows\SysNative\drivers\nettap630.sys (Intel Corporation) DRV:64bit: - (ndisrd) -- C:\Windows\SysNative\drivers\ndisrfl.sys (Intel Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (ReFS) -- C:\windows\SysNative\drivers\refs.sys (Microsoft Corporation) DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (Wof) -- C:\windows\SysNative\drivers\wof.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek ) DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys (CyberLink) DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation) DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation) DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation) DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation) DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation) DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.) DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\drivers\e1i63x64.sys (Intel Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/4 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK14/4 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPDTDFJS IE:64bit: - HKLM\..\SearchScopes\{48191C81-EFE9-457A-89D7-9056E814C72E}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK14/4 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPDTDFJS IE - HKLM\..\SearchScopes\{48191C81-EFE9-457A-89D7-9056E814C72E}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPDTDFJS IE - HKCU\..\SearchScopes\{48191C81-EFE9-457A-89D7-9056E814C72E}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.countryCode: "DE" FF - prefs.js..browser.search.isUS: false FF - prefs.js..browser.search.region: "DE" FF - prefs.js..extensions.enabledAddons: pdf_architect_2_conv%40pdfarchitect.org:1.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:36.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\PDF Architect 2: C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\pdf_architect_2_conv@pdfarchitect.org: C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension\ [2015.02.16 08:28:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 31.5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 31.5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2015.02.04 12:22:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tweid_000\AppData\Roaming\mozilla\Extensions [2015.03.14 21:49:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tweid_000\AppData\Roaming\mozilla\Firefox\Profiles\lgo32xhk.default\extensions [2015.03.05 22:19:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2015.03.05 22:19:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2015.02.16 08:28:17 | 000,000,000 | ---D | M] (PDF Architect 2 Creator) -- C:\PROGRAM FILES (X86)\PDF ARCHITECT 2\RESOURCES\PDFARCHITECT2FIREFOXEXTENSION O1 HOSTS File: ([2013.08.22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation) O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation) O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) O2 - BHO: (PDF Architect Helper) - {691B33B0-B86E-47F3-81C7-56E4FE3B929C} - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH) O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH) O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Programme\IDT\WDM\Beats64.exe (Hewlett-Packard ) O4:64bit: - HKLM..\Run: [OPBHOBroker] C:\Programme\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard) O4:64bit: - HKLM..\Run: [OPBHOBrokerDesktop] C:\Programme\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Hewlett-Packard) O4:64bit: - HKLM..\Run: [SimplePass] C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Hewlett-Packard) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [Pokki] "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON File not found O4 - Startup: C:\Users\tweid_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard) O9:64bit: - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard) O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation) O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html () O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard) O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html () O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.117.1.25 89.16.129.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E16F9DF-656F-440F-AA4D-0D3039943228}: DhcpNameServer = 62.117.1.25 89.16.129.25 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\osf - No CLSID value found O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe) - C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG) O20:64bit: - HKLM Winlogon: UserInit - (c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe) - c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe (G DATA Software AG) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.08.31 08:39:28 | 008,110,472 | R--- | M] (Electronic Arts, Inc.) - E:\AutoRun.exe -- [ UDF ] O32 - AutoRun File - [2012.09.05 04:18:38 | 000,000,000 | R--D | M] - E:\Autorun -- [ UDF ] O32 - AutoRun File - [2012.08.31 08:41:57 | 000,048,902 | R--- | M] () - E:\Autorun.ico -- [ UDF ] O32 - AutoRun File - [2012.09.05 04:18:36 | 000,000,124 | R--- | M] () - E:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2012.07.17 00:33:00 | 000,000,032 | -H-- | M] () - F:\Autorun.inf -- [ NTFS ] O33 - MountPoints2\{d2e84a50-ac02-11e4-8258-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{d2e84a50-ac02-11e4-8258-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2012.08.31 08:39:28 | 008,110,472 | R--- | M] (Electronic Arts, Inc.) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2015.03.15 15:14:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\tweid_000\Desktop\OTL.exe [2015.03.15 13:06:52 | 000,018,160 | ---- | C] (G Data Software) -- C:\windows\SysNative\drivers\GdPhyMem.sys [2015.03.15 13:06:51 | 000,106,272 | ---- | C] (G Data Software) -- C:\windows\SysNative\drivers\GRD.sys [2015.03.14 17:10:15 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\Documents\AutorennbahnplanerNG [2015.03.14 17:10:15 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\AppData\Roaming\AutorennbahnplanerNG [2015.03.14 17:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutorennbahnplanerNG [2015.03.14 17:10:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2015.03.14 17:10:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutorennbahnplanerNG [2015.03.13 13:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION [2015.03.13 13:21:39 | 000,064,000 | ---- | C] (G Data Software AG) -- C:\windows\SysNative\drivers\PktIcpt.sys [2015.03.13 13:21:36 | 000,098,760 | ---- | C] (G Data Software) -- C:\windows\SysNative\drivers\TS4nt.sys [2015.03.13 13:21:36 | 000,020,992 | ---- | C] (G Data Software AG) -- C:\windows\SysNative\drivers\GDKBFlt64.sys [2015.03.13 13:21:20 | 000,068,608 | ---- | C] (G Data Software AG) -- C:\windows\SysNative\drivers\gdwfpcd64.sys [2015.03.13 13:21:17 | 000,142,336 | ---- | C] (G Data Software AG) -- C:\windows\SysNative\drivers\MiniIcpt.sys [2015.03.13 13:21:17 | 000,061,440 | ---- | C] (G Data Software AG) -- C:\windows\SysNative\drivers\HookCentre.sys [2015.03.13 13:21:17 | 000,055,808 | ---- | C] (G Data Software AG) -- C:\windows\SysNative\drivers\GDBehave.sys [2015.03.13 13:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA Software [2015.03.13 13:18:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data [2015.03.13 12:56:00 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\AppData\Local\G DATA [2015.03.13 12:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery [2015.03.13 12:50:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2015.03.13 12:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2015.03.13 12:49:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2015.03.13 12:49:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel(R) Update Manager [2015.03.13 12:49:41 | 000,000,000 | ---D | C] -- C:\Program Files\Intel Corporation [2015.03.13 12:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G DATA [2015.03.13 12:39:26 | 000,000,000 | ---D | C] -- C:\ProgramData\G Data [2015.03.10 22:38:18 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\calc.exe [2015.03.10 22:38:18 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\calc.exe [2015.03.10 22:38:15 | 000,264,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdFilter.sys [2015.03.10 22:38:14 | 000,044,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdBoot.sys [2015.03.10 22:38:13 | 000,114,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdNisDrv.sys [2015.03.10 22:38:12 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winshfhc.dll [2015.03.10 22:38:12 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winshfhc.dll [2015.03.10 22:38:06 | 000,723,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SHCore.dll [2015.03.10 22:38:06 | 000,560,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SHCore.dll [2015.03.10 22:37:40 | 003,097,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msftedit.dll [2015.03.10 22:37:40 | 002,484,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msftedit.dll [2015.03.10 22:37:40 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\photowiz.dll [2015.03.10 22:37:40 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\photowiz.dll [2015.03.10 22:37:36 | 000,358,912 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll [2015.03.10 22:37:36 | 000,301,056 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll [2015.03.10 22:37:36 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll [2015.03.10 22:37:36 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll [2015.03.10 22:37:36 | 000,044,032 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll [2015.03.10 22:37:36 | 000,035,840 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll [2015.03.10 22:37:36 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll [2015.03.10 22:37:36 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll [2015.03.10 22:37:35 | 001,091,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll [2015.03.10 22:37:34 | 000,864,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll [2015.03.10 22:37:34 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\puiobj.dll [2015.03.10 22:37:34 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\puiobj.dll [2015.03.10 22:37:34 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\compstui.dll [2015.03.10 22:37:34 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\compstui.dll [2015.03.10 22:37:34 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DafPrintProvider.dll [2015.03.10 22:37:34 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prnntfy.dll [2015.03.10 22:37:34 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DafPrintProvider.dll [2015.03.10 22:37:34 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prnntfy.dll [2015.03.10 22:37:34 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\puiapi.dll [2015.03.10 22:37:34 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\puiapi.dll [2015.03.10 22:37:34 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\findnetprinters.dll [2015.03.10 22:37:34 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\printui.exe [2015.03.10 22:37:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\printui.exe [2015.03.10 22:37:34 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\findnetprinters.dll [2015.03.10 22:37:31 | 002,257,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll [2015.03.10 22:37:30 | 001,943,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll [2015.03.10 22:37:29 | 004,298,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_47.dll [2015.03.10 22:37:29 | 003,551,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_47.dll [2015.03.10 22:37:29 | 001,488,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42u.dll [2015.03.10 22:37:29 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\atlthunk.dll [2015.03.10 22:37:29 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\atlthunk.dll [2015.03.10 22:37:28 | 001,464,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42.dll [2015.03.10 22:37:28 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42u.dll [2015.03.10 22:37:28 | 001,204,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42.dll [2015.03.10 22:37:24 | 000,971,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSShared.dll [2015.03.10 22:37:24 | 000,811,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSShared.dll [2015.03.10 22:37:24 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.dll [2015.03.10 22:37:24 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll [2015.03.10 22:37:24 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.dll [2015.03.10 22:37:24 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll [2015.03.10 22:37:24 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSCollect.exe [2015.03.10 22:37:24 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSReset.exe [2015.03.10 22:37:18 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StorageContextHandler.dll [2015.03.10 22:37:18 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\StorageContextHandler.dll [2015.03.10 22:37:17 | 002,773,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll [2015.03.10 22:37:17 | 002,459,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll [2015.03.10 22:37:16 | 007,472,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe [2015.03.10 22:37:16 | 001,733,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll [2015.03.10 22:37:05 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ubpm.dll [2015.03.10 22:37:04 | 003,547,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll [2015.03.10 22:37:04 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll [2015.03.10 22:37:04 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rfxvmt.dll [2015.03.10 22:37:04 | 000,027,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdpvideominiport.sys [2015.03.10 22:37:03 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eappcfg.dll [2015.03.10 22:37:03 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapp3hst.dll [2015.03.10 22:37:02 | 000,339,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapphost.dll [2015.03.10 22:37:02 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eappcfg.dll [2015.03.10 22:37:02 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapphost.dll [2015.03.10 22:37:02 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapp3hst.dll [2015.03.10 22:37:02 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eappgnui.dll [2015.03.10 22:37:02 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eappgnui.dll [2015.03.10 22:37:02 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eappprxy.dll [2015.03.10 22:37:02 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eappprxy.dll [2015.03.10 22:36:33 | 006,035,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2015.03.10 22:36:30 | 002,865,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll [2015.03.10 22:36:30 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl [2015.03.10 22:36:30 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2015.03.10 22:36:30 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2015.03.10 22:36:30 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll [2015.03.10 22:36:30 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2015.03.10 22:36:30 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll [2015.03.10 22:36:30 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll [2015.03.10 22:36:30 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2015.03.10 22:36:30 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll [2015.03.10 22:36:30 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll [2015.03.10 22:36:30 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll [2015.03.10 22:36:30 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll [2015.03.10 22:36:30 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll [2015.03.10 22:36:30 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll [2015.03.10 22:36:30 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll [2015.03.10 22:36:30 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll [2015.03.10 22:36:14 | 001,763,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll [2015.03.10 22:36:12 | 000,046,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\LockScreenContentServer.exe [2015.03.10 22:35:51 | 001,090,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MrmCoreR.dll [2015.03.10 22:35:51 | 000,791,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MrmCoreR.dll [2015.03.10 22:35:49 | 002,501,368 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe [2015.03.10 22:35:49 | 002,207,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe [2015.03.10 22:35:49 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll [2015.03.10 22:35:49 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll [2015.03.10 22:35:46 | 001,384,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msctf.dll [2015.03.08 13:38:26 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\AppData\Roaming\Nitro [2015.03.08 13:37:55 | 000,029,704 | ---- | C] (Nitro PDF Software) -- C:\windows\SysNative\nitrolocalmon9.dll [2015.03.08 13:37:55 | 000,017,928 | ---- | C] (Nitro PDF Software) -- C:\windows\SysNative\nitrolocalui9.dll [2015.03.08 13:37:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro [2015.03.08 13:37:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro [2015.03.08 13:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro [2015.03.08 13:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro [2015.03.08 13:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro [2015.03.08 13:37:35 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\AppData\Roaming\Downloaded Installations [2015.03.06 13:04:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\combit Relationship Manager [2015.03.06 13:04:16 | 000,000,000 | ---D | C] -- C:\ProgramData\combit [2015.03.06 12:33:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2015.03.06 12:31:15 | 000,047,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perf-ReportServer$SQLEXPRESS-rsctr10.52.4000.0.dll [2015.03.06 12:30:29 | 000,057,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perf-MSSQL10_50.SQLEXPRESS-sqlagtctr.dll [2015.03.06 12:30:13 | 000,082,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4000.0.dll [2015.03.06 12:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2015.03.06 12:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2008 [2015.03.06 12:24:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules [2015.03.06 12:23:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2015.03.06 11:35:50 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\Documents\Zeta Producer 12 [2015.03.06 11:35:42 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zeta Producer 12 [2015.03.06 11:35:28 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\AppData\Local\Zeta Producer 12 [2015.03.05 22:19:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2015.03.05 14:58:47 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\Application Data [2015.03.04 16:58:47 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\Documents\FD Trillix [2015.03.04 16:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses [2015.03.04 16:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoUpdate [2015.03.04 16:57:29 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\Documents\DbgLogs [2015.03.04 16:57:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eltima Software [2015.03.04 16:57:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eltima Software [2015.03.01 21:35:53 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\Documents\Updater [2015.03.01 21:35:06 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\AppData\Local\Adobe [2015.03.01 21:32:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF [2015.03.01 21:32:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe Systems Shared [2015.03.01 21:32:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2015.03.01 21:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2015.03.01 21:31:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2015.03.01 21:31:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2015.03.01 21:30:52 | 000,000,000 | ---D | C] -- C:\PS_CS2_Gr_NonRet [2015.03.01 15:13:19 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Universal Interactive [2015.03.01 15:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Interactive [2015.03.01 15:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Universal Interactive [2015.03.01 12:28:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\phase5 [2015.03.01 12:28:06 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phase 5 HTML-Editor [2015.02.25 15:17:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2015.02.25 03:38:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox.bak [2015.02.24 22:16:10 | 001,200,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Globalization.dll [2015.02.24 22:16:09 | 000,868,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Globalization.dll [2015.02.24 22:16:09 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\GlobCollationHost.dll [2015.02.24 22:16:09 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\GlobCollationHost.dll [2015.02.16 08:39:35 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\AppData\Roaming\PDF Architect 2 [2015.02.16 08:39:18 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\AppData\Local\PDFCreator [2015.02.16 08:27:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2 [2015.02.16 08:27:04 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\Documents\PDF Architect 2 [2015.02.16 08:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Architect 2 [2015.02.16 08:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF Architect 2 [2015.02.16 08:25:02 | 000,000,000 | ---D | C] -- C:\Users\tweid_000\AppData\Roaming\pdfforge [2015.02.16 08:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [2015.02.16 08:24:54 | 000,114,872 | ---- | C] (pdfforge GmbH) -- C:\windows\SysNative\pdfcmon.dll [2015.02.16 08:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2015.02.14 02:01:51 | 016,874,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Xaml.dll [2015.02.14 02:01:49 | 012,730,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.Xaml.dll [2015.02.14 02:01:45 | 002,389,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll [2015.02.14 02:01:41 | 002,145,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfcore.dll [2015.02.14 02:01:41 | 002,141,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfcore.dll [2015.02.14 02:01:40 | 001,600,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\workfolderssvc.dll [2015.02.14 02:01:39 | 001,231,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Media.dll [2015.02.14 02:01:38 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Media.dll [2015.02.14 02:01:37 | 002,574,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL [2015.02.14 02:01:36 | 002,410,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL [2015.02.14 02:01:36 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SRH.dll [2015.02.14 02:01:36 | 001,182,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\printui.dll [2015.02.14 02:01:35 | 001,992,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll [2015.02.14 02:01:35 | 000,486,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll [2015.02.14 02:01:34 | 001,741,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SRH.dll [2015.02.14 02:01:34 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\printui.dll [2015.02.14 02:01:34 | 000,770,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WorkfoldersControl.dll [2015.02.14 02:01:34 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppxPackaging.dll [2015.02.14 02:01:34 | 000,391,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll [2015.02.14 02:01:33 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AppxPackaging.dll [2015.02.14 02:01:33 | 000,371,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanmsm.dll [2015.02.14 02:01:33 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanmsm.dll [2015.02.14 02:01:32 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\storagewmi.dll [2015.02.14 02:01:32 | 000,707,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfplat.dll [2015.02.14 02:01:32 | 000,439,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Devices.Bluetooth.dll [2015.02.14 02:01:32 | 000,180,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mftranscode.dll [2015.02.14 02:01:31 | 001,660,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi [2015.02.14 02:01:31 | 000,882,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfplat.dll [2015.02.14 02:01:31 | 000,828,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll [2015.02.14 02:01:31 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comdlg32.dll [2015.02.14 02:01:31 | 000,412,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\spaceport.sys [2015.02.14 02:01:31 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usbmon.dll [2015.02.14 02:01:31 | 000,205,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mftranscode.dll [2015.02.14 02:01:30 | 001,519,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe [2015.02.14 02:01:30 | 001,488,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi [2015.02.14 02:01:30 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winspool.drv [2015.02.14 02:01:30 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wisp.dll [2015.02.14 02:01:29 | 001,463,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsecedit.dll [2015.02.14 02:01:29 | 001,356,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe [2015.02.14 02:01:29 | 001,018,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aclui.dll [2015.02.14 02:01:28 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll [2015.02.14 02:01:28 | 000,355,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll [2015.02.14 02:01:28 | 000,160,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winmmbase.dll [2015.02.14 02:01:28 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WiFiDisplay.dll [2015.02.14 02:01:27 | 001,817,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Display.dll [2015.02.14 02:01:27 | 001,404,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\storagewmi.dll [2015.02.14 02:01:27 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SettingSync.dll [2015.02.14 02:01:27 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VAN.dll [2015.02.14 02:01:27 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe [2015.02.14 02:01:27 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanapi.dll [2015.02.14 02:01:27 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppxSip.dll [2015.02.14 02:01:26 | 001,844,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Display.dll [2015.02.14 02:01:26 | 000,889,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aclui.dll [2015.02.14 02:01:26 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\osk.exe [2015.02.14 02:01:26 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\clusapi.dll [2015.02.14 02:01:26 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUSettingsProvider.dll [2015.02.14 02:01:26 | 000,211,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVol.exe [2015.02.14 02:01:26 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winmmbase.dll [2015.02.14 02:01:26 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WorkFoldersGPExt.dll [2015.02.14 02:01:25 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll [2015.02.14 02:01:25 | 000,387,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcryptprimitives.dll [2015.02.14 02:01:25 | 000,233,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll [2015.02.14 02:01:25 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wisp.dll [2015.02.14 02:01:24 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinapi.dll [2015.02.14 02:01:24 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.dll [2015.02.14 02:01:24 | 000,335,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bcryptprimitives.dll [2015.02.14 02:01:24 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\NdisImPlatform.sys [2015.02.14 02:01:24 | 000,125,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmapi.dll [2015.02.14 02:01:24 | 000,123,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winmm.dll [2015.02.14 02:01:24 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AppxSip.dll [2015.02.14 02:01:23 | 001,705,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll [2015.02.14 02:01:23 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\GdiPlus.dll [2015.02.14 02:01:23 | 001,319,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsecedit.dll [2015.02.14 02:01:23 | 001,290,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll [2015.02.14 02:01:23 | 001,089,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gpedit.dll [2015.02.14 02:01:23 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WorkFoldersShell.dll [2015.02.14 02:01:22 | 000,180,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVol.exe [2015.02.14 02:01:21 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VAN.dll [2015.02.14 02:01:21 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll [2015.02.14 02:01:20 | 001,287,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mispace.dll [2015.02.14 02:01:20 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\stobject.dll [2015.02.14 02:01:20 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\clusapi.dll [2015.02.14 02:01:20 | 000,263,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SystemSettingsAdminFlows.exe [2015.02.14 02:01:20 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppxSysprep.dll [2015.02.14 02:01:19 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gpedit.dll [2015.02.14 02:01:19 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenter.dll [2015.02.14 02:01:19 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanconn.dll [2015.02.14 02:01:19 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wcmcsp.dll [2015.02.14 02:01:19 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dab.dll [2015.02.14 02:01:19 | 000,054,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe [2015.02.14 02:01:18 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\osk.exe [2015.02.14 02:01:18 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanapi.dll [2015.02.14 02:01:18 | 000,216,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rsaenh.dll [2015.02.14 02:01:18 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll [2015.02.14 02:01:17 | 001,029,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mispace.dll [2015.02.14 02:01:17 | 000,659,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Devices.Bluetooth.dll [2015.02.14 02:01:17 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PrintDialogs.dll [2015.02.14 02:01:17 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SettingSync.dll [2015.02.14 02:01:17 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.dll [2015.02.14 02:01:17 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlansvcpal.dll [2015.02.14 02:01:16 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenter.dll [2015.02.14 02:01:16 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercfg.cpl [2015.02.14 02:01:16 | 000,183,808 | ---- | C] (Microsoft Corp.) -- C:\windows\SysNative\Defrag.exe [2015.02.14 02:01:16 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDRUM.DLL [2015.02.14 02:01:15 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\GdiPlus.dll [2015.02.14 02:01:15 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercfg.cpl [2015.02.14 02:01:15 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll [2015.02.14 02:01:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDRUM.DLL [2015.02.14 02:01:14 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BluetoothApis.dll [2015.02.14 02:01:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDYAK.DLL [2015.02.14 02:01:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDYAK.DLL [2015.02.14 02:01:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDRU1.DLL [2015.02.14 02:01:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDRU1.DLL [2015.02.14 02:01:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBASH.DLL [2015.02.14 02:01:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBASH.DLL [2015.02.14 02:01:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDRU.DLL [2015.02.14 02:01:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDRU.DLL [2015.02.14 02:01:12 | 001,144,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanmm.dll [2015.02.14 02:01:12 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PrintDialogs.dll [2015.02.14 02:01:12 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVolSSO.dll [2015.02.14 02:01:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTAT.DLL [2015.02.14 02:01:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTAT.DLL [2015.02.14 02:01:11 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SystemSettingsAdminFlowUI.dll [2015.02.14 02:01:11 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlansec.dll [2015.02.14 02:01:11 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\BluetoothApis.dll [2015.02.14 02:01:10 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll [2015.02.14 02:01:10 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll [2015.02.14 02:01:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTT102.DLL [2015.02.14 02:01:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTT102.DLL [2015.02.13 20:22:42 | 000,000,000 | -HSD | C] -- C:\Users\tweid_000\AppData\Local\EmieBrowserModeList [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2015.03.15 15:15:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tweid_000\Desktop\OTL.exe [2015.03.15 15:09:02 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2015.03.15 13:06:52 | 000,018,160 | ---- | M] (G Data Software) -- C:\windows\SysNative\drivers\GdPhyMem.sys [2015.03.15 13:06:51 | 000,106,272 | ---- | M] (G Data Software) -- C:\windows\SysNative\drivers\GRD.sys [2015.03.15 12:46:52 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2015.03.15 09:12:03 | 000,001,960 | ---- | M] () -- C:\Users\tweid_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4630 series.lnk [2015.03.14 17:10:10 | 000,001,187 | ---- | M] () -- C:\Users\Public\Desktop\AutorennbahnplanerNG.lnk [2015.03.14 13:53:37 | 002,183,502 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2015.03.14 13:53:37 | 000,900,716 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2015.03.14 13:53:37 | 000,852,358 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2015.03.14 13:53:37 | 000,226,176 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2015.03.14 13:53:37 | 000,199,416 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2015.03.14 13:47:13 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2015.03.14 13:47:08 | 2084,446,207 | -HS- | M] () -- C:\hiberfil.sys [2015.03.14 13:46:35 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\spu_storage.bin [2015.03.13 13:21:40 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\G DATA TOTAL PROTECTION.lnk [2015.03.13 13:21:39 | 000,064,000 | ---- | M] (G Data Software AG) -- C:\windows\SysNative\drivers\PktIcpt.sys [2015.03.13 13:21:36 | 000,098,760 | ---- | M] (G Data Software) -- C:\windows\SysNative\drivers\TS4nt.sys [2015.03.13 13:21:36 | 000,020,992 | ---- | M] (G Data Software AG) -- C:\windows\SysNative\drivers\GDKBFlt64.sys [2015.03.13 13:21:20 | 000,068,608 | ---- | M] (G Data Software AG) -- C:\windows\SysNative\drivers\gdwfpcd64.sys [2015.03.13 13:21:17 | 000,142,336 | ---- | M] (G Data Software AG) -- C:\windows\SysNative\drivers\MiniIcpt.sys [2015.03.13 13:21:17 | 000,061,440 | ---- | M] (G Data Software AG) -- C:\windows\SysNative\drivers\HookCentre.sys [2015.03.13 13:21:17 | 000,055,808 | ---- | M] (G Data Software AG) -- C:\windows\SysNative\drivers\GDBehave.sys [2015.03.13 12:43:58 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_GDKBFlt64_01007.Wdf [2015.03.12 18:14:06 | 000,000,350 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleFortweidner.job [2015.03.11 07:21:38 | 000,496,016 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2015.03.08 13:37:52 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Pro 9.lnk [2015.03.06 13:05:17 | 000,000,278 | ---- | M] () -- C:\windows\{6CB91EC7-3DA7-47DE-8E16-5353F3B35A01}_WiseFW.ini [2015.03.06 13:04:18 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\combit Relationship Manager 7.lnk [2015.03.06 12:31:21 | 002,198,470 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI [2015.03.06 11:35:43 | 000,001,305 | ---- | M] () -- C:\Users\tweid_000\Desktop\Zeta Producer 12.lnk [2015.03.04 22:24:42 | 000,792,032 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2015.03.04 22:24:42 | 000,178,144 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2015.03.04 18:16:42 | 000,031,551 | ---- | M] () -- C:\Users\tweid_000\Documents\Torsten Weidner neu.pdf [2015.03.04 16:57:26 | 000,001,677 | ---- | M] () -- C:\Users\tweid_000\Desktop\Flash Decompiler Trillix.lnk [2015.03.01 21:32:22 | 000,001,408 | ---- | M] () -- C:\Users\tweid_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015.03.01 12:28:07 | 000,000,940 | ---- | M] () -- C:\Users\tweid_000\Desktop\HTML Editor.lnk [2015.02.21 01:27:45 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll [2015.02.21 00:58:53 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll [2015.02.21 00:32:48 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll [2015.02.20 04:03:49 | 000,358,912 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll [2015.02.20 03:58:26 | 000,044,032 | ---- | M] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll [2015.02.20 03:49:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll [2015.02.20 03:47:56 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll [2015.02.20 03:35:01 | 000,816,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2015.02.20 03:34:24 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll [2015.02.20 03:32:34 | 006,035,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2015.02.20 03:20:15 | 000,301,056 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll [2015.02.20 03:15:32 | 000,035,840 | ---- | M] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll [2015.02.20 03:07:24 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll [2015.02.20 03:06:44 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll [2015.02.20 03:05:05 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll [2015.02.20 02:56:47 | 000,664,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2015.02.20 02:49:28 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2015.02.20 02:46:45 | 002,125,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl [2015.02.20 02:29:00 | 002,865,152 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll [2015.02.20 02:24:21 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2015.02.20 02:03:34 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll [2015.02.20 01:55:38 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll [2015.02.16 08:39:35 | 000,032,303 | ---- | M] () -- C:\Users\tweid_000\Documents\Torsten Weidner.pdf [2015.02.16 08:28:26 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\PDF Architect 2.lnk [2015.02.16 08:25:10 | 000,114,872 | ---- | M] (pdfforge GmbH) -- C:\windows\SysNative\pdfcmon.dll [2015.02.16 08:25:02 | 000,000,855 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2015.03.14 17:10:10 | 000,001,187 | ---- | C] () -- C:\Users\Public\Desktop\AutorennbahnplanerNG.lnk [2015.03.13 13:21:40 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\G DATA TOTAL PROTECTION.lnk [2015.03.13 12:43:58 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_GDKBFlt64_01007.Wdf [2015.03.10 22:38:07 | 000,396,419 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml [2015.03.08 13:37:52 | 000,001,955 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk [2015.03.08 13:37:52 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Pro 9.lnk [2015.03.08 10:44:54 | 000,001,960 | ---- | C] () -- C:\Users\tweid_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4630 series.lnk [2015.03.06 13:04:18 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\combit Relationship Manager 7.lnk [2015.03.06 12:41:02 | 000,000,278 | ---- | C] () -- C:\windows\{6CB91EC7-3DA7-47DE-8E16-5353F3B35A01}_WiseFW.ini [2015.03.06 11:35:43 | 000,001,313 | ---- | C] () -- C:\Users\tweid_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zeta Producer 12.lnk [2015.03.06 11:35:43 | 000,001,305 | ---- | C] () -- C:\Users\tweid_000\Desktop\Zeta Producer 12.lnk [2015.03.04 18:16:41 | 000,031,551 | ---- | C] () -- C:\Users\tweid_000\Documents\Torsten Weidner neu.pdf [2015.03.04 16:57:26 | 000,001,677 | ---- | C] () -- C:\Users\tweid_000\Desktop\Flash Decompiler Trillix.lnk [2015.03.01 21:33:11 | 000,002,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk [2015.03.01 21:32:22 | 000,001,408 | ---- | C] () -- C:\Users\tweid_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015.03.01 21:32:05 | 000,002,090 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk [2015.03.01 21:31:39 | 000,002,068 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk [2015.03.01 21:31:39 | 000,002,065 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk [2015.03.01 12:28:07 | 000,000,940 | ---- | C] () -- C:\Users\tweid_000\Desktop\HTML Editor.lnk [2015.02.16 08:39:34 | 000,032,303 | ---- | C] () -- C:\Users\tweid_000\Documents\Torsten Weidner.pdf [2015.02.16 08:28:26 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\PDF Architect 2.lnk [2015.02.16 08:25:02 | 000,000,855 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk [2015.02.12 16:15:47 | 000,919,000 | ---- | C] () -- C:\windows\SysWow64\BpShellEx.dll [2015.02.12 16:15:44 | 000,013,778 | ---- | C] () -- C:\windows\SysWow64\SELF32.INI [2015.02.07 20:20:00 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2015.02.06 14:13:07 | 000,123,392 | ---- | C] () -- C:\windows\SysWow64\amdhdl32.dll [2014.08.20 05:40:39 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2014.08.20 05:09:15 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2014.04.02 15:45:51 | 002,198,470 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI [2014.03.18 16:40:52 | 000,002,255 | ---- | C] () -- C:\windows\SysWow64\WimBootCompress.ini [2014.03.18 16:40:14 | 000,103,936 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll [2014.02.25 19:28:00 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat [2014.02.25 19:28:00 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat [2014.02.25 19:27:58 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat [2014.02.25 19:27:54 | 000,995,342 | ---- | C] () -- C:\windows\SysWow64\amdocl_as32.exe [2014.02.25 19:27:54 | 000,798,734 | ---- | C] () -- C:\windows\SysWow64\amdocl_ld32.exe [2013.08.22 16:36:43 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat [2013.08.22 16:36:42 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT [2013.08.22 15:46:23 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2013.08.22 08:01:23 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2013.08.22 04:32:36 | 000,046,080 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll [2013.08.22 00:55:20 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll [2013.08.22 00:52:39 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat ========== ZeroAccess Check ========== [2014.08.20 05:26:21 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2015.02.12 18:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2015.02.12 18:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 220 bytes -> C:\Users\tweid_000\OneDrive:ms-properties @Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences @Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:DED17083 < End of report > Hier noch der 2.Code. Bitte um schnelle Hilfe und bedanke mich schon im Voraus. DANKE |
|
15.03.2015, 15:55
| #3 |
| /// the machine /// TB-Ausbilder    | CPU Auslastung extrem hoch, PC und Maus ruckelt hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
15.03.2015, 16:25
| #4 |
| | Danke Hey, habe gerade noch andere Beiträge gelesen und mal was anderes getestet. Vor zwei Tagen hatte ich ein Update (Intel) durchgeführt. Nun habe ich eine Systemwiederherstellung gemacht, und auf den Zeitpunkt VOR dem Update duchgeführt. Nun Neustart, und schwupps der PC läuft wieder problemlos. |
|
15.03.2015, 20:16
| #5 |
| /// the machine /// TB-Ausbilder | CPU Auslastung extrem hoch, PC und Maus ruckelt ok.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu CPU Auslastung extrem hoch, PC und Maus ruckelt |
| auslastung, bonjour, cpu, entfernen, error, firefox, flash player, format, homepage, iexplore.exe, install.exe, langsam, livecomm.exe, logfile, maus, mozilla, office 365, officejet, programm, realtek, registry, rundll, scan, security, software, svchost.exe, tcp, usb, windows, windowsapps |
Linear-Darstellung
