| |
| |||||||
Log-Analyse und Auswertung: Manche Programme kein Internetzugriff zum UpdatenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
29.03.2015, 22:44
| #1 |
| |  Manche Programme kein Internetzugriff zum Updaten Guten Abend, ich bin nun mit meinem eigenen Latein am Ende und weis nicht mehr weiter seit dem 29.03.2015 gehen viele Programme mit Internetzugriff nicht mehr und Updates auch nicht mehr angeblich kein Internetzugriff bzw. Leitung. Spiele wie League of Legends, Archeage und Updater gehen nicht mehr und lassen sich somit nicht mehr starten. Das normale Internet geht Youtube alles perfekt nur keine Updates und ESET Onlinescanner geht auch nicht logisch irgendwie. Mbam hat nichts gefunden. Ich benutze den hauptsächlich für legales Spielen. Daten zum Laptop: Acer V3-571G Win 8.0 64bit Version 8 GB Ram Nvidia Geforce 540m Intel Core 2.60 GHz Browser Cyberfox ist ein legaler für 64bit Versionen und ist flüssiger als der normale Firefox OTL Logfile: Code:
ATTFilter OTL logfile created on: 29.03.2015 22:48:26 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dominik Engl\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.17183) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,82 Gb Total Physical Memory | 5,59 Gb Available Physical Memory | 71,46% Memory free 9,19 Gb Paging File | 6,82 Gb Available in Paging File | 74,22% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 446,19 Gb Total Space | 181,20 Gb Free Space | 40,61% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: DOMINIK | User Name: Dominik Engl | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2015.03.29 22:47:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominik Engl\Downloads\OTL.exe PRC - [2015.03.29 11:59:39 | 000,079,360 | ---- | M] () -- C:\Users\Dominik Engl\AppData\Local\5DE05E1C-1427630375-E211-B636-B888E3AA6D9A\insgE757.tmp PRC - [2015.03.29 11:49:40 | 000,248,832 | ---- | M] () -- C:\Users\Dominik Engl\AppData\Local\5DE05E1C-1427629776-E211-B636-B888E3AA6D9A\snsoC004.tmp PRC - [2015.03.29 11:49:26 | 000,116,224 | ---- | M] () -- C:\Users\Dominik Engl\AppData\Local\5DE05E1C-1427629762-E211-B636-B888E3AA6D9A\cnsi8B4A.tmp PRC - [2015.03.29 11:46:20 | 000,173,568 | ---- | M] () -- C:\Users\Dominik Engl\AppData\Roaming\5DE05E1C-1427622349-E211-B636-B888E3AA6D9A\jnsgA66D.tmp PRC - [2015.03.17 06:14:00 | 006,212,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe PRC - [2014.12.19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2014.10.30 00:25:46 | 004,673,432 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Dominik Engl\AppData\Local\Akamai\netsession_win.exe PRC - [2014.07.30 20:37:42 | 001,081,808 | ---- | M] (Mischel Internet Security) -- C:\Program Files (x86)\TrojanHunter 5.6\THGuard.exe PRC - [2014.07.21 03:39:26 | 001,154,112 | ---- | M] (Ruiware LLC) -- C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe PRC - [2014.06.27 12:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2014.06.24 11:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2014.04.25 15:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2014.03.27 14:07:18 | 000,581,568 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe PRC - [2014.02.17 21:04:25 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2013.08.14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2012.12.14 05:45:35 | 000,061,440 | ---- | M] () -- C:\Windows\SysWOW64\secpro.exe PRC - [2012.08.28 22:35:53 | 001,176,688 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2012.08.28 21:01:31 | 000,473,712 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2012.08.28 21:01:29 | 000,348,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2012.08.23 22:24:38 | 002,435,728 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe PRC - [2012.08.23 08:24:38 | 000,259,136 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe PRC - [2012.08.23 08:24:10 | 000,533,568 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe PRC - [2012.08.23 00:04:22 | 000,025,232 | ---- | M] () -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe PRC - [2012.08.23 00:04:20 | 000,044,176 | ---- | M] () -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe PRC - [2012.08.01 01:08:36 | 000,081,536 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe PRC - [2012.07.18 02:10:33 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012.07.18 02:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012.07.18 02:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012.01.23 19:19:32 | 001,858,048 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe ========== Modules (No Company Name) ========== MOD - [2014.12.31 03:46:33 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fe8338843cae5d28c40b596abcdb863c\System.Windows.Forms.ni.dll MOD - [2014.12.31 03:46:21 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5f38473ec57164f540b42fcb1d6bc7e9\System.Drawing.ni.dll MOD - [2014.12.31 03:45:23 | 007,991,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9188b682a091faf275c0294fe77ccbf3\System.ni.dll MOD - [2014.09.15 19:32:13 | 011,500,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b9d3e6f3fe8936deb2f1defb3a205f9a\mscorlib.ni.dll MOD - [2012.08.23 08:26:10 | 000,465,384 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll MOD - [2012.08.23 00:04:22 | 000,025,232 | ---- | M] () -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe MOD - [2012.08.23 00:04:20 | 000,044,176 | ---- | M] () -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe ========== Services (SafeList) ========== SRV:64bit: - [2014.10.03 00:29:16 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2014.09.22 08:04:33 | 000,016,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:64bit: - [2014.07.07 07:52:33 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2014.05.30 01:02:28 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2013.08.16 07:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2013.07.27 08:05:15 | 002,676,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2013.06.01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2013.05.04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2013.05.04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2012.09.05 11:31:44 | 000,085,904 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService) SRV:64bit: - [2012.08.22 21:02:36 | 000,658,576 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc) SRV:64bit: - [2012.08.20 17:36:22 | 000,176,640 | ---- | M] (Broadcom Corp.) [Auto | Running] -- C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe -- (BrcmCardReader) SRV:64bit: - [2012.07.26 05:08:39 | 000,051,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\rundll32.exe -- (3a37b93a) SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:64bit: - [2012.04.20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2015.03.29 11:59:39 | 000,079,360 | ---- | M] () [Auto | Running] -- C:\Users\Dominik Engl\AppData\Local\5DE05E1C-1427630375-E211-B636-B888E3AA6D9A\insgE757.tmp -- (xynujyxe) SRV - [2015.03.29 11:49:40 | 000,248,832 | ---- | M] () [Auto | Running] -- C:\Users\Dominik Engl\AppData\Local\5DE05E1C-1427629776-E211-B636-B888E3AA6D9A\snsoC004.tmp -- (rokerole) SRV - [2015.03.29 11:49:26 | 000,116,224 | ---- | M] () [Auto | Running] -- C:\Users\Dominik Engl\AppData\Local\5DE05E1C-1427629762-E211-B636-B888E3AA6D9A\cnsi8B4A.tmp -- (xenunysi) SRV - [2015.03.29 11:46:20 | 000,173,568 | ---- | M] () [Auto | Running] -- C:\Users\Dominik Engl\AppData\Roaming\5DE05E1C-1427622349-E211-B636-B888E3AA6D9A\jnsgA66D.tmp -- (mynesele) SRV - [2015.03.24 06:22:24 | 000,836,288 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2015.03.17 06:14:08 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe -- (MBAMService) SRV - [2015.02.04 23:09:42 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014.12.25 04:37:10 | 001,903,472 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service) SRV - [2014.12.19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2014.06.18 17:36:26 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService) SRV - [2014.03.27 14:07:18 | 000,581,568 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe -- (ogmservice) SRV - [2014.02.17 21:04:25 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2014.01.13 09:30:00 | 005,214,384 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc) SRV - [2013.10.09 23:30:17 | 000,234,096 | ---- | M] (soft Xpansion) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe -- (SXDS10) SRV - [2013.08.14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2013.07.27 08:05:15 | 002,676,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2013.03.01 03:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2012.12.15 21:06:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012.12.15 20:44:28 | 000,093,296 | ---- | M] (Dritek System INC.) [Auto | Running] -- C:\Windows\RfBtnSvc64.exe -- (RfButtonDriverService) SRV - [2012.12.14 05:45:35 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\secpro.exe -- (SecStore) SRV - [2012.10.23 20:37:58 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012.08.28 21:01:29 | 000,348,784 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2012.08.23 22:24:38 | 002,435,728 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe -- (CCDMonitorService) SRV - [2012.08.23 08:24:38 | 000,259,136 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2012.08.10 19:28:14 | 000,211,584 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2012.08.01 01:08:36 | 000,081,536 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent) SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2012.07.18 02:10:33 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.07.18 02:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.07.18 02:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012.07.12 05:10:24 | 000,174,160 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service) SRV - [2012.01.23 19:19:32 | 001,858,048 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) ========== Driver Services (SafeList) ========== DRV:64bit: - [2015.03.29 22:42:23 | 000,136,408 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV:64bit: - [2015.03.17 06:15:40 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mwac.sys -- (MBAMWebAccessControl) DRV:64bit: - [2015.03.17 06:15:24 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2014.11.22 12:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:64bit: - [2014.10.30 06:53:26 | 000,031,560 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2014.09.22 07:53:10 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2014.08.27 00:08:01 | 000,270,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2014.07.24 15:50:54 | 000,447,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2014.07.10 15:09:30 | 000,389,240 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Trufos.sys -- (Trufos) DRV:64bit: - [2014.04.09 21:05:52 | 000,031,920 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice) DRV:64bit: - [2013.12.18 15:35:07 | 000,047,240 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tbhsd.sys -- (tbhsd) DRV:64bit: - [2013.12.18 15:34:59 | 000,024,744 | ---- | M] (Audials AG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\RrNetCapFilterDriver.sys -- (RrNetCapFilterDriver) DRV:64bit: - [2013.10.10 13:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2013.10.05 08:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2013.09.08 22:03:02 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2013.08.22 14:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2013.08.16 07:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:64bit: - [2013.08.10 08:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:64bit: - [2013.07.09 10:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2013.07.02 03:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2013.07.02 03:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2013.06.29 08:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2013.06.09 18:19:47 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2013.06.09 18:19:46 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2013.06.01 05:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:64bit: - [2013.03.01 03:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\npf.sys -- (NPF) DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2012.12.15 20:44:28 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid) DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2012.11.02 05:41:38 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2012.11.02 05:41:38 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2012.11.02 05:41:38 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2012.10.23 20:37:42 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2012.09.05 11:31:46 | 000,319,888 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD) DRV:64bit: - [2012.08.20 12:48:22 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rrnetcap.sys -- (RRNetCapMP) DRV:64bit: - [2012.08.20 12:48:22 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rrnetcap.sys -- (RRNetCap) DRV:64bit: - [2012.08.14 12:15:36 | 000,070,744 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\bScsiSDa.sys -- (bScsiSDa) DRV:64bit: - [2012.08.13 11:59:42 | 000,072,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\b57xdbd.sys -- (b57xdbd) DRV:64bit: - [2012.08.13 11:59:42 | 000,021,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\b57xdmp.sys -- (b57xdmp) DRV:64bit: - [2012.08.10 19:09:46 | 000,567,808 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2012.08.10 19:09:44 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2012.08.10 19:09:42 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2012.08.10 19:09:42 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2012.08.10 19:09:42 | 000,076,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2012.08.10 19:09:40 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2012.08.10 19:09:40 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt) DRV:64bit: - [2012.08.10 19:09:40 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum) DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2012.07.24 09:44:02 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr) DRV:64bit: - [2012.07.09 14:43:12 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2012.07.03 00:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012.06.22 03:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2012.06.19 16:40:51 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2012.06.18 17:20:52 | 000,055,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\bScsiMSa.sys -- (bScsiMSa) DRV:64bit: - [2012.06.02 16:31:37 | 000,425,472 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2012.06.02 16:31:33 | 005,139,968 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BCMWL63A.SYS -- (BCM43XX) DRV:64bit: - [2010.07.09 05:51:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2010.04.20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\acedrv11.sys -- (acedrv11) DRV:64bit: - [2009.09.29 09:15:02 | 000,016,384 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\lgbtpt64.sys -- (LgBttPort) DRV:64bit: - [2009.09.29 09:15:00 | 000,017,408 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\lgvmdm64.sys -- (LGVMODEM) DRV:64bit: - [2009.09.29 09:15:00 | 000,014,848 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\lgbtbs64.sys -- (lgbusenum) DRV:64bit: - [2009.07.31 03:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\XENfiltv.sys -- (XENfiltv) DRV - [2014.02.17 17:23:22 | 000,026,856 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys -- (cpuz137) DRV - [2014.01.30 17:40:18 | 000,109,144 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt - ) [Driver] [Kernel | System | Running] -- C:\Windows\SleeN1864.sys -- (SLEE_18_DRIVER) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{93C01DC1-C35F-4B80-AE50-255C0E85F0CD}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{93C01DC1-C35F-4B80-AE50-255C0E85F0CD}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Disable Script Debugger Default = yes IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DisableScriptDebuggerIE Default = yes IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://acer13.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.countryCode: "DE" FF - prefs.js..browser.search.highlightCount: 0 FF - prefs.js..browser.search.isUS: false FF - prefs.js..browser.search.region: "DE" FF - prefs.js..browser.search.searchengine.desc: "this is my first firefox searchEngine" FF - prefs.js..browser.search.searchengine.ptid: "face" FF - prefs.js..browser.search.searchengine.uid: "ST9500325AS_S2WPKPZZXXXXS2WPKPZZ" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:36.0.4 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.40.2: C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2: C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: File not found FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: File not found FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found FF - HKLM\Software\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin: File not found FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( ) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Dominik Engl\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS) FF - HKCU\Software\MozillaPlugins\@tools.coowon.com/Coowon Update;version=3: File not found FF - HKCU\Software\MozillaPlugins\@tools.coowon.com/Coowon Update;version=9: File not found FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dominik Engl\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: File not found FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.10.18 17:47:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013.10.18 17:47:10 | 000,000,000 | ---D | M] [2014.11.05 01:43:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik Engl\AppData\Roaming\mozilla\Extensions [2015.03.29 12:53:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik Engl\AppData\Roaming\mozilla\Firefox\Profiles\t1ill8lh.default\extensions [2015.03.11 18:01:46 | 000,970,602 | ---- | M] () (No name found) -- C:\Users\Dominik Engl\AppData\Roaming\mozilla\firefox\profiles\t1ill8lh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ========== Chrome ========== CHR - default_search_provider: istartsurf (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: CHR - plugin: Error reading preferences file CHR - Extension: Mail Control = C:\Users\Dominik Engl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejlhiijedldjjdmjgfiainenegbkokhn\132\ CHR - Extension: Google Wallet = C:\Users\Dominik Engl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: Cinema PlusV29.03 = C:\Users\Dominik Engl\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\ O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - No CLSID value found. O4:64bit: - HKLM..\Run: [] File not found O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [THGuard] C:\Program Files (x86)\TrojanHunter 5.6\THGuard.exe (Mischel Internet Security) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Dominik Engl\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe (Ruiware LLC) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\wshbth.dll File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88DF895C-3030-4742-90D0-88964960F09F}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\tmop - No CLSID value found O18 - Protocol\Handler\tmop - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found O29 - HKLM SecurityProviders - (credssp.dll) - File not found O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4d66018b-d232-11e2-be7a-b888e3aa6d9a}\Shell - "" = AutoRun O33 - MountPoints2\{4d66018b-d232-11e2-be7a-b888e3aa6d9a}\Shell\AutoRun\command - "" = "E:\autorun.exe" O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (bootdelete) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2015.03.29 19:34:39 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\Documents\My Games [2015.03.29 17:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2015.03.29 17:47:38 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft [2015.03.29 17:26:56 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\AVAST Software [2015.03.29 17:20:38 | 000,442,264 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\yzmjkeua.sys [2015.03.29 17:12:19 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2015.03.29 16:42:37 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\TrojanHunter [2015.03.29 16:13:03 | 000,136,408 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2015.03.29 16:12:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware [2015.03.29 16:12:09 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2015.03.29 16:12:09 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys [2015.03.29 16:12:09 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2015.03.29 16:12:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware [2015.03.29 15:51:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TrojanHunter [2015.03.29 15:51:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrojanHunter [2015.03.29 15:51:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrojanHunter 5.6 [2015.03.29 15:42:16 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Local\Howard_Media [2015.03.29 15:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FixCleanRepair [2015.03.29 15:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FixCleanRepair [2015.03.29 12:09:41 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Local\Opera Software [2015.03.29 12:09:40 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\Opera Software [2015.03.29 12:08:18 | 000,000,000 | ---D | C] -- C:\ProgramData\GufKrJTwA [2015.03.29 12:06:01 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\PDFConvert [2015.03.29 12:06:01 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DocToPDFConverter [2015.03.29 12:06:01 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\DocToPDFConverter [2015.03.29 11:59:35 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Local\5DE05E1C-1427630375-E211-B636-B888E3AA6D9A [2015.03.29 11:49:36 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Local\5DE05E1C-1427629776-E211-B636-B888E3AA6D9A [2015.03.29 11:49:22 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Local\5DE05E1C-1427629762-E211-B636-B888E3AA6D9A [2015.03.29 11:47:03 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Local\5DE05E1C-1427629623-E211-B636-B888E3AA6D9A [2015.03.29 11:45:49 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\5DE05E1C-1427622349-E211-B636-B888E3AA6D9A [2015.03.28 21:41:01 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Local\Glyph [2015.03.28 21:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph [2015.03.28 21:40:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glyph [2015.03.28 20:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webzen [2015.03.28 17:04:38 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\8pecxstudios [2015.03.28 17:04:38 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Local\8pecxstudios [2015.03.28 17:04:08 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox [2015.03.28 17:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\Cyberfox [2015.03.25 00:08:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\lib [2015.03.25 00:08:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bin [2015.03.22 13:57:32 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE [2015.03.22 12:47:10 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Local\CCP [2015.03.21 13:36:14 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\Tropico 5 [2015.03.21 13:35:20 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\Kalypso Media [2015.03.21 12:41:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2015.03.17 22:48:33 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\GameInvest [2015.03.17 12:51:40 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\Five-BN Games [2015.03.16 10:47:51 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\NVIDIA [2015.03.15 23:39:20 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\.minecraft [2015.03.15 22:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\4423493481857464035 [2015.03.15 22:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{cce61d59-8c68-bfa4-cce6-61d598c67566} [2015.03.14 22:22:26 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2015.03.14 21:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\{44587a0a-6024-e1cf-4458-87a0a602e829} [2015.03.12 15:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\HipSoft [2015.03.11 13:46:47 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\Sahmon Games [2015.03.11 12:59:18 | 000,000,000 | ---D | C] -- C:\ProgramData\com.gamehouse.acid [2015.03.11 12:58:46 | 000,000,000 | ---D | C] -- C:\Zylom Games [2015.03.11 12:57:54 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Local\com.gamehouse.acid [2015.03.11 12:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2015.03.11 12:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2015.03.11 12:43:57 | 000,000,000 | ---D | C] -- C:\ProgramData\81d19778c51c4881a7eae8f07044d0be [2015.03.11 12:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\0d4294919c9a4941ba7cc97f91f909a5 [2015.03.07 01:37:56 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Local\Geckofx [2015.03.07 01:37:43 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Roaming\Firefly Studios [2015.03.03 16:22:09 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\AppData\Local\Steam [2015.03.03 01:58:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari [2015.03.03 01:55:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari [2015.03.02 22:47:39 | 000,000,000 | ---D | C] -- C:\Users\Dominik Engl\Documents\Euro Truck Simulator 2 [2015.03.02 21:47:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANNO 1503 [2015.03.01 00:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HMH Interactive [2015.03.01 00:48:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HMH Interactive [2014.04.25 21:27:08 | 041,212,184 | ---- | C] (NVIDIA Corporation) -- C:\Users\Dominik Engl\AppData\Roaming\PhysX_9.09.0814_SystemSoftware.exe [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2015.03.29 22:48:00 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2015.03.29 22:42:23 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2015.03.29 22:42:11 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2015.03.29 22:29:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2015.03.29 22:27:33 | 000,001,374 | ---- | M] () -- C:\Windows\tasks\EZ.job [2015.03.29 22:27:33 | 000,001,130 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2015.03.29 22:27:10 | 005,144,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2015.03.29 22:26:44 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2015.03.29 22:26:44 | 2422,013,951 | -HS- | M] () -- C:\hiberfil.sys [2015.03.29 22:09:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2015.03.29 17:20:38 | 000,442,264 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\yzmjkeua.sys [2015.03.29 15:51:36 | 000,059,392 | R--- | M] () -- C:\Windows\SysWow64\streamhlp.dll [2015.03.29 15:51:36 | 000,001,089 | ---- | M] () -- C:\Users\Dominik Engl\Desktop\TrojanHunter.lnk [2015.03.29 15:38:11 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2015.03.29 15:38:11 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2015.03.29 15:38:11 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2015.03.29 15:38:11 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2015.03.29 15:38:11 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2015.03.29 14:49:21 | 000,001,382 | ---- | M] () -- C:\Windows\tasks\SCPHBQ.job [2015.03.29 14:04:17 | 000,001,225 | ---- | M] () -- C:\Users\Dominik Engl\Desktop\TreeSize Free.lnk [2015.03.29 13:57:31 | 000,001,001 | ---- | M] () -- C:\Users\Dominik Engl\Desktop\Glyph.lnk [2015.03.29 12:04:30 | 002,168,320 | ---- | M] () -- C:\Users\Dominik Engl\Desktop\adwcleaner_4.113.exe [2015.03.29 12:04:05 | 000,008,632 | ---- | M] () -- C:\Windows\SysWow64\VCLOff.ini [2015.03.29 12:04:05 | 000,008,632 | ---- | M] () -- C:\Windows\SysNative\VCLOff.ini [2015.03.27 17:25:27 | 000,000,482 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Dominik Engl.job [2015.03.26 21:14:08 | 000,005,542 | ---- | M] () -- C:\Users\Dominik Engl\AppData\Roaming\SCPHBQ [2015.03.26 21:14:08 | 000,004,185 | ---- | M] () -- C:\Users\Dominik Engl\AppData\Roaming\EZ [2015.03.25 11:09:11 | 000,098,304 | ---- | M] () -- C:\Users\Dominik Engl\fbchathistory.dat [2015.03.22 14:03:36 | 000,000,066 | ---- | M] () -- C:\Windows\4457412 [2015.03.21 12:40:44 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2015.03.17 06:15:40 | 000,064,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys [2015.03.17 06:15:28 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2015.03.17 06:15:24 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2015.03.29 16:12:16 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2015.03.29 15:51:36 | 000,001,089 | ---- | C] () -- C:\Users\Dominik Engl\Desktop\TrojanHunter.lnk [2015.03.29 15:51:34 | 000,059,392 | R--- | C] () -- C:\Windows\SysWow64\streamhlp.dll [2015.03.29 14:04:17 | 000,001,225 | ---- | C] () -- C:\Users\Dominik Engl\Desktop\TreeSize Free.lnk [2015.03.29 12:04:26 | 002,168,320 | ---- | C] () -- C:\Users\Dominik Engl\Desktop\adwcleaner_4.113.exe [2015.03.29 12:01:57 | 000,008,632 | ---- | C] () -- C:\Windows\SysWow64\VCLOff.ini [2015.03.29 12:01:57 | 000,008,632 | ---- | C] () -- C:\Windows\SysNative\VCLOff.ini [2015.03.29 12:01:53 | 000,001,374 | ---- | C] () -- C:\Windows\tasks\EZ.job [2015.03.29 12:01:16 | 000,001,382 | ---- | C] () -- C:\Windows\tasks\SCPHBQ.job [2015.03.28 21:41:02 | 000,001,001 | ---- | C] () -- C:\Users\Dominik Engl\Desktop\Glyph.lnk [2015.03.26 21:14:08 | 000,005,542 | ---- | C] () -- C:\Users\Dominik Engl\AppData\Roaming\SCPHBQ [2015.03.26 21:14:08 | 000,004,185 | ---- | C] () -- C:\Users\Dominik Engl\AppData\Roaming\EZ [2015.03.25 11:09:11 | 000,098,304 | ---- | C] () -- C:\Users\Dominik Engl\fbchathistory.dat [2015.03.22 14:03:36 | 000,000,066 | ---- | C] () -- C:\Windows\4457412 [2015.02.04 16:25:13 | 000,000,937 | ---- | C] () -- C:\Users\Dominik Engl\measure-units.properties [2014.11.05 01:53:01 | 000,007,602 | ---- | C] () -- C:\Users\Dominik Engl\AppData\Local\Resmon.ResmonCfg [2014.10.18 20:04:42 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini [2014.06.30 20:05:16 | 000,346,112 | ---- | C] () -- C:\Windows\SysWow64\LiveWrapRTSP.dll [2014.06.04 21:22:46 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2014.05.15 03:42:29 | 000,009,060 | ---- | C] () -- C:\Users\Dominik Engl\AppData\Roaming\.freeciv-client-rc-2.4 [2014.04.09 06:45:19 | 000,231,960 | ---- | C] () -- C:\Windows\RegBootClean64.exe [2014.04.09 04:26:48 | 000,000,036 | ---- | C] () -- C:\Users\Dominik Engl\AppData\Local\housecall.guid.cache [2014.04.09 04:21:28 | 000,000,522 | ---- | C] () -- C:\Windows\wininit.ini [2014.02.22 12:42:59 | 000,001,496 | ---- | C] () -- C:\Users\Dominik Engl\AppData\Local\recently-used.xbel [2014.01.10 19:25:50 | 000,000,000 | ---- | C] () -- C:\Users\Dominik Engl\AppData\Roaming\FileOut.cns [2014.01.10 19:25:50 | 000,000,000 | ---- | C] () -- C:\Users\Dominik Engl\AppData\Roaming\FileIn.cns [2013.12.29 23:12:41 | 000,000,008 | ---- | C] () -- C:\Users\Dominik Engl\AppData\Roaming\DofusAppId0_2 [2013.12.13 02:18:43 | 000,290,776 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2013.12.13 02:18:42 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2013.12.05 14:34:48 | 000,251,144 | ---- | C] () -- C:\Windows\SysWow64\prgiso.dll [2013.10.31 21:08:05 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2013.10.09 23:05:08 | 000,235,008 | ---- | C] () -- C:\Windows\SysWow64\FltEng.dll [2013.10.09 23:05:08 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\secpro.exe [2013.10.06 13:28:51 | 000,999,424 | ---- | C] () -- C:\Windows\SysWow64\fathmail.dll [2013.09.08 03:08:08 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini [2013.08.28 23:03:36 | 000,054,272 | ---- | C] () -- C:\Windows\sassr.dat [2013.08.20 13:29:23 | 000,061,952 | -H-- | C] () -- C:\Windows\SysWow64\sinvfct.dll [2013.07.20 02:07:51 | 000,000,125 | ---- | C] () -- C:\Users\Dominik Engl\AppData\Roaming\D2Info0 [2013.07.20 02:07:51 | 000,000,008 | ---- | C] () -- C:\Users\Dominik Engl\AppData\Roaming\DofusAppId0_1 [2013.07.18 17:40:42 | 000,110,080 | ---- | C] () -- C:\Windows\sysk32.dll [2013.07.08 00:38:57 | 000,004,608 | ---- | C] () -- C:\Users\Dominik Engl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.07.08 00:38:25 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll [2013.07.08 00:38:23 | 001,200,937 | ---- | C] () -- C:\Windows\unins000.exe [2013.07.08 00:38:23 | 000,074,634 | ---- | C] () -- C:\Windows\unins000.dat [2013.05.25 02:15:17 | 000,098,344 | ---- | C] () -- C:\Windows\unTMV.exe [2013.03.30 22:43:45 | 000,022,655 | ---- | C] () -- C:\Windows\SysWow64\mswiniore.dll [2012.12.15 20:47:32 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl ========== ZeroAccess Check ========== [2013.04.24 00:42:20 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014.10.11 09:44:56 | 019,764,736 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014.10.11 07:57:57 | 017,562,112 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:82F50D1C @Alternate Data Stream - 199 bytes -> C:\ProgramData\Temp:8927A071 @Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:BC1F7CAE @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:2CB9631F < End of report > OTL EXTRAS Logfile: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 29.03.2015 22:48:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dominik Engl\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17183)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,82 Gb Total Physical Memory | 5,59 Gb Available Physical Memory | 71,46% Memory free
9,19 Gb Paging File | 6,82 Gb Available in Paging File | 74,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,19 Gb Total Space | 181,20 Gb Free Space | 40,61% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: DOMINIK | User Name: Dominik Engl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = CyberfoxHTML] -- C:\Program Files\Cyberfox\Cyberfox.exe (8pecxstudios)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Value error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Value error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03F4B46D-D4BF-462A-B3E2-928F71000DE5}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{0E3BD3FF-2872-49D8-B6CA-F2E521F8AC09}" = dir=out | name=acer crystal eye |
"{0F23543B-63F9-43B7-A535-20429CF0571F}" = dir=out | name=weatherbug |
"{12F67213-6CC6-4AFD-A7C5-916B39C64F02}" = dir=out | name=7digital music store |
"{13D08EDC-DD2D-446B-83DD-0893C3EA7061}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{1E814EA8-DE58-4C34-A495-84D8DB699F98}" = dir=out | name=cut the rope |
"{1FEB9FBC-B492-4517-A75B-D33E26103C12}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{2643B2AA-CC8E-4A48-929D-F1E36A17C63A}" = dir=out | name=microsoft minesweeper |
"{307388A4-ABCF-461B-ADB9-0D8718941279}" = dir=out | name=microsoft solitaire collection |
"{34476BC6-D142-4801-9A82-B3366E776944}" = dir=out | name=acer explorer |
"{41497A87-BE30-4287-8E54-82ECFAEEB38D}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{47CB61EF-2C66-4FD9-BEED-12213AA68B0A}" = dir=out | name=skype |
"{4BF51E3C-7A29-40E0-A432-233E5E61CB8A}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{4E00CABB-9A85-4A1D-B953-68DD958F868F}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{5249D2B8-9B47-4814-86A5-65F2FF489ECA}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{5A6208AC-CB33-4933-9901-230036E5821C}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{64519707-1DA2-4487-88C3-5E866B0EC7A3}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{6EE0C140-F89D-4421-B0EA-7480C9BA16F0}" = dir=out | name=social jogger |
"{70C90499-B7A3-4C8A-A21E-201F65CDF726}" = dir=out | name=txtr reader |
"{71E85B68-BDFE-4FB6-A38B-1D816FC9BD9B}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{725BF644-165F-4733-84DD-BF3C8E4E5690}" = dir=out | name=taptiles |
"{7FE13506-F21F-4420-9562-F137DA56384B}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{85957B86-2AC8-4080-80E3-E25A5A7831AB}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{8BAF0C8D-46E2-42EE-B651-918FEB4E6F94}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{8DE02484-F6FA-4386-9413-94F047CAA7E6}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{903B54C9-D11D-4803-8F81-B2F31739FEF2}" = dir=out | name=skitch |
"{98F7869C-4FCC-4FD7-9615-83BE203DD083}" = dir=out | name=tunein radio |
"{A24884B0-FD2E-41A4-91FA-10FA322A7103}" = dir=out | name=evernote |
"{AD9648E3-14FB-48B2-B8EF-79D3871E4B84}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{B46B07F5-A623-476D-A288-34CCED447CBF}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{BB370A92-B8C5-42A0-B204-C815276AFE79}" = protocol=17 | dir=in | app=c:\program files (x86)\glyph\glyphclient.exe |
"{C0D3F266-6B0E-49D8-943F-EF5B1FD5743F}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{CEB4E93A-2B4D-4F1D-A936-79F5D76877A1}" = dir=in | name=ebay |
"{D3E05E1B-C7F7-4227-91CB-79A37DBE1A50}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{D90FBA53-6B00-42A9-8B32-A1B5156940B8}" = dir=out | name=ebay |
"{DD6D1B5D-4478-4903-AEEF-3A46994BD396}" = dir=in | name=skype |
"{DDB3E1C7-EB77-4910-8401-6C34C4358C04}" = protocol=6 | dir=in | app=c:\program files (x86)\glyph\glyphclient.exe |
"{E1FFD690-AAF9-4F84-92FD-DF1F714671FF}" = dir=out | name=newsxpresso metro |
"{E90B2F2C-835C-49AB-9DD4-975609423955}" = dir=in | name=evernote |
"{EB815270-71A8-4C01-9B18-B5EEB842A544}" = dir=out | name=microsoft mahjong |
"{F8CF2071-A267-4207-9799-879B7306F737}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{FCA2C2CE-1539-4825-826E-858704BFD5BC}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"TCP Query User{466B7D5E-DDD3-4709-91F9-AD3824E02346}C:\program files\cyberfox\cyberfox.exe" = protocol=6 | dir=in | app=c:\program files\cyberfox\cyberfox.exe |
"UDP Query User{B88DABF3-B73B-420A-A922-EC13AFDDAE36}C:\program files\cyberfox\cyberfox.exe" = protocol=17 | dir=in | app=c:\program files\cyberfox\cyberfox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86418031F0}" = Java 8 Update 31 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86418040F0}" = Java 8 Update 40 (64-bit)
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Acer Device Fast-lane
"{4745C004-7D5D-42BB-816A-79BF29C3A65C}" = MAGIX Goya burnR (MSI)
"{486D7332-4381-4982-8ABC-6A7B109FA34E}" = Vita String Ensemble
"{4913C631-0363-496A-9E24-1A260205AB9D}" = MAGIX Music Maker 2013 (Demosongs)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1" = Cyberfox Web Browser
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}" = WinPatrol
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}" = AdAwareUpdater
"{6EA96503-3738-4A4A-B743-0479CCBE371C}" = Vita Rock Drums
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{8215A318-CC27-435E-B3EA-2E3443C8998C}" = Acer Instant Update Service
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{86516976-CC47-4787-B9FD-720500EC1759}" = MAGIX Music Maker 2013 (Visuals)
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{AD409A65-BD38-4322-8765-492DD4E72DBF}" = MAGIX Music Maker 2013 (Synthesizer und Effekte)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 344.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B55B2878-8E05-4EF8-A4EF-CC6835410C17}" = MAGIX Music Maker 2013 Soundpools
"{B74C0F31-3688-4FCE-BEE8-0C3A47968027}" = Vita 2
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CC347FC6-C8D7-493A-B70E-1D89E22691A7}" = AntimalwareEngine
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{E56846B3-745F-443C-9C17-BC371A0902E0}" = AdAwareInstaller
"{E7F7CA64-C0FC-4499-BC4D-C764E24CA67B}" = MAGIX Music Maker 2013
"{F0A7DF2F-0BE0-470F-B137-D7A19F977189}" = Broadcom Card Reader Driver Installer
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"5723-2630-1175-8368" = Fakturama 1.6.7
"CCleaner" = CCleaner
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
"ZonerPhotoStudio16_DE_is1" = Zoner Photo Studio 16
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam 5
"{025A585C-0C66-413D-80D2-4C05CB699771}" = Dead Space
"{04450C18-F039-4B81-A621-70C3B0F523D5}" = The Sims 2: Ultimate Collection
"{050F5BE0-A8F6-48E1-9815-97322C1C1DC5}_is1" = MarkSpace Outlook Server Version 1.0
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15FA1110-CA8E-43E4-BD79-A28A897CD563}" = Audials
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}" = Windows Phone app for desktop
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1" = RaceRoom Racing Experience Launcher
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WiFi Driver Installation
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}" = FINAL FANTASY XIV - A Realm Reborn
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" = clear.fi SDK- Movie 2
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}" = Firebird SQL Server - MAGIX Edition
"{39CCA8F3-19C1-4246-B4BA-8174D665407C}_is1" = TumblRipper
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator
"{47E5588F-C3A0-11DE-9857-005056C00008}" = Paragon Partition Manager™ 2014 Free
"{496D7B7E-EBDC-4E2B-B021-4FF03B188B69}" = Pokémon Trading Card Game Online
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B5EBB2A-A55C-40E9-A48F-AEBFBAA90EC1}_is1" = Welcome Home To Windows Phone Version 2.0
"{4E62123C-4C0D-4123-A8A2-C0103B92D7EA}" = Should I Remove It
"{517CC397-B22F-4593-8DCB-DE72CC541E9A}" = League of Legends
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{574BF026-4487-4051-BCE5-83C4E40AAF6D}" = SlimComputer
"{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}" = SimCity 2000 Special Edition
"{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}" = msxml4
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}" = Pflanzen gegen Zombies™
"{60e0155b-9898-42a1-ab0a-c33353e03705}" = Free YouTube Download Manager
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6FA83576-0E44-4235-86A2-32A104E97280}" = Audials
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B63363-A6AF-403B-AEA6-5CE2586CADEA}" = Free YouTube Download Manager
"{73ABAA0E-70F0-4048-AD43-A5F5A13A198D}" = Audials
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{80AF0300-866F-400F-A350-D53E3C3E34E0}" = FUSSBALL MANAGER 13
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 2.0.6
"{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Backup Manager v4
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A1CD76EB-30CA-45EE-9946-5FC20BA62012}" = Age of Wulin
"{A227B892-C548-4490-9C5D-DB341F8194A6}_is1" = Euro Truck Simulator 2 Multiplayer 0.1.4 R3 Alpha
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A347C572-F7B4-43A3-BD51-FFC99184F70D}" = Jurassic Park Operation Genesis
"{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}" = PVZ Garden Warfare
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Deutsch
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C8842F80-0E07-4424-916D-9F6B6A9968E4}" = IncrediMail
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = AcerCloud Docs
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1
"{CED8E25B-122A-4E80-B612-7F99B93284B3}" = Arc
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D3FB0B73-11DF-41EE-9B6D-C7198079A88E}" = Steganos Safe 15
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{DCAB9AAC-1D1C-4B94-99B7-AA7D2617BD64}_is1" = concept/design onlineTV 10
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 Version 2.92
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" = clear.fi SDK - Video 2
"{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}" = ANNO 1503
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1" = Ezvid
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"023c03038d1e8d0dd5b29cacacce04d0" = Hospital Hustle Deluxe
"08d71c43d7ba8e543f0215bcab884209" = Supermarket Management
"0bd27f65980f021b19a2ee12501961b1" = The Island - Castaway Deluxe
"266cd93b236c46d9e3a0a44ddaf12961" = Shop it Up! Deluxe
"37a9e322478ad928b108ecf42de3c631" = Delicious - Emily's Honeymoon Cruise
"64ce3775e2b476d3c34210a5a9d238dc" = The Island - Castaway 2 Deluxe
"8b567f6f25e6a3d6abf028aeb1d36a31" = Delicious Promo
"92dfa5216d9c72682019916b3be098cf" = Sky High Farm Deluxe
"9b264bb29bdb57d30fcff344d51d815b" = Lost Lands - Dark Overlord Platinum Edition
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Ankh" = Ankh
"Audacity_is1" = Audacity 2.0.6
"b18451a1aab4b749ac384387f5fa24ff" = Stand O'Food Deluxe
"Burger Bustle" = Burger Bustle
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Cinema Tycoon 2" = Cinema Tycoon 2
"Combat Arms EU" = Combat Arms EU
"d4f8b6cf2daf5a8fa093daf3123e2b92" = Burger Bustle
"Delicious: Emily und der Duft des Erfolgs" = Delicious: Emily und der Duft des Erfolgs
"Der bartlose Zauberer" = Der bartlose Zauberer
"Der Hummelfluch" = W&G - Der Hummelfluch
"Deutschland Spielt - Spiele Post" = Deutschland Spielt - Spiele Post
"Die Abenteuer von Robinson Crusoe" = Die Abenteuer von Robinson Crusoe
"DivXCodec" = DivX 4.02 Codec
"Dream Hills: Gestohlene Magie" = Dream Hills: Gestohlene Magie
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"ESET Online Scanner" = ESET Online Scanner v3
"Fall of the New Age: Im Bann der Sekte Sammleredition" = Fall of the New Age: Im Bann der Sekte Sammleredition
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"FixCleanRepair_is1" = FixCleanRepair v1.0
"FreeFixer1.12" = FreeFixer
"Game Booster_is1" = Game Booster 3
"Geheime Fälle: Auf den Spuren von Casanova" = Geheime Fälle: Auf den Spuren von Casanova
"Glyph" = Glyph
"Goldrausch: Die Schatzsuche" = Goldrausch: Die Schatzsuche
"Google Chrome" = Google Chrome
"Heart's Medicine: Ärztin mit Herz" = Heart's Medicine: Ärztin mit Herz
"Icy Tower v1.5_is1" = Icy Tower v1.5
"Image Converter Image Converter" = Image Converter
"IncrediMail" = IncrediMail 2.5
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam 5
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Acer Backup Manager
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"IsoBuster_is1" = IsoBuster 3.2
"JTL-Wawi_is1" = JTL-Wawi
"Lawn & Order 2: Die Gartenverschwörung" = Lawn & Order 2: Die Gartenverschwörung
"League of Legends 3.0.1" = League of Legends
"Legends of Solitaire: Die verlorenen Karten" = Legends of Solitaire: Die verlorenen Karten
"LG PC Suite IV" = LG PC Suite IV
"LManager" = Launch Manager
"MAGIX_GlobalContent" = MAGIX Content und Soundpools
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.1.4.1018
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MX.{4745C004-7D5D-42BB-816A-79BF29C3A65C}" = MAGIX Goya burnR (MSI)
"MX.{4913C631-0363-496A-9E24-1A260205AB9D}" = MAGIX Music Maker 2013 (Demosongs)
"MX.{86516976-CC47-4787-B9FD-720500EC1759}" = MAGIX Music Maker 2013 (Visuals)
"MX.{AD409A65-BD38-4322-8765-492DD4E72DBF}" = MAGIX Music Maker 2013 (Synthesizer und Effekte)
"MX.{E7F7CA64-C0FC-4499-BC4D-C764E24CA67B}" = MAGIX Music Maker 2013
"Online Games Manager" = Online Games Manager v1.30
"OpenAL" = OpenAL
"OpenLibraries" = OpenLibraries
"Origin" = Origin
"PC Wizard 2013_is1" = PC Wizard 2013.2.12
"PureWare" = PureWare
"Razer Game Booster_is1" = Razer Game Booster
"RealPlayer 16.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.95
"Ricky`s Restaurant" = Ricky`s Restaurant
"Ritter Arthur 4" = Ritter Arthur 4
"S2TNG" = Die Siedler II - Die nächste Generation
"SagaGamesHotelManager2_is1" = Hotel-Manager
"Sam und Max All-Zeit Bereit" = Sam & Max All-Zeit Bereit
"Spooky Mall" = Spooky Mall
"Spotify" = Spotify
"Startfenster" = Startfenster
"Steam" = Steam
"Steam App 107410" = Arma 3
"Steam App 18490" = The Whispered World
"Steam App 201570" = Really Big Sky
"Steam App 210770" = Sanctum 2
"Steam App 211500" = RaceRoom Racing Experience
"Steam App 211820" = Starbound
"Steam App 215080" = WAKFU
"Steam App 221100" = DayZ
"Steam App 223670" = F1 2013
"Steam App 224600" = Defiance
"Steam App 227300" = Euro Truck Simulator 2
"Steam App 227700" = Firefall
"Steam App 23490" = Tropico 3 - Steam Special Edition
"Steam App 24200" = DC Universe Online
"Steam App 245620" = Tropico 5
"Steam App 246280" = Happy Wars
"Steam App 252530" = OMSI 2
"Steam App 257890" = Frozen Hearth
"Steam App 263540" = Villagers and Heroes
"Steam App 268540" = The Whispered World Special Edition
"Steam App 40390" = Risen 2 - Dark Waters
"Steam App 47410" = Stronghold Kingdoms
"Steam App 8600" = RACE 07
"Steam App 8660" = GTR Evolution
"Steam App 92800" = SpaceChem
"The Island: Castaway" = The Island: Castaway
"Tony Tough 2 - A Rake's Progress_is1" = Tony Tough 2 - Patch
"Treasure Island" = Treasure Island
"TreeSize Free_is1" = TreeSize Free V3.3.2
"TrojanHunter_is1" = TrojanHunter 5.6
"TV Farm 2: Bauer total" = TV Farm 2: Bauer total
"Urlaub Unter Tage" = W&G - Urlaub Unter Tage
"Wiggles_is1" = Wiggles 1.0.844
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinPcapInst" = WinPcap 4.1.3
"Wise Game Booster_is1" = Wise Game Booster 1.12
"Wise Program Uninstaller_is1" = Wise Program Uninstaller 1.63
"WTA-0f70623e-a7c8-414b-812a-259fd65605e0" = Bejeweled 3
"WTA-1232a605-888e-464d-9cbd-bdf979a79f4b" = Magic Academy
"WTA-243ad700-fe81-401c-bbb6-28fb7f941dae" = Polar Bowler
"WTA-2b0fb711-4c2f-4fcd-ac58-4f2cce7d9c7e" = Delicious: Emily's True Love Premium Edition
"WTA-2da04e97-7d1d-46a1-b9d8-50244960fbba" = Plants vs. Zombies - Game of the Year
"WTA-41bc2c58-b116-4985-8548-97d138a760f2" = Governor of Poker 2 Premium Edition
"WTA-4c8e0c71-6fd0-4c65-a00d-9d42ec9a321c" = Island Tribe
"WTA-6396e918-8db9-484a-b249-6749fc0ef09d" = Aloha TriPeaks
"WTA-72eef4ff-6c94-406b-81d7-ddb70c8bc5eb" = Penguins!
"WTA-8cb45c96-db4a-4332-bda4-4cfe32683226" = Zuma's Revenge
"WTA-a3e769bd-12eb-4975-ab09-221d6c973d92" = Jewel Match 3
"WTA-b6291e84-3a8b-4835-b3bf-0c4d327e62d5" = Agatha Christie - Death on the Nile
"WTA-e34813a9-942e-4067-ae5a-cd2a939a15d5" = Tales of Lagoona
"WTA-ec2b7e76-92aa-458d-9dc1-87b588f70c67" = John Deere Drive Green
"Youda Farmer 3: Jahreszeiten" = Youda Farmer 3: Jahreszeiten
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.9.13
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"1F4715F1-86E7-4450-AA9A-13ADBF14BED1-2" = Wakfu
"Akamai" = Akamai NetSession Interface
"GamersFirst LIVE!" = GamersFirst LIVE!
"HappyCloud" = Happy Cloud Client
"MMDoC-PDCLive" = Duel of Champions
"Octoshape Streaming Services" = Octoshape Streaming Services
"sc15-GAMETWIST_MAIN" = Ski Challenge 15
"Should I Remove It 1.0.4" = Should I Remove It
"SOE-DC Universe Online Live" = DC Universe Online Live
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.03.2015 15:52:48 | Computer Name = Dominik | Source = MsiInstaller | ID = 11706
Description =
Error - 29.03.2015 15:52:50 | Computer Name = Dominik | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DMCDaemon.exe, Version: 1.6.2005.1305,
Zeitstempel: 0x50220370 Name des fehlerhaften Moduls: DMCDaemon.exe, Version: 1.6.2005.1305,
Zeitstempel: 0x50220370 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00049d1c ID des fehlerhaften
Prozesses: 0x12c4 Startzeit der fehlerhaften Anwendung: 0x01d06a59ecad4dfe Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
Berichtskennung:
2d9ebea1-d64d-11e4-bf47-b888e3aa6d9a Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 29.03.2015 15:52:56 | Computer Name = Dominik | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WindowsUpnp.exe, Version: 1.6.2005.1305,
Zeitstempel: 0x50220301 Name des fehlerhaften Moduls: WindowsUpnp.exe, Version:
1.6.2005.1305, Zeitstempel: 0x50220301 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0005912c
ID
des fehlerhaften Prozesses: 0x1780 Startzeit der fehlerhaften Anwendung: 0x01d06a59ecc06124
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
Berichtskennung:
30fb7b6d-d64d-11e4-bf47-b888e3aa6d9a Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 29.03.2015 15:52:59 | Computer Name = Dominik | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DMCDaemon.exe, Version: 1.6.2005.1305,
Zeitstempel: 0x50220370 Name des fehlerhaften Moduls: DMCDaemon.exe, Version: 1.6.2005.1305,
Zeitstempel: 0x50220370 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00049d1c ID des fehlerhaften
Prozesses: 0xdc4 Startzeit der fehlerhaften Anwendung: 0x01d06a59f4bbbc4a Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
Berichtskennung:
330cccb5-d64d-11e4-bf47-b888e3aa6d9a Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 29.03.2015 16:03:57 | Computer Name = Dominik | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153,
Zeitstempel: 0x538fb354 Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153,
Zeitstempel: 0x538fb051 Ausnahmecode: 0x80000003 Fehleroffset: 0x00485166 ID des fehlerhaften
Prozesses: 0xac8 Startzeit der fehlerhaften Anwendung: 0x01d06a5b7d2368a8 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\chrome.dll
Berichtskennung:
bb5ca108-d64e-11e4-bf47-b888e3aa6d9a Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 29.03.2015 16:04:00 | Computer Name = Dominik | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153,
Zeitstempel: 0x538fb354 Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153,
Zeitstempel: 0x538fb051 Ausnahmecode: 0x80000003 Fehleroffset: 0x00485166 ID des fehlerhaften
Prozesses: 0x174c Startzeit der fehlerhaften Anwendung: 0x01d06a5b7f66cc05 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\chrome.dll
Berichtskennung:
bd1ce146-d64e-11e4-bf47-b888e3aa6d9a Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 29.03.2015 16:04:04 | Computer Name = Dominik | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153,
Zeitstempel: 0x538fb354 Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153,
Zeitstempel: 0x538fb051 Ausnahmecode: 0x80000003 Fehleroffset: 0x00485166 ID des fehlerhaften
Prozesses: 0x1548 Startzeit der fehlerhaften Anwendung: 0x01d06a5b81971c6c Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\chrome.dll
Berichtskennung:
bf4f93e3-d64e-11e4-bf47-b888e3aa6d9a Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 29.03.2015 16:04:07 | Computer Name = Dominik | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153,
Zeitstempel: 0x538fb354 Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153,
Zeitstempel: 0x538fb051 Ausnahmecode: 0x80000003 Fehleroffset: 0x00485166 ID des fehlerhaften
Prozesses: 0xc80 Startzeit der fehlerhaften Anwendung: 0x01d06a5b836f3455 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\chrome.dll
Berichtskennung:
c1254991-d64e-11e4-bf47-b888e3aa6d9a Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 29.03.2015 16:07:37 | Computer Name = Dominik | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error - 29.03.2015 16:17:14 | Computer Name = Dominik | Source = MsiInstaller | ID = 11706
Description =
Error - 29.03.2015 16:26:08 | Computer Name = Dominik | Source = SDUpdateService | ID = 0
Description =
Error - 29.03.2015 17:06:32 | Computer Name = Dominik | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153,
Zeitstempel: 0x538fb354 Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153,
Zeitstempel: 0x538fb051 Ausnahmecode: 0x80000003 Fehleroffset: 0x00485166 ID des fehlerhaften
Prozesses: 0x1398 Startzeit der fehlerhaften Anwendung: 0x01d06a64323dda8a Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\chrome.dll
Berichtskennung:
7959b225-d657-11e4-bf48-b888e3aa6d9a Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
[ System Events ]
Error - 29.03.2015 15:14:21 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Wise Boot Assistant" wurde aufgrund folgenden Fehlers
nicht gestartet: %%3
Error - 29.03.2015 15:14:21 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Der Dienst "????4????tE" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 29.03.2015 15:16:25 | Computer Name = Dominik | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?03.?2015 um 21:13:27 unerwartet heruntergefahren.
Error - 29.03.2015 15:17:03 | Computer Name = Dominik | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Optimizer Pro Crash Monitor erreicht.
Error - 29.03.2015 15:17:03 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Footer Typewriter" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 29.03.2015 15:17:07 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Wise Boot Assistant" wurde aufgrund folgenden Fehlers
nicht gestartet: %%3
Error - 29.03.2015 15:17:07 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Der Dienst "????4????tE" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 29.03.2015 16:27:50 | Computer Name = Dominik | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Optimizer Pro Crash Monitor erreicht.
Error - 29.03.2015 16:27:51 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Wise Boot Assistant" wurde aufgrund folgenden Fehlers
nicht gestartet: %%3
Error - 29.03.2015 16:27:51 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Der Dienst "????4????tE" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report >
--- --- --- Geändert von Blablub984 (29.03.2015 um 22:50 Uhr) |
| Themen zu Manche Programme kein Internetzugriff zum Updaten |
| adobe, adobe flash player, akamai, avast, bho, defender, error, escan, euro, explorer, flash player, format, geforce, homepage, install.exe, launch, league of legends, logfile, malwarebytes, microsoft, nvpciflt.sys, opera, programme, refresh, registry, revo uninstaller, rundll, security, software, tower, updates, windows |
Baum-Darstellung