| Adler-Wolf | 18.04.2013 18:40 |
"C:\Windows\SysWOW64" öffnet sich bei Systemstart
Guten Tag liebe Trojaner-Board Helfer!
Ich habe Aktuell ein Problem mit meinem Windows.
Wenn ich mein Rechner starte öffnet sich Aktuell der oder "C:\Windows\SysWOW64". Das ist schon sehr merkwürdig und auch lästig. Habe schon im Autostart Ordner und in msconfig.exe geschaut aber nichts gefunden.
Zu meinem System ich nutzte Kubuntu und Windows 7 Professional 64-Bit ( bin Student habe es über Dreamspark). Ich nutzte Gdata Total Protection 2014
So dann folgen mal die gewünschten Logs für alle neuen Posts:
Defogger wurde ausgeführt.
OTL.txt Code:
OTL logfile created on: 18.04.2013 19:20:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\Adler-Wolf\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 51,95% Memory free
8,00 Gb Paging File | 5,53 Gb Available in Paging File | 69,12% Paging File free
Paging file location(s): f:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,80 Gb Total Space | 19,26 Gb Free Space | 34,52% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 120,22 Gb Free Space | 51,62% Space Free | Partition Type: NTFS
Drive E: | 1171,90 Gb Total Space | 366,19 Gb Free Space | 31,25% Space Free | Partition Type: NTFS
Drive F: | 341,82 Gb Total Space | 249,30 Gb Free Space | 72,93% Space Free | Partition Type: NTFS
Drive G: | 349,17 Gb Total Space | 142,59 Gb Free Space | 40,84% Space Free | Partition Type: NTFS
Computer Name: ADLER-WOLF-PC | User Name: Adler-Wolf | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.18 19:19:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\Adler-Wolf\Downloads\OTL.exe
PRC - [2013.04.11 22:08:10 | 001,104,280 | ---- | M] (Spotify Ltd) -- D:\Users\Adler-Wolf\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013.04.09 21:56:13 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.04.05 02:06:38 | 001,631,144 | ---- | M] (Valve Corporation) -- E:\Program Files (x86)\Steam\Steam.exe
PRC - [2013.04.05 02:06:38 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013.04.05 00:41:44 | 025,863,280 | ---- | M] (Dropbox, Inc.) -- D:\Users\Adler-Wolf\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.03.11 13:32:00 | 006,873,600 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files (x86)\Free Download Manager\fdm.exe
PRC - [2013.03.04 11:09:17 | 001,956,304 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2013.02.27 10:32:11 | 001,942,480 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
PRC - [2013.02.26 03:28:44 | 000,357,456 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2013.02.26 03:28:26 | 000,436,304 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2013.02.26 02:30:42 | 000,087,120 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
PRC - [2013.02.25 14:59:46 | 000,696,808 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
PRC - [2013.02.25 05:01:04 | 001,444,304 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
PRC - [2013.02.25 04:52:49 | 001,854,416 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
PRC - [2013.02.25 04:15:25 | 000,635,344 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
PRC - [2013.01.23 08:12:42 | 000,166,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
PRC - [2013.01.23 08:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.08.22 18:57:30 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2011.08.22 18:52:46 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2011.02.11 05:34:22 | 000,664,944 | ---- | M] (Juniper Networks) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
PRC - [2010.12.19 04:50:30 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2010.11.23 18:33:22 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
PRC - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
PRC - [2010.08.02 21:13:12 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2010.03.31 01:37:34 | 000,309,848 | ---- | M] (TechniSat Digital, S.A.) -- C:\Program Files (x86)\TechniSat DVB\bin\Server4PC.exe
PRC - [2010.02.18 19:27:40 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2009.11.10 19:05:34 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razerhid.exe
PRC - [2009.11.04 17:28:00 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razertra.exe
PRC - [2009.10.05 13:06:46 | 000,036,864 | ---- | M] () -- C:\Programme\MagicTune Premium\GammaTray.exe
PRC - [2007.08.16 18:05:16 | 000,274,432 | ---- | M] (razercfg MFC Application) -- C:\Program Files (x86)\Razer\Lachesis\OSD.exe
PRC - [2007.06.05 11:37:12 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Lachesis\razerofa.exe
========== Modules (No Company Name) ==========
MOD - [2013.04.05 02:06:38 | 001,114,024 | ---- | M] () -- E:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013.03.27 02:16:40 | 020,341,672 | ---- | M] () -- E:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013.03.26 00:23:34 | 000,651,776 | ---- | M] () -- E:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013.03.13 22:48:52 | 024,978,944 | ---- | M] () -- D:\Users\Adler-Wolf\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013.01.23 08:12:42 | 000,166,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
MOD - [2013.01.23 08:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2013.01.16 18:01:08 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2013.01.16 18:01:06 | 000,348,160 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2013.01.16 18:01:00 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2013.01.16 18:00:58 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2013.01.16 18:00:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2013.01.16 12:58:54 | 008,626,176 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2013.01.16 12:58:52 | 000,212,992 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2013.01.16 12:58:50 | 002,408,448 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2013.01.11 04:22:32 | 003,547,136 | ---- | M] () -- C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
MOD - [2012.12.11 19:51:10 | 001,100,800 | ---- | M] () -- E:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012.12.11 19:51:10 | 000,192,000 | ---- | M] () -- E:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012.12.11 19:51:10 | 000,124,416 | ---- | M] () -- E:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012.11.30 12:48:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTMUI.dll
MOD - [2012.11.30 12:45:56 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
MOD - [2012.11.30 12:26:54 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTUI.dll
MOD - [2012.11.30 12:24:00 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTFC.dll
MOD - [2012.11.14 01:32:50 | 003,558,400 | ---- | M] () -- D:\Users\Adler-Wolf\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2011.08.22 18:57:32 | 000,002,560 | ---- | M] () -- C:\Windows\SysWOW64\CtxfiRes.dll
MOD - [2011.04.30 21:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll
MOD - [2011.04.30 21:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTTSH.dll
MOD - [2010.03.30 14:25:38 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\TechniSat DVB\bin\LIBBZ2.dll
MOD - [2009.11.10 19:05:34 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razerhid.exe
MOD - [2009.11.04 17:28:00 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razertra.exe
MOD - [2009.10.05 13:06:46 | 000,036,864 | ---- | M] () -- C:\Programme\MagicTune Premium\GammaTray.exe
MOD - [2009.03.26 15:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009.02.06 19:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
========== Services (SafeList) ==========
SRV:64bit: - [2012.12.19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.09 21:56:13 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.04.06 16:22:31 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.05 02:06:38 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.03.19 00:06:41 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.18 23:59:39 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2013.03.18 23:58:54 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2013.03.15 00:08:30 | 001,871,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV - [2013.03.04 11:09:17 | 001,956,304 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2013.02.27 10:32:11 | 001,942,480 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe -- (GDBackupSvc)
SRV - [2013.02.26 03:28:44 | 000,357,456 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2013.02.26 03:28:26 | 000,436,304 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2013.02.26 02:30:42 | 000,087,120 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2013.02.25 15:00:02 | 000,257,512 | ---- | M] (G Data Software) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe -- (TSNxGService)
SRV - [2013.02.25 14:59:46 | 000,696,808 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2013.02.25 13:30:26 | 000,178,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2013.02.25 05:06:17 | 001,711,568 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe -- (GDTunerSvc)
SRV - [2013.02.25 04:48:22 | 002,656,800 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2013.02.25 04:41:37 | 002,249,944 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2013.02.25 04:15:25 | 000,635,344 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe -- (AVKService)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.16 13:25:38 | 000,123,664 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012.11.22 07:12:46 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2012.10.11 17:15:30 | 000,918,680 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2012.01.05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2011.02.11 05:34:22 | 000,664,944 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010.12.19 04:50:30 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010.11.23 18:33:22 | 000,240,112 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.08.18 13:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.04.08 14:07:19 | 000,062,808 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2013.04.08 14:07:00 | 000,098,760 | ---- | M] (G Data Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TS4nt.sys -- (TS4NT)
DRV:64bit: - [2013.04.08 14:07:00 | 000,077,656 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gddcd64.sys -- (gddcd)
DRV:64bit: - [2013.04.08 14:07:00 | 000,058,712 | ---- | M] (G Data Software AG) [File_System | System | Running] -- C:\Windows\SysNative\drivers\gddcv64.sys -- (gddcv)
DRV:64bit: - [2013.04.08 14:06:59 | 000,064,856 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2013.04.08 14:06:58 | 000,064,856 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2013.04.08 14:06:56 | 000,133,976 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2013.04.08 14:06:56 | 000,060,248 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2013.02.26 03:28:48 | 000,067,664 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2013.02.26 03:28:14 | 000,030,800 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2013.02.26 03:27:48 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2013.02.26 03:27:48 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2013.02.26 03:27:44 | 000,033,360 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2012.12.19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.11.06 13:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.10.24 15:17:14 | 000,070,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2012.10.24 15:17:10 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2012.10.11 17:15:32 | 000,052,376 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2012.10.08 20:52:52 | 000,031,968 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.08.22 20:26:46 | 001,561,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2011.08.22 20:26:34 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2011.08.22 20:26:24 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2011.08.22 20:26:12 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2011.08.22 20:26:02 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2011.08.22 20:25:50 | 000,687,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:64bit: - [2011.08.22 20:25:40 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2011.08.22 20:25:30 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2011.08.22 20:25:30 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2011.08.22 20:25:16 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2011.08.22 20:25:16 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2011.08.22 20:25:06 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2011.08.22 20:25:06 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.11 05:19:58 | 000,032,768 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.25 03:00:00 | 000,714,368 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusbn.sys -- (fwlanusbn)
DRV:64bit: - [2010.10.25 03:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2010.05.10 10:09:36 | 000,617,048 | ---- | M] (TechniSat Digital, S.A.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SkyNET_AMD64.sys -- (SKYNET)
DRV:64bit: - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.10.16 22:09:14 | 000,029,952 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Lachesis.sys -- (VaneFltr)
DRV:64bit: - [2009.09.28 10:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (MagicTune)
DRV:64bit: - [2005.03.29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2013.01.23 08:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2012.12.16 13:25:34 | 000,202,632 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2003.09.12 08:46:25 | 000,011,376 | R--- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\SECDRV.SYS -- (SecDrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 65 26 8F E1 E3 23 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.11 22:05:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.11 22:05:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.03.18 16:56:04 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Adler-Wolf\AppData\Roaming\Mozilla\Extensions
[2013.04.18 19:03:41 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Adler-Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\9kxedk7v.Adler-Wolf\extensions
[2013.03.19 01:00:53 | 000,123,385 | ---- | M] () (No name found) -- D:\Users\Adler-Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\9kxedk7v.Adler-Wolf\extensions\elemhidehelper@adblockplus.org.xpi
[2013.04.12 20:42:04 | 000,667,481 | ---- | M] () (No name found) -- D:\Users\Adler-Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\9kxedk7v.Adler-Wolf\extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi
[2013.03.19 00:59:18 | 000,539,014 | ---- | M] () (No name found) -- D:\Users\Adler-Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\9kxedk7v.Adler-Wolf\extensions\toolbar@web.de.xpi
[2013.04.10 21:12:40 | 000,350,097 | ---- | M] () (No name found) -- D:\Users\Adler-Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\9kxedk7v.Adler-Wolf\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2013.04.18 19:03:41 | 000,532,430 | ---- | M] () (No name found) -- D:\Users\Adler-Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\9kxedk7v.Adler-Wolf\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.03.19 01:00:44 | 000,817,280 | ---- | M] () (No name found) -- D:\Users\Adler-Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\9kxedk7v.Adler-Wolf\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.19 01:05:19 | 000,434,392 | ---- | M] () (No name found) -- D:\Users\Adler-Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\9kxedk7v.Adler-Wolf\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013.04.11 22:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.11 22:05:13 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.07 17:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.07 17:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.03.07 17:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.07 17:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.07 17:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.07 17:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2013.04.11 22:22:55 | 000,049,459 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 00aaf101a7.gougava.asia # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 1a2e115593.efacen.pro # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 1f1.fr # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2010-fr.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2012-new.biz # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 24h00business.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 4672ee0bc8.laibritec.waw.pl # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 4990usd.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 4xp.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 74.80.131.123 # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 78031d2298.tradorad.waw.pl # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 80323fcc6e.starsogor.waw.pl # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 8e47c22037.temavi.pro # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 96910cbcd4.nicero.pro # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 96fb625592.tysofque.waw.pl:82 # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 98eu.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ack.cdnperformance.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 acking.conversionads.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ad.adn360.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adeartss.eu # hosts anti-adware / pups
O1 - Hosts: 825 more lines...
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll File not found
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MagicTuneEngine] C:\Programme\MagicTune Premium\MagicTuneLauncher.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [G Data ASM] C:\Program Files (x86)\G Data\TotalProtection\DelayLoader\AutorunDelayLoader.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Lachesis] C:\Program Files (x86)\Razer\Lachesis\razerhid.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKCU..\Run: [Steam] E:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = D:\Users\Adler-Wolf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82F2DF93-C7C7-4878-A9A6-522DC005C2C1}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5B329FC-51AC-4FAF-9053-E3F0FB7D6587}: DhcpNameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F02D95A8-51C7-48D9-AADD-A32E53498649}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\PROGRAM FILES\PROCESSEXPLORER\PROCEXP.EXE (Sysinternals - www.sysinternals.com)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\PROGRAM FILES\PROCESSEXPLORER\PROCEXP.EXE (Sysinternals - www.sysinternals.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2e2767a0-9191-11e2-8665-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2e2767a0-9191-11e2-8665-806e6f6e6963}\Shell\AutoRun\command - "" = J:\START.EXE
O33 - MountPoints2\{55701481-93dd-11e2-8390-00d0d7015dd1}\Shell - "" = AutoRun
O33 - MountPoints2\{55701481-93dd-11e2-8390-00d0d7015dd1}\Shell\AutoRun\command - "" = K:\pushinst.exe
O33 - MountPoints2\{f3c13ad9-8fd1-11e2-afe7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f3c13ad9-8fd1-11e2-afe7-806e6f6e6963}\Shell\AutoRun\command - "" = I:\wubi.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2013.04.16 12:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.04.15 19:19:09 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\LolClient
[2013.04.15 18:57:24 | 000,000,000 | ---D | C] -- C:\Riot Games
[2013.04.15 17:15:48 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Desktop\lol
[2013.04.15 17:15:30 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\.swt
[2013.04.14 20:12:22 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- C:\Windows\SysNative\drivers\MTiCtwl.sys
[2013.04.14 20:12:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Electronics Ltd
[2013.04.14 20:12:16 | 000,000,000 | ---D | C] -- C:\Program Files\MagicTune Premium
[2013.04.11 22:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.11 19:25:38 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Desktop\SmashLand-Final-1-1
[2013.04.11 19:24:12 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Canneverbe Limited
[2013.04.11 19:24:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013.04.11 19:24:08 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2013.04.11 16:32:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
[2013.04.11 16:09:59 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Desktop\Hausarbeit PM
[2013.04.10 21:54:44 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Desktop\vserver
[2013.04.10 19:56:39 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Desktop\sw
[2013.04.10 19:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechnoMage
[2013.04.10 18:49:58 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\Diagnostics
[2013.04.08 17:34:38 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Documents\GOG.com Downloads
[2013.04.08 17:33:59 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\GOG.com
[2013.04.08 16:17:55 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\Skyrim
[2013.04.08 14:27:32 | 000,000,000 | -HSD | C] -- C:\#GDATA.Trash.Store#
[2013.04.08 14:14:33 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\G DATA
[2013.04.08 14:14:31 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\G Data
[2013.04.08 14:07:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection 2014
[2013.04.08 14:07:00 | 000,098,760 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\TS4nt.sys
[2013.04.08 14:07:00 | 000,077,656 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\gddcd64.sys
[2013.04.08 14:07:00 | 000,058,712 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\gddcv64.sys
[2013.04.08 14:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA Software
[2013.04.07 15:25:43 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2013.04.07 15:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2013.04.07 15:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SteamLibrary
[2013.04.07 00:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IKARION Software
[2013.04.07 00:35:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DEMONWORLD
[2013.04.07 00:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Melbourne House
[2013.04.06 19:01:49 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\CrashRpt
[2013.04.06 18:59:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Chart Controls
[2013.04.06 17:09:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex-Editor MX
[2013.04.06 17:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hex-Editor MX
[2013.04.06 16:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2013.04.06 16:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2013.04.02 17:40:28 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\ownCloud
[2013.04.02 16:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Putty
[2013.04.01 23:14:09 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
[2013.04.01 23:14:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z
[2013.04.01 22:09:02 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Documents\RadeonPro Benchmarks
[2013.04.01 22:08:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RadeonPro
[2013.04.01 21:49:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sapphire TRIXX
[2013.04.01 21:48:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.04.01 21:47:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.04.01 21:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.04.01 21:47:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013.04.01 21:47:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013.04.01 21:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.04.01 21:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.04.01 21:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013.04.01 18:23:10 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Desktop\pbsetup
[2013.04.01 17:35:40 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\FileZilla
[2013.04.01 17:35:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2013.04.01 17:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2013.04.01 16:30:51 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\FFsplit
[2013.04.01 16:25:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.04.01 16:24:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FFsplit
[2013.04.01 16:24:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FFsplit
[2013.03.31 20:58:48 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\ESN Sonar
[2013.03.30 22:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGEIA
[2013.03.30 22:22:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.03.30 22:22:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2013.03.30 22:22:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.03.30 14:49:58 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.03.30 14:46:02 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\.minecraft
[2013.03.30 01:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
[2013.03.29 22:40:25 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Documents\Darkspore
[2013.03.29 22:40:24 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\DarksporeData
[2013.03.29 22:31:02 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ToshibaEdit
[2013.03.29 22:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToshibaEdit
[2013.03.29 22:31:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ToshibaEdit
[2013.03.29 22:00:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2013.03.29 13:21:03 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Documents\Streaming Video Recorder
[2013.03.29 13:17:58 | 000,031,968 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys
[2013.03.29 13:17:48 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Apowersoft
[2013.03.28 16:36:24 | 000,000,000 | --SD | C] -- D:\Users\Adler-Wolf\Documents\Meine Shapes
[2013.03.28 16:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.03.28 16:33:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013.03.28 16:33:37 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.03.28 16:33:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013.03.28 16:33:01 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\Microsoft Help
[2013.03.28 16:33:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013.03.28 16:33:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.03.28 16:32:51 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.03.28 16:11:51 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\VMware
[2013.03.28 16:11:48 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\VMware
[2013.03.28 16:11:38 | 000,070,296 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vsock.sys
[2013.03.28 16:11:38 | 000,067,224 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vsocklib.dll
[2013.03.28 16:11:38 | 000,063,128 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vsocklib.dll
[2013.03.28 16:11:37 | 000,067,664 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2013.03.28 16:11:37 | 000,033,360 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\VMkbd.sys
[2013.03.28 16:11:13 | 000,357,456 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2013.03.28 16:11:10 | 000,436,304 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2013.03.28 16:11:10 | 000,030,800 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2013.03.28 16:11:08 | 000,933,968 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2013.03.28 16:11:06 | 000,052,376 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2013.03.28 16:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2013.03.28 16:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2013.03.28 16:10:59 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2013.03.28 16:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2013.03.28 16:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2013.03.27 18:41:56 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\e-academy Inc
[2013.03.27 18:41:56 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\e-academy Inc
[2013.03.27 18:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Juniper Networks
[2013.03.27 18:34:59 | 000,588,144 | ---- | C] (Juniper Networks) -- C:\Windows\SysNative\dsNcSmartCardProv.dll
[2013.03.27 18:34:59 | 000,419,696 | ---- | C] (Juniper Networks) -- C:\Windows\SysNative\dsNcCredProv.dll
[2013.03.27 18:34:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Juniper Networks
[2013.03.27 18:34:27 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Juniper Networks
[2013.03.26 19:58:29 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Desktop\Neuer Ordner
[2013.03.25 23:17:26 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Malwarebytes
[2013.03.25 23:17:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.25 23:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirusTotalUploader2
[2013.03.25 23:07:19 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.0
[2013.03.25 23:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013.03.25 23:04:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013.03.25 22:48:57 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2013.03.25 22:42:40 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.03.25 22:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.03.25 22:42:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.03.25 22:26:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2013.03.25 22:17:53 | 000,000,000 | R--D | C] -- C:\Sandbox
[2013.03.25 22:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2013.03.25 22:15:47 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2013.03.25 21:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software2000
[2013.03.25 20:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nGlide
[2013.03.25 20:54:03 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bleifuss Fun
[2013.03.25 20:47:24 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\WinRAR
[2013.03.25 20:26:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2013.03.25 18:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inno Setup 5
[2013.03.25 18:27:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Inno Setup 5
[2013.03.24 04:59:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013.03.24 04:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Altitude
[2013.03.24 04:48:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Altitude
[2013.03.24 04:40:50 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Armagetron
[2013.03.24 04:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament G.O.T.Y. Edition
[2013.03.24 04:34:14 | 000,000,000 | ---D | C] -- C:\UnrealTournament
[2013.03.24 04:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Armagetron Advanced
[2013.03.24 04:29:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Armagetron Advanced
[2013.03.24 04:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Armagetron
[2013.03.24 04:11:14 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Desktop\snes
[2013.03.24 03:50:10 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Documents\Stronghold Crusader
[2013.03.24 03:38:48 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super Castle Attack
[2013.03.24 03:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Castle Attack
[2013.03.24 03:38:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Super Castle Attack
[2013.03.24 02:17:23 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Documents\Stronghold
[2013.03.24 02:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GOG.com
[2013.03.24 02:15:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2013.03.24 01:10:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2013.03.24 01:10:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft III
[2013.03.24 01:10:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013.03.24 00:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2013.03.23 23:58:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013.03.23 22:53:42 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Petroglyph
[2013.03.23 22:52:54 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2013.03.23 22:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
[2013.03.23 20:00:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2013.03.23 20:00:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2013.03.23 20:00:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2013.03.23 19:25:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
[2013.03.23 19:25:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\avmwlanstick
[2013.03.23 19:24:18 | 000,714,368 | ---- | C] (AVM GmbH) -- C:\Windows\SysNative\drivers\fwlanusbn.sys
[2013.03.23 19:24:18 | 000,099,328 | ---- | C] (AVM Berlin) -- C:\Windows\SysNative\fwusbnci.dll
[2013.03.23 19:24:18 | 000,014,120 | ---- | C] (AVM Berlin) -- C:\Windows\SysNative\drivers\avmeject.sys
[2013.03.23 19:22:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVM_update
[2013.03.23 19:19:07 | 000,000,000 | ---D | C] -- C:\Windows\AVM_Driver
[2013.03.23 19:18:59 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AVM_Driver
[2013.03.23 17:05:04 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Documents\2013
[2013.03.22 20:22:46 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Documents\SavedGames
[2013.03.22 20:22:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2013.03.21 22:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NSIS
[2013.03.21 22:38:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WVS
[2013.03.21 22:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2013.03.20 22:39:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek Armada II
[2013.03.20 22:31:54 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\Adobe
[2013.03.20 21:54:32 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.03.20 21:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek - Armada
[2013.03.20 21:36:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2013.03.20 21:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe
[2013.03.20 21:25:31 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\Cyberlink
[2013.03.20 21:25:03 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2013.03.20 21:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2013.03.20 21:24:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2013.03.20 21:21:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2013.03.20 21:13:22 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\MediaServer
[2013.03.20 21:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PDVD
[2013.03.20 21:13:17 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Roaming\CyberLink
[2013.03.20 21:10:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013.03.20 21:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2013.03.20 21:08:29 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\Documents\Alcohol 52%
[2013.03.20 21:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 52%
[2013.03.20 21:06:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2013.03.20 21:04:57 | 000,564,824 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2013.03.20 20:50:49 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013.03.20 00:10:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.03.20 00:10:33 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013.03.20 00:10:33 | 000,070,144 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_9.012.dll
[2013.03.20 00:10:32 | 000,550,912 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013.03.20 00:10:32 | 000,240,640 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013.03.20 00:10:32 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013.03.20 00:09:49 | 000,000,000 | ---D | C] -- C:\AMD
[2013.03.19 23:44:37 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\PunkBuster
[2013.03.19 23:36:52 | 000,000,000 | ---D | C] -- D:\Users\Adler-Wolf\AppData\Local\ESN
[2013.03.19 23:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2013.03.19 23:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
========== Files - Modified Within 30 Days ==========
[2013.04.18 19:27:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.18 19:22:18 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.18 19:22:18 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.18 19:21:10 | 001,620,762 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.18 19:21:10 | 000,699,342 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.18 19:21:10 | 000,654,660 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.18 19:21:10 | 000,149,164 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.18 19:21:10 | 000,122,118 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.18 19:18:02 | 000,001,068 | ---- | M] () -- D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.04.18 19:15:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.18 19:14:30 | 000,061,904 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000004-00000000-00000000-00001102-00000005-002C1102}.rfx
[2013.04.18 19:14:30 | 000,061,904 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000004-00000000-00000000-00001102-00000005-002C1102}.rfx
[2013.04.18 19:14:30 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000004-00000000-00000000-00001102-00000005-002C1102}.rfx
[2013.04.18 19:13:47 | 000,000,020 | ---- | M] () -- D:\Users\Adler-Wolf\defogger_reenable
[2013.04.17 14:05:41 | 000,001,700 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013.04.15 15:40:15 | 000,000,600 | ---- | M] () -- D:\Users\Adler-Wolf\AppData\Local\PUTTY.RND
[2013.04.14 20:12:16 | 000,001,495 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.exe.lnk
[2013.04.14 16:35:27 | 000,000,292 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\minecraft-server.conf
[2013.04.14 16:06:39 | 000,003,727 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\ts3server_startscript.sh
[2013.04.14 15:30:41 | 000,009,939 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\minecraft.sh
[2013.04.13 22:54:55 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.04.13 22:54:55 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.04.13 22:41:53 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.04.13 19:54:21 | 000,004,273 | ---- | M] () -- C:\test.spr
[2013.04.13 02:52:30 | 000,007,669 | ---- | M] () -- D:\Users\Adler-Wolf\AppData\Local\Resmon.ResmonCfg
[2013.04.11 22:22:55 | 000,049,459 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.04.11 19:23:07 | 000,006,064 | ---- | M] () -- D:\Users\Adler-Wolf\Documents\ax_files.xml
[2013.04.11 13:44:01 | 000,002,166 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\install.sh
[2013.04.11 13:27:18 | 000,444,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.10 19:10:28 | 000,021,840 | ---- | M] () -- C:\Windows\SysWow64\SIntfNT.dll
[2013.04.10 19:10:28 | 000,017,212 | ---- | M] () -- C:\Windows\SysWow64\SIntf32.dll
[2013.04.10 19:10:28 | 000,012,067 | ---- | M] () -- C:\Windows\SysWow64\SIntf16.dll
[2013.04.09 21:56:13 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.04.08 14:27:43 | 000,524,288 | -HS- | M] () -- C:\Windows\SysWow64\18{efbe9223-a044-11e2-aba2-005056c00008}.TMContainer00000000000000000002.regtrans-ms
[2013.04.08 14:27:43 | 000,524,288 | -HS- | M] () -- C:\Windows\SysWow64\18{efbe9223-a044-11e2-aba2-005056c00008}.TMContainer00000000000000000001.regtrans-ms
[2013.04.08 14:27:43 | 000,065,536 | -HS- | M] () -- C:\Windows\SysWow64\18{efbe9223-a044-11e2-aba2-005056c00008}.TM.blf
[2013.04.08 14:27:32 | 000,262,144 | ---- | M] () -- C:\Windows\SysWow64\18
[2013.04.08 14:07:19 | 000,062,808 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2013.04.08 14:07:00 | 000,098,760 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\TS4nt.sys
[2013.04.08 14:07:00 | 000,077,656 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gddcd64.sys
[2013.04.08 14:07:00 | 000,058,712 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gddcv64.sys
[2013.04.08 14:07:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_gddcd64_01007.Wdf
[2013.04.08 14:06:59 | 000,064,856 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2013.04.08 14:06:58 | 000,064,856 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2013.04.08 14:06:56 | 000,133,976 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2013.04.08 14:06:56 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2013.04.08 14:05:01 | 000,235,230 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\Unbenannt.PNG
[2013.04.08 13:57:55 | 001,034,977 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2013.04.08 13:57:55 | 000,053,768 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2013.04.07 21:38:04 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settingsbkup.sfm
[2013.04.07 21:38:04 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settings.sfm
[2013.04.07 15:25:43 | 000,000,966 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\MSI Afterburner.lnk
[2013.04.07 00:38:45 | 000,005,480 | ---- | M] () -- C:\undo.hex
[2013.04.02 00:11:48 | 000,131,072 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\Cypress.bin
[2013.03.31 17:36:17 | 000,447,752 | ---- | M] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2013.03.30 01:38:25 | 000,049,459 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\hosts
[2013.03.29 22:31:02 | 000,001,819 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\ToshibaEdit.lnk
[2013.03.28 17:15:46 | 003,513,078 | ---- | M] () -- D:\Users\Adler-Wolf\Documents\16-14. Nik Page - Your Bad Temptation (2).mp3
[2013.03.28 17:14:08 | 000,138,380 | ---- | M] () -- D:\Users\Adler-Wolf\Documents\16-14. Nik Page - Your Bad Temptation.mp3
[2013.03.28 16:11:04 | 001,640,718 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.27 18:41:56 | 000,003,179 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\Secure Download Manager.lnk
[2013.03.26 20:09:03 | 000,000,063 | ---- | M] () -- D:\Users\Adler-Wolf\Documents\listen.pls
[2013.03.25 23:07:19 | 000,001,919 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\VirusTotal Uploader 2.0.lnk
[2013.03.25 22:15:47 | 000,000,914 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\Sandboxed Web Browser.lnk
[2013.03.25 20:54:10 | 000,048,537 | ---- | M] () -- C:\Windows\SysWow64\nglide_uninst.exe
[2013.03.25 20:54:03 | 000,000,746 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\Bleifuss Fun.lnk
[2013.03.25 20:27:13 | 000,001,903 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\JDownloader.lnk
[2013.03.25 17:54:48 | 000,000,583 | ---- | M] () -- C:\Windows\vampire.INI
[2013.03.23 22:52:54 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2013.03.23 18:22:44 | 006,220,854 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\Neue Bitmap.bmp
[2013.03.22 22:40:11 | 000,000,000 | ---- | M] () -- D:\Users\Adler-Wolf\Desktop\Neues Textdokument.xml
[2013.03.20 22:39:57 | 000,000,935 | ---- | M] () -- C:\Windows\STA2.ini
[2013.03.20 21:04:57 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
========== Files Created - No Company Name ==========
[2013.04.18 19:18:02 | 000,001,068 | ---- | C] () -- D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.04.18 19:13:47 | 000,000,020 | ---- | C] () -- D:\Users\Adler-Wolf\defogger_reenable
[2013.04.14 20:12:16 | 000,001,495 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.exe.lnk
[2013.04.14 16:34:42 | 000,000,292 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\minecraft-server.conf
[2013.04.14 16:06:38 | 000,003,727 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\ts3server_startscript.sh
[2013.04.14 15:30:41 | 000,009,939 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\minecraft.sh
[2013.04.11 19:24:09 | 000,001,694 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013.04.11 13:33:49 | 000,002,166 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\install.sh
[2013.04.10 19:10:28 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2013.04.10 19:10:28 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2013.04.10 19:10:28 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2013.04.08 14:27:32 | 000,524,288 | -HS- | C] () -- C:\Windows\SysWow64\18{efbe9223-a044-11e2-aba2-005056c00008}.TMContainer00000000000000000002.regtrans-ms
[2013.04.08 14:27:32 | 000,524,288 | -HS- | C] () -- C:\Windows\SysWow64\18{efbe9223-a044-11e2-aba2-005056c00008}.TMContainer00000000000000000001.regtrans-ms
[2013.04.08 14:27:32 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\18
[2013.04.08 14:27:32 | 000,065,536 | -HS- | C] () -- C:\Windows\SysWow64\18{efbe9223-a044-11e2-aba2-005056c00008}.TM.blf
[2013.04.08 14:07:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_gddcd64_01007.Wdf
[2013.04.08 14:05:01 | 000,235,230 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\Unbenannt.PNG
[2013.04.07 15:25:43 | 000,000,966 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\MSI Afterburner.lnk
[2013.04.07 00:37:52 | 000,005,480 | ---- | C] () -- C:\undo.hex
[2013.04.02 17:15:23 | 000,000,600 | ---- | C] () -- D:\Users\Adler-Wolf\AppData\Local\PUTTY.RND
[2013.04.02 00:11:48 | 000,131,072 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\Cypress.bin
[2013.03.30 01:37:58 | 000,049,459 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\hosts
[2013.03.29 22:31:02 | 000,001,819 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\ToshibaEdit.lnk
[2013.03.28 17:14:18 | 003,513,078 | ---- | C] () -- D:\Users\Adler-Wolf\Documents\16-14. Nik Page - Your Bad Temptation (2).mp3
[2013.03.28 17:14:05 | 000,138,380 | ---- | C] () -- D:\Users\Adler-Wolf\Documents\16-14. Nik Page - Your Bad Temptation.mp3
[2013.03.27 18:41:56 | 000,003,179 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\Secure Download Manager.lnk
[2013.03.26 20:09:03 | 000,000,063 | ---- | C] () -- D:\Users\Adler-Wolf\Documents\listen.pls
[2013.03.25 23:07:19 | 000,001,919 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\VirusTotal Uploader 2.0.lnk
[2013.03.25 22:15:55 | 000,000,914 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\Sandboxed Web Browser.lnk
[2013.03.25 22:15:53 | 000,001,700 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013.03.25 21:30:13 | 000,004,273 | ---- | C] () -- C:\test.spr
[2013.03.25 20:54:10 | 000,048,537 | ---- | C] () -- C:\Windows\SysWow64\nglide_uninst.exe
[2013.03.25 20:54:03 | 000,000,746 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\Bleifuss Fun.lnk
[2013.03.25 20:27:13 | 000,001,903 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\JDownloader.lnk
[2013.03.25 20:27:12 | 000,001,867 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.03.25 20:27:12 | 000,001,819 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2013.03.25 20:27:12 | 000,001,802 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.03.25 17:54:48 | 000,000,583 | ---- | C] () -- C:\Windows\vampire.INI
[2013.03.23 20:00:07 | 000,001,346 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2013.03.23 19:24:18 | 000,015,565 | ---- | C] () -- C:\Windows\SysNative\drivers\fwlanusbn.bin
[2013.03.23 18:22:37 | 006,220,854 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\Neue Bitmap.bmp
[2013.03.22 22:40:11 | 000,000,000 | ---- | C] () -- D:\Users\Adler-Wolf\Desktop\Neues Textdokument.xml
[2013.03.21 22:50:50 | 000,000,861 | ---- | C] () -- D:\Users\Adler-Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NSIS.lnk
[2013.03.20 22:31:39 | 000,000,935 | ---- | C] () -- C:\Windows\STA2.ini
[2013.03.20 00:10:33 | 003,093,792 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013.03.20 00:10:33 | 003,061,872 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013.03.20 00:10:33 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013.03.20 00:10:33 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013.03.20 00:10:33 | 000,076,660 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
[2013.03.20 00:10:32 | 000,662,786 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013.03.20 00:10:32 | 000,327,960 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013.03.20 00:10:32 | 000,327,960 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013.03.20 00:10:32 | 000,042,719 | ---- | C] () -- C:\Windows\atiogl.xml
[2013.03.19 23:44:41 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.03.19 21:57:37 | 000,001,080 | ---- | C] () -- C:\Windows\SysNative\settingsbkup.sfm
[2013.03.19 21:57:37 | 000,001,080 | ---- | C] () -- C:\Windows\SysNative\settings.sfm
[2013.03.19 17:37:05 | 001,640,718 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.19 16:02:22 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.19 16:02:06 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.19 01:11:14 | 000,007,669 | ---- | C] () -- D:\Users\Adler-Wolf\AppData\Local\Resmon.ResmonCfg
[2013.03.19 00:22:16 | 001,034,977 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2013.03.19 00:00:28 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2013.03.19 00:00:28 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2013.03.18 23:56:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.03.18 17:10:43 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2013.03.18 17:10:42 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2013.03.18 17:10:42 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[2013.03.18 17:10:42 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2013.03.18 17:10:39 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2013.03.18 17:10:39 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2013.03.18 17:10:39 | 000,028,649 | ---- | C] () -- C:\Windows\SysWow64\tweaks.ini
[2013.03.18 17:10:39 | 000,028,263 | ---- | C] () -- C:\Windows\SysWow64\speaker.ini
[2013.03.18 17:10:39 | 000,024,160 | ---- | C] () -- C:\Windows\SysWow64\dolby.ini
[2013.03.18 17:10:39 | 000,023,366 | ---- | C] () -- C:\Windows\SysWow64\dts.ini
[2013.03.18 17:10:39 | 000,022,509 | ---- | C] () -- C:\Windows\SysWow64\EntertainmentMode.ini
[2013.03.18 17:10:39 | 000,022,509 | ---- | C] () -- C:\Windows\SysWow64\AudioCreationMode.ini
[2013.03.18 17:10:39 | 000,022,491 | ---- | C] () -- C:\Windows\SysWow64\GameMode.ini
[2013.03.18 17:10:39 | 000,021,599 | ---- | C] () -- C:\Windows\SysWow64\decoder.ini
[2013.03.18 17:10:39 | 000,021,465 | ---- | C] () -- C:\Windows\SysWow64\encoder.ini
[2013.03.18 17:10:39 | 000,021,208 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2013.03.18 17:10:39 | 000,019,430 | ---- | C] () -- C:\Windows\SysWow64\mids.ini
[2013.03.18 17:10:39 | 000,013,276 | ---- | C] () -- C:\Windows\SysWow64\subwoofer.ini
[2013.03.18 17:10:39 | 000,011,807 | ---- | C] () -- C:\Windows\SysWow64\treble.ini
[2013.03.18 17:10:39 | 000,011,508 | ---- | C] () -- C:\Windows\SysWow64\bass.ini
[2013.03.18 17:10:39 | 000,005,776 | ---- | C] () -- C:\Windows\SysWow64\headphone.ini
[2013.03.18 17:10:39 | 000,003,769 | ---- | C] () -- C:\Windows\SysWow64\eq.ini
[2013.03.18 17:10:39 | 000,001,591 | ---- | C] () -- C:\Windows\SysWow64\microphone.ini
[2013.03.18 17:10:39 | 000,001,203 | ---- | C] () -- C:\Windows\SysWow64\7.1surroundsound.ini
[2013.03.18 17:10:39 | 000,001,203 | ---- | C] () -- C:\Windows\SysWow64\5.1surroundsound.ini
[2013.03.18 17:10:39 | 000,001,203 | ---- | C] () -- C:\Windows\SysWow64\4.1surroundsound.ini
[2013.03.18 17:10:39 | 000,001,203 | ---- | C] () -- C:\Windows\SysWow64\2.1surroundsound.ini
[2013.03.18 17:10:39 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2013.03.18 17:10:39 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2013.03.14 22:22:42 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.03.14 22:22:42 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.09.28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.08.07 14:51:00 | 001,286,144 | ---- | C] () -- C:\Windows\SysWow64\glide3x.dll
[2011.07.25 22:18:42 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\nglide_config.exe
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.04.15 15:39:56 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\.minecraft
[2013.04.15 21:10:03 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\AIMP3
[2013.03.29 13:17:48 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Apowersoft
[2013.03.24 04:41:49 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Armagetron
[2013.04.11 19:24:12 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Canneverbe Limited
[2013.03.29 22:59:21 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\DarksporeData
[2013.04.18 19:18:12 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Dropbox
[2013.03.27 18:41:56 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\e-academy Inc
[2013.04.14 16:53:10 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\FileZilla
[2013.04.11 18:54:48 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Free Download Manager
[2013.04.08 14:14:31 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\G Data
[2013.04.11 22:16:29 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Juniper Networks
[2013.03.18 17:12:51 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Leadertech
[2013.04.15 19:19:09 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\LolClient
[2013.03.25 22:53:02 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2013.03.19 01:20:56 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\minmaxgames
[2013.04.13 02:01:03 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Notepad++
[2013.03.19 15:58:28 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Origin
[2013.03.23 22:53:42 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Petroglyph
[2013.03.19 00:08:28 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Razer
[2013.04.15 20:36:25 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\Spotify
[2013.04.15 15:40:26 | 000,000,000 | ---D | M] -- D:\Users\Adler-Wolf\AppData\Roaming\TS3Client
========== Purity Check ==========
< End of report >
|
