PlayNowRadio Trojaner
Hallöchen Zusammen,
Ich Bin der David und habe seit 2 Tagen den Trojaner "PlayNowRadio".
Da ich im Internet nach kurzer Recherche Fündig wurde wollt ich das Problem mit euch lösen.
David ;)OTL Logfile: Code:
OTL Extras logfile created on: 05.03.2014 17:27:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\****\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,94 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 75,61% Memory free
9,19 Gb Paging File | 3,65 Gb Available in Paging File | 39,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920,75 Gb Total Space | 741,43 Gb Free Space | 80,52% Space Free | Partition Type: NTFS
Drive D: | 921,11 Gb Total Space | 920,91 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Computer Name: **** | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3B436AF8-09D9-4321-8C9F-250900DFDA63}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{44449D2F-50F3-4E71-A706-B0455DFD9A37}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{60F7755A-2B32-4D2B-BEBA-0E9C338F1A90}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{898AF077-8132-4847-9F4A-F8F3BB95A365}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8A083FA5-A463-47C8-8AFD-29EF90C1F4A3}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9768D904-FFF1-489D-8955-13958E2ABAD5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9CA3F080-3475-42C2-90D1-891A2F7DDE76}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9E7A43BA-1254-43CA-A188-EEF28231622E}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A4BE7D12-9236-49CF-B9FB-E4A450897708}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A72EB7C6-BCE6-4EBF-9E0C-B5A7DEA744BF}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{B2FFEED2-DF14-4247-BA08-BCE1121CAA1A}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C7681355-BAD1-4566-859D-A704EF256FAB}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{CD7C6932-AC5C-4ACF-AC28-A05CAF35FB5B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{CD852549-75F0-4A35-9A7B-3C08B582430F}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{DA511C15-2362-4A54-9A06-01CD085EF484}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{EF84766F-6FF8-4A90-A734-E29B4AFEFA86}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F083ACC5-3FA6-4A6F-B7DC-F20C0C744200}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{FBF08335-3557-44DB-9303-8175FE53E6D1}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{010E31BF-75FC-4D50-8259-A35380A0C37A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{022678B8-99B3-4A12-976A-D4C087CB4FBA}" = dir=out | name=juniper networks junos pulse |
"{05D4B7C3-02F4-4E32-944A-E9C72CEC2B0F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{0711DE2D-8EB6-4B18-B74E-C160B3AA43E1}" = dir=in | name=pinball fx2 |
"{07D1AA62-1AD1-46E2-989E-A41D08BAB5AF}" = dir=out | name=@{microsoft.bingnews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{08A81185-3308-4AC4-A22F-11421A66AF1B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0E18D401-D516-4930-B6EB-A0690AFB0B78}" = dir=in | name=microsoft solitaire collection |
"{103AECDD-141F-4DC5-B59C-70EF28039010}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{10880D15-4F1A-4AB8-8A07-C6D2014F4947}" = dir=out | name=microsoft solitaire collection |
"{16183EDB-52DD-4C51-8FA8-F5145786D5A2}" = dir=out | name=@{microsoft.bingweather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{16A3AF3E-A59D-4043-9115-12F08245AA81}" = dir=out | name=- games app - |
"{19A441D6-8A52-4BE1-9B72-A930E0983488}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{1C99B516-E719-45A5-9D50-9DA0F6203E45}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{25D6739A-9841-41B2-A57B-3477511D8093}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{25E7DCF7-0200-4FC1-B7CD-5690A4AF8212}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{26FFFEC3-DADA-41EF-BCAC-01045A9EC01F}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 beta\bf4.exe |
"{27775CE5-DA40-4519-92FD-857E2B6DAE92}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{27E758A6-3B53-4FFE-9D92-4BCC8BC18AF4}" = protocol=6 | dir=in | app=c:\users\kuptz\desktop\steam.exe |
"{28437404-8200-44DF-B5E2-98F9463B1547}" = dir=in | name=@{microsoft.skypeapp_1.1.0.25_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{2B4C84AE-7B22-4DC9-944F-34F577FFD937}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{2BAF9CBF-5C28-4D7D-BB28-59555C7567B3}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{2CE92915-EC52-4C81-981B-2EB7FCC8FD36}" = dir=out | name=@{microsoft.zunemusic_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{2FDA4A8F-B73C-4483-ABE1-638B3A10C9B8}" = protocol=17 | dir=in | app=c:\program files (x86)\efusion\blackshot\system\blackshot.exe |
"{311A5101-8BE2-42F6-B4B9-655D11B674D3}" = dir=in | name=skype |
"{3408710C-5BD9-44DF-8C0E-627041DAE97A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{34DF258B-50B6-4DBF-A81A-C9ED02EC2177}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{35D9AE7B-A4C2-4071-91F4-5D73AE7BACA6}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{385D3CF3-F2D6-4628-9046-4E519EABEA22}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{3A356094-8445-428A-B710-F4F0A4DEC437}" = dir=out | name=7digital music store |
"{3B43FB62-7112-49A9-A529-CA9DBAEF5D54}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{40A77F9D-295A-4095-A401-C609BDD723DD}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{40A8AF77-EECE-4CF3-AF74-D094914A70F5}" = dir=out | name=newsxpresso |
"{40D86F22-DAD1-40A7-913C-07E282CC576D}" = dir=out | name=sonicwall mobile connect |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4763D956-42A4-47BF-BA0A-987742784E3C}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{491807C1-1600-4CEA-B20C-4D5E7F6B91D4}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{4942DC1E-AFC3-4CAE-B2E9-93CE25A4B911}" = dir=in | name=microsoft mahjong |
"{4983164E-AB4B-4520-A358-566EE28AA592}" = dir=out | name=skitch touch |
"{4A6E88D4-BBDC-4595-B11E-D4AD88BC8FE1}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{4E98ACA5-0877-4AFD-B1EF-6D1B24D2BD66}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{4FCDE5CD-0053-4E08-AD6D-51B4271CE454}" = dir=out | name=windows_ie_ac_001 |
"{506C396E-18DD-46F3-ADC7-E4E78295B558}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{512D6D45-3BA3-4E4D-BC98-CAC3A08CAC97}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{51D2F7F2-3174-4D9F-9BD0-324D90E3D93A}" = dir=out | name=microsoft minesweeper |
"{51F84FA9-D90E-4A88-8F2B-00606E20D840}" = dir=out | name=acer explorer |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{556E581C-4A28-4E6A-A099-E6A2A5DC81F7}" = dir=in | name=f5 vpn |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{577F7482-A3C4-4B94-B464-BA3BE1378E02}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{5941AEC4-C836-4C7F-863A-5BA8DA6D7352}" = dir=in | name=newsxpresso |
"{5A3A19A5-33DC-4C24-9672-DFBCD2578C8B}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{5B0779AD-F69C-48F8-88A7-88490DB73A59}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{5C3F3BA9-3A90-4839-A719-4A991A1714B0}" = dir=out | name=windows_ie_ac_001 |
"{5E286410-A0C1-44CA-94F6-98A3B33D57E5}" = dir=out | name=f5 vpn |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5FD57ECE-CD70-4A6C-BC08-6B9006A902FC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{63488828-158A-49C8-9CC8-CFB20EF7AC99}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{644F85C9-C964-4A5B-8065-65CF20140275}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{6723D51C-363E-48FF-8A36-73A69847F6A9}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\videoplayer.exe |
"{6786ED66-1066-46F5-AEC3-68FCA413A978}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{68DFB7AC-690D-43F9-8F44-69700F99AF7C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6A37332F-7EE1-4C38-B4D3-CF3921BEB2D8}" = dir=out | name=microsoft mahjong |
"{6B09B20C-EC53-4C63-83B4-EE6B988B4E57}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{6B596BAE-37E4-4552-9175-2EA1F3FD9ADE}" = dir=in | name=sonicwall mobile connect |
"{6B989FF6-4FC2-4ED5-8A0D-6D21EF181C6D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{6BAECAEE-37E2-4BF5-A84F-E4390E2E6C0B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6BDECD71-B7A2-4E7E-ABF7-87F5E1781105}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{6DFFBC71-EBC4-4848-8BF3-D4E665506BFB}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{6EE0991E-EA54-4760-8EE0-856B7D532F22}" = dir=out | name=ebay |
"{70772A3D-3185-434C-9290-6EF10E8FEB7B}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{712C1186-7F9D-468F-8D77-B46A6792AFC2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{71D6004B-1046-4DCA-B4F6-7BDF97786BF9}" = dir=out | name=hp printer control |
"{7363FC45-A3D9-4BDE-820F-D46435996D77}" = dir=out | name=check point vpn |
"{73BC90D6-C9BF-4BFE-965C-6814748687A3}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{74E572A9-969B-4035-BF95-D031B68102C0}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{7653CD97-280F-4866-A8D6-729E20B82887}" = dir=out | name=@{microsoft.bingtravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{7E72BD82-F4F6-4028-A0EB-CAA4749A5A82}" = protocol=6 | dir=in | app=c:\users\kuptz\appdata\roaming\bittorrent\bittorrent.exe |
"{8071CF9B-6CF8-440C-A16B-DCDFDBF93BF8}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{82EAEAC4-F9A6-4C58-A8D3-8EB60898BDB8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{846D6B94-127A-4B42-8C1E-EC84B46F18D5}" = protocol=17 | dir=in | app=c:\users\kuptz\desktop\steam.exe |
"{84F9655A-78AD-4522-A545-ED94459DCC37}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{85FFA4EF-E1D9-42E1-89E9-F3054FFD3507}" = dir=in | name=taptiles |
"{866513B8-8B5C-4D68-9407-B435C2FD3177}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{8703F440-6D4D-4814-BC64-590CFC19DC4F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{88170C96-D5D4-46EB-BCFA-5BC04CD26A56}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{8817254B-961E-40C3-B3BD-EA34978E983C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{8DED4F2D-2290-4621-8207-CB30026B9D66}" = dir=out | name=skype |
"{8E0865AF-7F21-499F-8E14-E2C5C22B2702}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{90132D16-617F-44E1-9867-ED0D092C4334}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{907B38D9-73B8-4435-B1B7-653DE1EC127D}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\musicplayer.exe |
"{91BFD70F-8F60-4458-ABDF-A4B4260D0C7F}" = dir=out | name=windows_ie_ac_001 |
"{92A622EC-C315-4D4A-ACC4-25E8B0C86A20}" = dir=in | app=%programfiles% (x86)\techsmith\camtasia studio 8\camtasiastudio.exe |
"{94267F0E-DDA3-4337-9FA8-8DBFE6A9A9D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{94A94064-C0CB-4C36-A31A-35253A95D0F8}" = dir=out | name=pinball fx2 |
"{95CF8EB3-7AB5-4DF9-AD55-61004AFAE4BA}" = protocol=17 | dir=in | app=c:\users\kuptz\appdata\roaming\bittorrent\bittorrent.exe |
"{96FF64E8-53B6-4454-8659-6AE44C298EC5}" = dir=out | name=@{microsoft.bingsports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{97539EC4-69BE-49A1-B85D-785BFA8CDBF2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{97B6DBA7-B23F-435C-BE4C-8DD2AD3A9F69}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9A06A352-DC95-49A6-A6F7-AB1D6C701A79}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\movie\playmovie.exe |
"{9BCCBCF2-EE0B-4AA4-974E-CBE97D9632BF}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{9C399663-96DB-44CB-B299-D34D5C44D575}" = dir=out | name=@{microsoft.skypeapp_1.1.0.25_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{9CE6AA19-77BB-43BD-BD46-F7F813F96CC5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9D642F2D-E852-48D0-A4A0-EBB8F48C5844}" = dir=in | name=acer explorer |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9F86E508-4928-4222-BC0E-FED77A7A81EA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A077682B-435C-4DBD-AA54-4F19A0110F25}" = dir=out | name=tunein radio |
"{A3098F14-87F8-4D1B-8EBE-F64FED3F78DF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{A3F21A37-9524-41AD-93AE-5AB2325D232B}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{A3F3DEF4-D3AF-418E-BA8E-9E6D33390FD1}" = protocol=6 | dir=in | app=c:\program files (x86)\efusion\blackshot\system\blackshot.exe |
"{A5619B71-5816-4C2C-ABC3-6233E6E18CA1}" = dir=out | name=cut the rope |
"{A96A5070-5E53-4695-96D9-F6248AF86B6F}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{A9C42D23-5B18-4CD6-86C1-05F0469ACF9C}" = dir=out | name=@{microsoft.bingfinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{B09E1F8C-D66E-44F8-8593-779A3B49D689}" = dir=out | name=the treasures of montezuma 3 |
"{B2D9CA6B-D818-4255-BA28-FE791CB202B0}" = dir=in | name=microsoft minesweeper |
"{B36D98D9-EAB5-4F1F-89EC-A2027DE6B5EA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{B454B59A-75AF-4FFC-B221-0E003761AA82}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B94ABC98-ED27-4B24-9CA7-4B8FEF41B0BD}" = dir=out | name=taptiles |
"{BACAB970-8F66-4484-90AB-4E6A1A4B7176}" = dir=out | name=google search |
"{BDA982BB-3072-48E7-A8F2-EE0EF19F0337}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{C1C53BFC-0DD2-4EEA-82CB-84160A1403A8}" = dir=out | name=windows_ie_ac_001 |
"{C44B0AF6-BFAB-4D4B-8CCD-340CB6149ED9}" = dir=out | name=weatherbug |
"{C7E9139E-2F2E-42A5-996C-ABB9F13E1C36}" = dir=in | name=hp printer control |
"{CBE876E9-6461-4B0E-A917-92ADB2F3260D}" = dir=in | name=check point vpn |
"{CC2F6FC5-20D4-4D6E-8C56-54FD2488C1B5}" = dir=out | name=@{microsoft.zunevideo_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{CCCAB6D0-4325-4BA7-80A5-CB4E047CCE89}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 beta\bf4.exe |
"{D331AF65-D68D-4470-8ACF-F7C84D0620E0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{D36B66A8-CB97-4B53-9845-45F0FEFF2749}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{D5D4BB07-E912-4BCB-B0A3-4845154BD6E6}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D5FB45DC-3565-4DAB-8363-1D52F335E507}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D713B330-3027-49D7-8580-EB0730285AA0}" = dir=out | name=shark dash |
"{D7E202E1-38E0-4FEA-9FFC-4C48D6DB96FB}" = dir=out | name=evernote touch |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DCFA797B-183A-4184-9AE1-EC120668FC7A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E2D8FECA-ACA2-42E8-B3F2-96EAF90CDF89}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E305A168-9D76-4748-B0FA-91530A280532}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E34FB6C0-5257-4FA6-A3AA-DFC7AC53816F}" = dir=out | name=txtr ebooks |
"{E77C15E1-9926-4760-838C-670C43C72290}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E9A33BEE-2D75-4A8E-B98B-943E9DCCA7EA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE5E4002-E599-4C18-810C-F32E0A493DE5}" = dir=in | name=evernote touch |
"{EEA09C4E-FA57-4E76-A31D-91722C219AC9}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{EF10E3C2-97FF-43B1-AA0F-C376E3315480}" = dir=in | app=c:\program files\hp\hp deskjet 2510 series\bin\usbsetup.exe |
"{F3407575-B04B-429D-86F4-0028345A2C46}" = dir=out | name=adera |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6B3E84F-F956-47DB-B5F2-9C1176C559D1}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FBA2A67D-7F3F-45A2-A62E-6D26A66070DA}" = dir=in | name=juniper networks junos pulse |
"TCP Query User{195D1CF9-B262-42BB-A651-5B64508B6595}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{1D9BA1E7-E916-4C17-93A7-3B51D5D65501}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{5B7B8954-ACFD-492C-A376-EC950D4078C2}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=6 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin |
"TCP Query User{5FD6CA14-F7B7-4245-8B90-82D04413E68E}C:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe" = protocol=6 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe |
"TCP Query User{6A50F7E4-EC7E-4640-A96D-4EE785CB2829}C:\program files (x86)\torntv.com\torntv downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\torntv.com\torntv downloader.exe |
"TCP Query User{71666EA7-C5C7-48C4-A8A3-4C59EB2EFC43}C:\users\kuptz\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\kuptz\appdata\local\akamai\netsession_win.exe |
"TCP Query User{9E371A3A-3184-4105-A2D0-72F520E13371}C:\users\kuptz\downloads\bittorrent_b30621.exe" = protocol=6 | dir=in | app=c:\users\kuptz\downloads\bittorrent_b30621.exe |
"TCP Query User{ABA8E1A0-A604-46F2-B295-41BD128949CA}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{ED7C79CE-EF5B-4843-A0C4-EB04A9D62A00}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{2AB603F4-BE0B-4A80-A441-CE20B38CF7EF}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{2B144074-D860-4D34-A0D7-620C4C46FBCA}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{33D514EE-5521-420F-BADD-5F3957A6281D}C:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe" = protocol=17 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe |
"UDP Query User{4D2572D4-2697-4474-B60E-61AF09D0CBA6}C:\users\kuptz\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\kuptz\appdata\local\akamai\netsession_win.exe |
"UDP Query User{57E69720-0F84-46E9-AE2A-E613940D1A99}C:\users\kuptz\downloads\bittorrent_b30621.exe" = protocol=17 | dir=in | app=c:\users\kuptz\downloads\bittorrent_b30621.exe |
"UDP Query User{A6660784-7C18-4229-AACD-4EDFE6A31768}C:\program files (x86)\torntv.com\torntv downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\torntv.com\torntv downloader.exe |
"UDP Query User{C22F3CD1-29F1-4CCF-BAAF-219B0BC8663E}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=17 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin |
"UDP Query User{E02699E2-1A71-46FD-A196-CC31CB60D3EC}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{EC1F6BFD-6FD9-4E27-88F2-62A54E709D1E}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{288614B1-F070-4B47-A1F5-4790BD8A3176}" = HP Deskjet 2510 series - Grundlegende Software für das Gerät
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{858C1B33-C3D5-4377-B77B-1E2F338C7F66}" = Intel(R) Network Connections 17.2.153.0
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{96EFECB7-6359-4D6A-B3FE-4A3CE0B6444F}" = Studie zur Verbesserung von HP Deskjet 2510 series Produkten
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
"{F17E4000-ED91-11E2-B3BD-F04DA23A5C58}" = MSVCRT Redists
"GIMP-2_is1" = GIMP 2.8.10
"PROSetDX" = Intel(R) Network Connections 17.2.153.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.1.0
"WinRAR archiver" = WinRAR 5.00 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{07B48D2C-E60D-41E6-B546-11D128F633EC}" = HP Deskjet 2510 series Hilfe
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{1A77A1B6-74D7-46E4-B216-EBAC07C806DC}" = S4 League_EU
"{1B305614-536F-47B0-917D-140C1D2477BA}}_is1" = AnotherLife Client Version 1.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
"{1FCC073B-CC01-4443-AD20-E559F66E6E83}" = Office Addin 2003
"{216C7F38-4BBC-4E9A-8392-C9FA21B54386}" = HP Deskjet 2510 series Setup Guide
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
"{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}" = Adobe Photoshop CC
"{34D9106C-A947-47ED-B4AB-764736350769}" = Minecraft
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" = clear.fi SDK- Movie 2
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{517CC397-B22F-4593-8DCB-DE72CC541E9A}" = League of Legends
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1" = Cinema 4D version R12
"{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1" = Flyff
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}" = Nero 12 Essentials OEM.a01
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = AcerCloud Docs
"{CFAB3721-549D-4827-A4E8-7F90192114AB}" = Battlefield 4™ Beta
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" = clear.fi SDK - Video 2
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"DAEMON Tools Lite" = DAEMON Tools Lite
"ESN Sonar-0.70.4" = ESN Sonar
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.27.225
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"IObit_StartMenu8_is1" = Start Menu 8
"League of Legends 3.0.1" = League of Legends
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Thunderbird 24.0 (x86 de)" = Mozilla Thunderbird 24.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Spotify" = Spotify
"Steam" = Steam
"Steam App 730" = Counter-Strike: Global Offensive
"TeamViewer 8" = TeamViewer 8
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4274084767-3785968379-287791435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"SOE-PlanetSide 2 PSG" = PlanetSide 2
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 05.03.2014 08:32:36 | Computer Name = Dawid | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest"
in Zeile 4. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element
des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser
Windows-Version nicht unterstützt wird.
Error - 05.03.2014 08:32:54 | Computer Name = Dawid | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Cinema 4D R12\resource\modules\python\res\Python.win32.framework\Lib\distutils\command\wininst-8_d.exe".
Die
abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 05.03.2014 08:32:54 | Computer Name = Dawid | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Cinema 4D R12\resource\modules\python\res\Python.win64.framework\Lib\distutils\command\wininst-8_d.exe".
Die
abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 05.03.2014 08:32:55 | Computer Name = Dawid | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest"
in Zeile 4. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element
des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser
Windows-Version nicht unterstützt wird.
Error - 05.03.2014 08:32:55 | Computer Name = Dawid | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest"
in Zeile 4. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element
des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser
Windows-Version nicht unterstützt wird.
Error - 05.03.2014 08:32:55 | Computer Name = Dawid | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest"
in Zeile 4. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element
des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser
Windows-Version nicht unterstützt wird.
Error - 05.03.2014 08:33:32 | Computer Name = Dawid | Source = MsiInstaller | ID = 11921
Description =
Error - 05.03.2014 08:37:38 | Computer Name = Dawid | Source = MsiInstaller | ID = 11921
Description =
Error - 05.03.2014 08:50:03 | Computer Name = Dawid | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 33.0.1750.146,
Zeitstempel: 0x531287da Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.16476,
Zeitstempel: 0x52944cd2 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00020141 ID des fehlerhaften
Prozesses: 0x9c0 Startzeit der fehlerhaften Anwendung: 0x01cf386fc9b27a7d Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\combase.dll Berichtskennung: ab4f4dff-a464-11e3-bf1d-7054d2bf9f59
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 05.03.2014 10:37:00 | Computer Name = Dawid | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 33.0.1750.146,
Zeitstempel: 0x531287da Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.16476,
Zeitstempel: 0x52944cd2 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00020141 ID des fehlerhaften
Prozesses: 0xd88 Startzeit der fehlerhaften Anwendung: 0x01cf387908152eb9 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\combase.dll Berichtskennung: 9c173222-a473-11e3-bf1d-7054d2bf9f59
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
[ System Events ]
Error - 26.02.2014 07:48:18 | Computer Name = Dawid | Source = Application Popup | ID = 1060
Description =
Error - 26.02.2014 07:48:18 | Computer Name = Dawid | Source = Application Popup | ID = 1060
Description =
Error - 26.02.2014 07:48:18 | Computer Name = Dawid | Source = Application Popup | ID = 1060
Description =
Error - 26.02.2014 07:48:20 | Computer Name = Dawid | Source = Application Popup | ID = 1060
Description =
Error - 26.02.2014 07:48:20 | Computer Name = Dawid | Source = Application Popup | ID = 1060
Description =
Error - 26.02.2014 07:48:21 | Computer Name = Dawid | Source = Application Popup | ID = 1060
Description =
Error - 26.02.2014 07:48:21 | Computer Name = Dawid | Source = Application Popup | ID = 1060
Description =
Error - 26.02.2014 07:48:21 | Computer Name = Dawid | Source = Application Popup | ID = 1060
Description =
Error - 26.02.2014 07:48:35 | Computer Name = Dawid | Source = Service Control Manager | ID = 7000
Description = Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund
folgenden Fehlers nicht gestartet: %%2
Error - 26.02.2014 07:51:35 | Computer Name = Dawid | Source = DCOM | ID = 10016
Description =
< End of report >
--- --- ---
OTL Logfile: Code:
OTL logfile created on: 05.03.2014 17:27:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\****\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,94 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 75,61% Memory free
9,19 Gb Paging File | 3,65 Gb Available in Paging File | 39,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920,75 Gb Total Space | 741,43 Gb Free Space | 80,52% Space Free | Partition Type: NTFS
Drive D: | 921,11 Gb Total Space | 920,91 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Computer Name: **** | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Kuptz\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Users\Kuptz\AppData\Roaming\playnowradio\playnowradio\1.3.4.8\playnowradio.exe (Pay By Ads LTD)
PRC - C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Users\Kuptz\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll ()
MOD - C:\Users\Kuptz\AppData\Roaming\playnowradio\playnowradio\1.3.4.8\chrmXtn.dll ()
MOD - C:\Program Files (x86)\Origin\platforms\qwindows.dll ()
MOD - C:\Program Files (x86)\Origin\imageformats\qtiff.dll ()
MOD - C:\Program Files (x86)\Origin\imageformats\qtga.dll ()
MOD - C:\Program Files (x86)\Origin\imageformats\qwbmp.dll ()
MOD - C:\Program Files (x86)\Origin\imageformats\qmng.dll ()
MOD - C:\Program Files (x86)\Origin\imageformats\qjpeg.dll ()
MOD - C:\Program Files (x86)\Origin\imageformats\qico.dll ()
MOD - C:\Program Files (x86)\Origin\imageformats\qgif.dll ()
MOD - C:\Program Files (x86)\IObit\Start Menu 8\NTFSScan.dll ()
MOD - C:\Program Files (x86)\IObit\Start Menu 8\pri.dll ()
MOD - C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl ()
MOD - C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl ()
MOD - C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (Intel(R) -- C:\Windows\SysNative\IPROSetMonitor.exe (Intel Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (NvStreamSvc) -- C:\Programme\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (StartMenuService) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (CCDMonitorService) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Acer Incorporated)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (libusbd) -- C:\Windows\SysWOW64\libusbd-nt.exe (hxxp://libusb-win32.sourceforge.net)
========== Driver Services (SafeList) ==========
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avnetflt) -- C:\Windows\SysNative\drivers\avnetflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c63x64.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV - (libusb0) -- C:\Windows\SysWOW64\drivers\libusb0.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {4D487709-8636-458C-B179-07EE9FC078CC}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{4D487709-8636-458C-B179-07EE9FC078CC}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
IE - HKLM\..\SearchScopes,DefaultScope = {4D487709-8636-458C-B179-07EE9FC078CC}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{4D487709-8636-458C-B179-07EE9FC078CC}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=ShoppingHelper&dpid=ShoppingHelper&co=DE&userid=d4ffad36-d074-4119-8ff9-bfddfd7f5f3d&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=ShoppingHelper&dpid=ShoppingHelper&co=DE&userid=d4ffad36-d074-4119-8ff9-bfddfd7f5f3d&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=ShoppingHelper&dpid=ShoppingHelper&co=DE&userid=d4ffad36-d074-4119-8ff9-bfddfd7f5f3d&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=ShoppingHelper&dpid=ShoppingHelper&co=DE&userid=d4ffad36-d074-4119-8ff9-bfddfd7f5f3d&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\..\SearchScopes,DefaultScope = {038F7505-F3F4-4735-88AF-4ACF774BC9C6}
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=ShoppingHelper&dpid=ShoppingHelper&co=DE&userid=d4ffad36-d074-4119-8ff9-bfddfd7f5f3d&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\..\SearchScopes\{038F7505-F3F4-4735-88AF-4ACF774BC9C6}: "URL" = hxxp://search.gophoto.it/?pl=1&q={searchTerms}&ch=v1noadmin_1403
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\..\SearchScopes\{663CE77E-14D2-44C4-B0AC-876340DFD530}: "URL" = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=b0f252a90000000000007054d2bf9f59&r=46
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
[2013.10.05 22:58:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuptz\AppData\Roaming\mozilla\Extensions
[2013.11.15 21:08:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP0851A865-90DF-4EC9-BD7D-DF1CB32207FF&SSPV=
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\Kuptz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = C:\Users\Kuptz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google-Suche = C:\Users\Kuptz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: AdBlock = C:\Users\Kuptz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: Google Wallet = C:\Users\Kuptz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Google Mail = C:\Users\Kuptz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.08.22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-21-4274084767-3785968379-287791435-1001..\Run: [Akamai NetSession Interface] C:\Users\Kuptz\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-4274084767-3785968379-287791435-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-4274084767-3785968379-287791435-1001..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-4274084767-3785968379-287791435-1001..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\..Trusted Domains: aeriagames.com ([]http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\..Trusted Domains: aeriagames.com ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-4274084767-3785968379-287791435-1001\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{615C3583-638F-48CB-9314-470340ACD4EE}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014.03.05 13:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.03.03 20:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IminentToolbar
[2014.03.03 20:12:14 | 000,000,000 | ---D | C] -- C:\Users\Kuptz\AppData\Roaming\IminentToolbar
[2014.03.03 20:11:31 | 000,000,000 | ---D | C] -- C:\Users\Kuptz\AppData\Roaming\Cool Mirage Ltd
[2014.03.03 20:11:28 | 000,000,000 | ---D | C] -- C:\Users\Kuptz\AppData\Roaming\playnowradio
[2014.03.03 20:10:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014.03.03 20:09:52 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys
[2014.03.03 20:09:50 | 000,000,000 | ---D | C] -- C:\Users\Kuptz\AppData\Roaming\DAEMON Tools Lite
[2014.03.03 20:09:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014.03.03 20:09:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014.03.03 19:25:51 | 000,000,000 | ---D | C] -- C:\Games
[2014.03.02 22:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S4League
[2014.03.02 22:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\S4League
[2014.03.02 22:14:26 | 1213,405,855 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\S4_League.exe
[2014.03.01 18:51:16 | 000,000,000 | ---D | C] -- C:\Users\Kuptz\AppData\Roaming\MAXON
[2014.03.01 18:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinema 4D R12
[2014.03.01 18:49:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cinema 4D R12
[2014.02.23 20:32:34 | 031,432,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2014.02.23 20:32:34 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2014.02.23 20:32:34 | 023,683,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2014.02.23 20:32:34 | 017,715,784 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2014.02.23 20:32:34 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2014.02.23 20:32:34 | 015,740,232 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2014.02.23 20:32:34 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2014.02.23 20:32:34 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2014.02.23 20:32:34 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2014.02.23 20:32:34 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2014.02.23 20:32:34 | 003,142,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2014.02.23 20:32:34 | 002,956,576 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2014.02.23 20:32:34 | 002,782,496 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2014.02.23 20:32:34 | 002,410,784 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2014.02.23 20:32:34 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6433489.dll
[2014.02.23 20:32:34 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6433489.dll
[2014.02.23 20:32:34 | 000,892,192 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2014.02.23 20:32:34 | 000,875,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2014.02.23 20:32:34 | 000,863,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2014.02.23 20:32:34 | 000,844,576 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2014.02.23 20:32:34 | 000,832,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2014.02.23 20:32:34 | 000,483,104 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2014.02.23 20:32:34 | 000,408,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2014.02.23 20:32:34 | 000,378,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2014.02.23 20:32:34 | 000,353,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2014.02.23 20:32:34 | 000,333,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2014.02.23 20:32:34 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2014.02.23 20:32:34 | 000,174,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2014.02.23 20:32:34 | 000,148,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2014.02.22 19:41:07 | 000,000,000 | ---D | C] -- C:\Users\Kuptz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2014.02.20 20:54:52 | 000,000,000 | ---D | C] -- C:\Users\Kuptz\Desktop\Auto Musik
[2014.02.17 16:44:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Photoshop CS6
[2014.02.16 14:19:54 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014.02.16 14:19:53 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014.02.16 14:19:53 | 000,637,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014.02.16 14:19:53 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014.02.16 14:19:51 | 003,210,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2014.02.16 14:19:51 | 002,804,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2014.02.16 14:19:50 | 018,577,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014.02.16 14:19:49 | 002,142,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014.02.16 14:19:49 | 002,131,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014.02.16 14:19:49 | 001,928,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014.02.16 14:19:48 | 013,925,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014.02.16 14:19:48 | 002,617,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014.02.16 14:19:48 | 001,371,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014.02.16 14:19:47 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014.02.16 14:19:46 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014.02.16 14:19:46 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014.02.16 14:19:46 | 001,204,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014.02.16 14:19:45 | 000,809,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014.02.16 14:19:45 | 000,764,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014.02.16 14:19:45 | 000,745,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014.02.16 14:19:45 | 000,669,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014.02.16 14:19:45 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2014.02.16 14:19:45 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014.02.16 14:19:45 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014.02.16 14:19:45 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014.02.16 14:19:45 | 000,032,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014.02.16 14:19:44 | 001,415,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014.02.16 14:19:44 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014.02.16 14:19:44 | 000,663,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014.02.16 14:19:44 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014.02.16 14:19:44 | 000,461,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014.02.16 14:19:44 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2014.02.16 14:19:44 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014.02.16 14:19:44 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll
[2014.02.16 14:19:44 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll
[2014.02.16 14:19:44 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014.02.16 14:19:43 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014.02.16 14:19:43 | 000,513,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014.02.16 14:19:43 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014.02.16 14:19:43 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014.02.16 14:19:43 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceregistration.dll
[2014.02.16 14:19:43 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2014.02.16 14:19:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2014.02.15 14:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
[2014.02.13 22:17:45 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014.02.13 22:17:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014.02.13 22:17:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014.02.13 22:17:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014.02.13 22:17:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014.02.13 22:17:44 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014.02.13 22:17:43 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014.02.13 22:17:43 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014.02.13 22:17:43 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014.02.13 22:17:43 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014.02.13 22:17:41 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014.02.13 22:17:40 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014.02.13 22:17:40 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014.02.13 22:17:40 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014.02.13 22:17:40 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014.02.13 22:17:40 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014.02.13 22:17:39 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014.02.13 22:17:39 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014.02.13 22:17:38 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014.02.13 22:17:38 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014.02.13 22:17:38 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014.02.13 22:17:27 | 004,604,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2014.02.13 22:17:27 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014.02.13 22:17:26 | 000,570,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdrm.dll
[2014.02.13 22:17:25 | 007,416,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014.02.13 22:17:24 | 013,209,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014.02.13 22:17:24 | 011,702,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014.02.13 22:17:24 | 004,961,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014.02.13 22:17:23 | 001,462,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014.02.13 22:17:23 | 001,105,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014.02.13 22:17:10 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014.02.13 22:17:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2014.02.13 22:17:09 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2014.02.13 22:17:08 | 001,113,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014.02.13 22:17:05 | 004,217,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014.02.13 22:17:03 | 002,804,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014.02.13 22:17:01 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014.02.13 22:17:01 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014.02.13 22:17:01 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014.02.13 22:17:01 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014.02.13 22:17:01 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014.02.13 22:17:01 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014.02.13 22:17:01 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014.02.08 14:31:46 | 000,000,000 | ---D | C] -- C:\Users\Kuptz\AppData\Roaming\Awesomium
[2014.02.08 14:19:17 | 000,000,000 | ---D | C] -- C:\Users\Kuptz\Documents\Elder Scrolls Online
[2014.02.08 14:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Elder Scrolls Online
[2014.02.07 17:50:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zenimax Online
[2014.02.06 19:43:21 | 000,000,000 | ---D | C] -- C:\Users\Kuptz\Documents\Overlay-Optionen
[2014.02.06 19:37:51 | 000,000,000 | ---D | C] -- C:\Users\Kuptz\Documents\Keybinder von Brooklyn
[2014.02.04 20:34:27 | 000,000,000 | ---D | C] -- C:\Users\Kuptz\AppData\Roaming\Screaming Bee
[2014.02.04 20:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Screaming Bee
[2014.02.04 20:34:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee
[3 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Users\Kuptz\*.tmp files -> C:\Users\Kuptz\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.03.05 17:20:14 | 002,634,022 | ---- | M] () -- C:\Users\Kuptz\Desktop\368010_flag-federativnoj-respubliki_1920x1080_(www.GdeFon.ru).jpg
[2014.03.05 16:48:00 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.03.05 16:41:00 | 000,001,383 | ---- | M] () -- C:\Users\Kuptz\Desktop\Play Now Radio.lnk
[2014.03.05 13:34:49 | 000,165,659 | ---- | M] () -- C:\MyXML.xml
[2014.03.05 13:34:40 | 000,002,199 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.03.05 13:34:39 | 000,001,116 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.03.05 13:22:55 | 001,776,918 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014.03.05 13:22:55 | 000,764,340 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2014.03.05 13:22:55 | 000,722,278 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014.03.05 13:22:55 | 000,159,160 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2014.03.05 13:22:55 | 000,135,394 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014.03.05 13:20:37 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.03.05 13:18:35 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.03.05 13:18:32 | 2526,191,615 | -HS- | M] () -- C:\hiberfil.sys
[2014.03.04 20:11:05 | 000,007,605 | ---- | M] () -- C:\Users\Kuptz\AppData\Local\Resmon.ResmonCfg
[2014.03.04 15:47:15 | 000,214,392 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2014.03.03 20:09:52 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys
[2014.03.03 18:01:39 | 000,214,392 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.ex0
[2014.03.02 22:25:10 | 000,001,690 | ---- | M] () -- C:\Users\Public\Desktop\S4League.lnk
[2014.03.02 22:19:33 | 1213,405,855 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\S4_League.exe
[2014.03.01 18:51:13 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\Cinema 4D.lnk
[2014.02.27 14:48:10 | 005,002,184 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014.02.23 19:12:04 | 000,000,856 | ---- | M] () -- C:\Users\Kuptz\Desktop\Downloads.lnk
[2014.02.22 20:15:48 | 000,001,304 | ---- | M] () -- C:\Users\Kuptz\Desktop\Steam.exe - Verknüpfung.lnk
[2014.02.22 19:41:07 | 000,000,219 | ---- | M] () -- C:\Users\Kuptz\Desktop\Counter-Strike Global Offensive.url
[2014.02.17 22:00:34 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014.02.17 22:00:34 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014.02.17 16:47:48 | 000,000,040 | -H-- | M] () -- C:\69ED9D3C7BA8
[2014.02.17 16:47:17 | 000,001,666 | ---- | M] () -- C:\Users\Kuptz\Desktop\PsCS6.exe.lnk
[2014.02.08 19:34:51 | 031,432,480 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2014.02.08 19:34:51 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2014.02.08 19:34:51 | 023,683,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2014.02.08 19:34:51 | 018,257,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2014.02.08 19:34:51 | 017,715,784 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2014.02.08 19:34:51 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2014.02.08 19:34:51 | 015,740,232 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2014.02.08 19:34:51 | 014,669,032 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2014.02.08 19:34:51 | 011,636,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2014.02.08 19:34:51 | 011,589,272 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2014.02.08 19:34:51 | 009,728,064 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2014.02.08 19:34:51 | 009,690,424 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2014.02.08 19:34:51 | 003,142,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2014.02.08 19:34:51 | 003,090,184 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2014.02.08 19:34:51 | 002,956,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2014.02.08 19:34:51 | 002,782,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2014.02.08 19:34:51 | 002,713,728 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2014.02.08 19:34:51 | 002,410,784 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2014.02.08 19:34:51 | 001,885,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6433489.dll
[2014.02.08 19:34:51 | 001,515,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6433489.dll
[2014.02.08 19:34:51 | 000,947,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvumdshimx.dll
[2014.02.08 19:34:51 | 000,892,192 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2014.02.08 19:34:51 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2014.02.08 19:34:51 | 000,863,520 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2014.02.08 19:34:51 | 000,844,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2014.02.08 19:34:51 | 000,832,424 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2014.02.08 19:34:51 | 000,483,104 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2014.02.08 19:34:51 | 000,408,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2014.02.08 19:34:51 | 000,378,656 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2014.02.08 19:34:51 | 000,353,504 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2014.02.08 19:34:51 | 000,333,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2014.02.08 19:34:51 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2014.02.08 19:34:51 | 000,174,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2014.02.08 19:34:51 | 000,148,528 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2014.02.08 19:34:51 | 000,061,216 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2014.02.08 19:34:51 | 000,053,024 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2014.02.08 19:34:51 | 000,024,544 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2014.02.08 18:42:36 | 006,712,608 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2014.02.08 18:42:36 | 003,498,272 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2014.02.08 18:42:32 | 002,559,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2014.02.08 18:42:32 | 000,386,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2014.02.08 18:42:32 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2014.02.06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014.02.06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014.02.06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014.02.06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014.02.06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014.02.06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014.02.06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014.02.06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014.02.06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014.02.06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014.02.06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014.02.06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014.02.06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014.02.06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014.02.06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014.02.06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014.02.06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014.02.06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014.02.06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014.02.06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014.02.06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014.02.05 18:52:50 | 003,573,739 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2014.02.04 21:21:49 | 007,459,280 | ---- | M] () -- C:\Users\Kuptz\ts3_recording_14_02_04_21_21_8.wav
[3 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Users\Kuptz\*.tmp files -> C:\Users\Kuptz\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.03.05 17:20:14 | 002,634,022 | ---- | C] () -- C:\Users\Kuptz\Desktop\368010_flag-federativnoj-respubliki_1920x1080_(www.GdeFon.ru).jpg
[2014.03.04 20:11:05 | 000,007,605 | ---- | C] () -- C:\Users\Kuptz\AppData\Local\Resmon.ResmonCfg
[2014.03.04 19:21:05 | 000,001,383 | ---- | C] () -- C:\Users\Kuptz\Desktop\Play Now Radio.lnk
[2014.03.02 22:25:10 | 000,001,690 | ---- | C] () -- C:\Users\Public\Desktop\S4League.lnk
[2014.03.01 18:51:13 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\Cinema 4D.lnk
[2014.02.22 20:15:48 | 000,001,304 | ---- | C] () -- C:\Users\Kuptz\Desktop\Steam.exe - Verknüpfung.lnk
[2014.02.22 19:41:07 | 000,000,219 | ---- | C] () -- C:\Users\Kuptz\Desktop\Counter-Strike Global Offensive.url
[2014.02.17 16:47:48 | 000,000,040 | -H-- | C] () -- C:\69ED9D3C7BA8
[2014.02.17 16:47:17 | 000,001,666 | ---- | C] () -- C:\Users\Kuptz\Desktop\PsCS6.exe.lnk
[2014.02.16 14:19:42 | 000,385,614 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014.02.15 14:27:34 | 000,165,659 | ---- | C] () -- C:\MyXML.xml
[2014.02.14 21:39:24 | 000,000,914 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2014.02.13 22:17:23 | 000,009,701 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014.02.13 22:17:23 | 000,009,701 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014.02.04 21:21:09 | 007,459,280 | ---- | C] () -- C:\Users\Kuptz\ts3_recording_14_02_04_21_21_8.wav
[2014.01.15 12:54:17 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014.01.14 16:41:23 | 000,214,392 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2014.01.14 16:41:23 | 000,076,888 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2013.12.20 22:54:26 | 000,327,680 | ---- | C] () -- C:\WINDOWS\mss32.dll
[2013.12.15 20:51:40 | 000,033,792 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\libusb0.sys
[2013.12.14 22:02:15 | 000,003,334 | ---- | C] () -- C:\Users\Kuptz\AppData\Local\recently-used.xbel
[2013.10.20 10:36:55 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.10.13 12:57:36 | 000,000,132 | ---- | C] () -- C:\Users\Kuptz\AppData\Roaming\Adobe BMP-Format CC - Voreinstellungen
[2013.10.13 12:55:33 | 000,001,456 | ---- | C] () -- C:\Users\Kuptz\AppData\Local\Adobe Für Web speichern 13.0 Prefs
[2013.10.12 10:18:22 | 018,157,520 | ---- | C] () -- C:\Users\Kuptz\ts3_recording_13_10_12_11_18_20.wav
[2013.10.11 16:17:53 | 034,936,400 | ---- | C] () -- C:\Users\Kuptz\ts3_recording_13_10_11_17_17_51.wav
[2013.08.22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013.08.22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013.08.22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013.08.22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013.08.22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012.07.25 21:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012.07.25 21:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012.06.19 17:52:42 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2014.01.14 16:40:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.11.23 12:49:06 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.11.23 09:19:35 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014.02.17 16:22:49 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\.minecraft
[2013.11.11 22:42:41 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\Aeria Games & Entertainment
[2014.02.08 14:31:46 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\Awesomium
[2014.03.05 17:30:10 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\BitTorrent
[2014.03.03 20:11:34 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\Cool Mirage Ltd
[2014.03.03 20:09:50 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\DAEMON Tools Lite
[2014.02.26 15:56:20 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\DVDVideoSoft
[2014.03.03 20:12:14 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\IminentToolbar
[2013.10.04 18:35:49 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\LolClient
[2014.03.01 18:51:16 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\MAXON
[2014.03.03 20:09:49 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\OpenCandy
[2014.01.18 21:16:31 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\Origin
[2013.10.09 15:00:20 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\PDAppFlex
[2014.03.03 20:11:28 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\playnowradio
[2013.10.04 15:39:00 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\Riot Games
[2014.02.04 20:35:34 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\Screaming Bee
[2013.10.05 22:54:37 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\Sony
[2013.11.15 13:07:33 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\TeamViewer
[2013.11.11 17:34:09 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\TechSmith
[2013.10.20 08:56:18 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\TERA
[2013.10.05 22:58:52 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\Thunderbird
[2014.03.05 17:18:03 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\TS3Client
[2013.11.15 21:09:33 | 000,000,000 | ---D | M] -- C:\Users\Kuptz\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 237 bytes -> C:\Users\Kuptz\SkyDrive:ms-properties
< End of report >
--- --- --- |
So funktioniert es:
FRST 32-Bit | FRST 64-Bit