Solved WmiPrvSE.exe

OHHH,...well I did post the log first..and then fix all issues :X

 

jesus..sorry..I'll do it again...tomorrow -.-

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.19.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Dominik :: DOMINIK-PC [administrator]

Protection: Enabled

19.12.2013 20:16:42
mbam-log-2013-12-19 (20-16-42).txt

Scan type: Full scan (C:\|D:\|E:\|G:\|H:\|I:\|J:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 1612684
Time elapsed: 4 hour(s), 42 minute(s), 56 second(s)

Memory Processes Detected: 2
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> 1348 -> Delete on reboot.
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe (PUP.Optional.SweetPacks.A) -> 3084 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 49
HKLM\SYSTEM\CurrentControlSet\Services\Wpm (PUP.Optional.WpManager.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WPM (PUP.Optional.WpManager.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Updater Service for StartNow Toolbar (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\SWEETIE.IEToolbar.1 (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\SWEETIE.IEToolbar (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Toolbar3.SWEETIE.1 (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Toolbar3.SWEETIE (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\esrv.BabylonESrvc.1 (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\esrv.BabylonESrvc (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\b (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
HKCR\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
HKCR\MgMediaPlayer.GifAnimator.1 (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
HKCR\MgMediaPlayer.GifAnimator (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
HKCR\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
HKCR\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook.1 (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\BabylonToolbar (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\nationzoomSoftware (PUP.Optional.NationZoom.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo (PUP.Optional.Elex.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb (PUP.Optional.MultiIE) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.

Registry Values Detected: 8
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Data: 썛愘ᇜ犜ጀ유䞘 -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGHELPERAPP.EXE (PUP.Optional.SweetIM) -> Data: 1 -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGTOOLBARPROXY.DLL (PUP.Optional.SweetIM) -> Data: 1 -> Quarantined and deleted successfully.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0V2V1M1N1D0FzrtHtGtF1E -> Quarantined and deleted successfully.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {1C4BC75B-18DD-11E2-B2D6-001D92AB03C4} -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Wpm|ImagePath (PUP.Optional.WpManager.A) -> Data: C:\ProgramData\WPM\wprotectmanager.exe -service -> Quarantined and deleted successfully.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {1C4BC75B-18DD-11E2-B2D6-001D92AB03C4} -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.NationZoom.A) -> Bad: (http://www.nationzoom.com/?type=hp&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 28
C:\Users\Dominik\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\image (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\image\default (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\Install (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\language (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\language\en_us (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\language\es_es (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\language\pt_br (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\language\tr_tr (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\language\zh_cn (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\language\zh_tw (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\layout (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\layout\default (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Temp\Desk365\eInstall\style (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\ProgramData\RHelpers\ChromeHelper (PUP.Optional.Searchagent) -> Quarantined and deleted successfully.
C:\ProgramData\RHelpers\FirefoxHelper (PUP.Optional.Searchagent) -> Quarantined and deleted successfully.
C:\ProgramData\RHelpers\IeHelper (PUP.Optional.Searchagent) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb (PUP.Optional.MultiIE) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0 (PUP.Optional.MultiIE) -> Quarantined and deleted successfully.

Files Detected: 156
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> Delete on reboot.
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe (PUP.Optional.SweetPacks.A) -> Delete on reboot.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2153768106-3862201133-668011741-1000\$R27AZRJ.rar (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2153768106-3862201133-668011741-1000\$RD4EV0B.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2153768106-3862201133-668011741-1000\$RSVG2YG.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2153768106-3862201133-668011741-1000\$RYW9MIL.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mglogger.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.8.3.8\~BabylonToolbarApp.dll (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.8.3.8\~BabylonToolbarEng.dll (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.8.3.8\~BabylonToolbarsrv.exe (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.8.3.8\~BabylonToolbarTlbr.dll (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> Quarantined and deleted successfully.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.SearchDonkey.A) -> Quarantined and deleted successfully.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> Quarantined and deleted successfully.
C:\ProgramData\~Browser Manager\~2.3.796.11\~{16cdff19-861d-48e3-a751-d99a27784753}\~~browsemngr.dll (PUP.Optional.BProtector) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7TRJCRWW\Setup_DE_20131122[1].exe (PUP.Optional.SearchDonkey.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\Dropbox\Public\xfire_installer_46105.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Windows\Installer\2568e6e.msi (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Windows\Installer\2568e75.msi (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Windows\Installer\2568e7c.msi (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
E:\bak\Downloads\videora-hd2-504-setup.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
E:\New Folder\Downloads\guiminer-20110501.exe (Riskware.BitCoinMiner) -> Quarantined and deleted successfully.
E:\New Folder\Downloads\SoftonicDownloader_fuer_k-lite-codec-pack.exe (PUP.OfferBundler.ST) -> Quarantined and deleted successfully.
E:\Programme\PhotoshopPortable\App\PhotoshopCS6_x64\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
G:\backup 27.07.2012\AppData\Local\Temp\54643AB7-BAB0-7891-B7DE-3C65B0A899E8\MyBabylonTB.exe (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
G:\backup 27.07.2012\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
G:\backup 27.07.2012\AppData\Local\Temp\ct2704262\ieLogic.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
H:\Users\Dominik\AppData\Local\Temp\54643AB7-BAB0-7891-B7DE-3C65B0A899E8\MyBabylonTB.exe (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
H:\Users\Dominik\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
H:\Users\Dominik\AppData\Local\Temp\ct2704262\ieLogic.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
H:\Users\Dominik\Downloads\MyPhoneExplorer_Setup_1.8.4.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\default.xml (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf\logger.xml (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\about.html (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\affid.dat (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\basis.xml (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\bing.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dating.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\find.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\games.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\glitter.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\google.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\help.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\highlight.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\locales.xml (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\music.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\news.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\options.html (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\photos.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\shopping.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\video.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-search.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\announce.js (PUP.Optional.MultiIE) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\background.html (PUP.Optional.MultiIE) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\common.js (PUP.Optional.MultiIE) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\contentscript.js (PUP.Optional.MultiIE) -> Quarantined and deleted successfully.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\icon48.png (PUP.Optional.MultiIE) -> Quarantined and deleted successfully.

(end)

 

I hope this is correct now...

 

Roguekiller keeps crashing ...ugh

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2013 01
Ran by Dominik (administrator) on DOMINIK-PC on 23-12-2013 14:19:41
Running from C:\Users\Dominik\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Hi-Rez Studios) E:\livegame\Hi-Rez Studios\HiPatchService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Locktime Software) C:\Program Files\NetLimiter 3\nlsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Curse) C:\Users\Dominik\AppData\Local\Apps\2.0\XV8ZGWPT.T9K\81BWK8R0.A1P\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
(Oracle Corporation) C:\Program Files (x86)\JDownloader\jre\bin\javaw.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
() C:\Program Files (x86)\JDownloader\tools\Windows\unrarw32\unrar.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [133104 2009-12-29] (Google Inc.)
HKCU\...\Run: [AVMUSBFernanschluss] - C:\Users\Dominik\AppData\Local\Apps\2.0\XV8ZGWPT.T9K\81BWK8R0.A1P\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\AVMAutoStart.exe [139264 2013-05-06] (AVM Berlin)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20587680 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-11-21] (Electronic Arts)
MountPoints2: J - J:\HTC_Sync_Manager_PC.exe
MountPoints2: {909ba1a2-513e-11e3-94a2-87ae777be3d2} - K:\HTC_Sync_Manager_PC.exe
MountPoints2: {9d4bac23-005d-11e3-82e3-a7b61ed8e140} - J:\HTC_Sync_Manager_PC.exe
MountPoints2: {d72a68e5-083c-11e3-993b-8238cb844907} - K:\HTC_Sync_Manager_PC.exe
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [336304 2012-10-19] (Razer USA Ltd)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Live Update 5] - C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKU\fbwuser\...\Run: [Google Update] - C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [133104 2009-12-29] (Google Inc.)
HKU\fbwuser\...\Run: [AVMUSBFernanschluss] - C:\Users\Dominik\AppData\Local\Apps\2.0\XV8ZGWPT.T9K\81BWK8R0.A1P\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\AVMAutoStart.exe [139264 2013-05-06] (AVM Berlin)
HKU\fbwuser\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20587680 2013-11-14] (Skype Technologies S.A.)
HKU\fbwuser\...\Run: [ZoomInfo Contact Contributor] - C:\Users\fbwuser\AppData\Local\ZoomInfoCEUtility\launch.bat
HKU\fbwuser\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-11-21] (Electronic Arts)
AppInit_DLLs-x32: c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll [ ] ()
Startup: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x11C08DAD21F4CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://home.sweetim.com/?crg=3.1010000.10025&barid={1C4BC75B-18DD-11E2-B2D6-001D92AB03C4}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com/?type=hp&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nationzoom.com/?type=hp&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW&q={searchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10025&barid={1C4BC75B-18DD-11E2-B2D6-001D92AB03C4}
SearchScopes: HKCU - DefaultScope {0388404D-6072-4CEB-B521-8F090FEAEE57} URL = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=DE&install_date=20121018&user_guid=4142821A63574368BBFEAEF946EF6615&machine_id=6958aa2c483e9694e6d5a820ec4f81f0&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
SearchScopes: HKCU - {0388404D-6072-4CEB-B521-8F090FEAEE57} URL = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=DE&install_date=20121018&user_guid=4142821A63574368BBFEAEF946EF6615&machine_id=6958aa2c483e9694e6d5a820ec4f81f0&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10025&barid={1C4BC75B-18DD-11E2-B2D6-001D92AB03C4}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll No File
BHO-x32: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
Toolbar: HKLM-x32 - StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{67B12236-30E4-417F-943D-67BF11C83D6B}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{72DDBD48-6047-4A84-AEAD-9FD8D9D6A50F}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{AEE62AD3-C193-485C-A41B-0F31700FF0C6}: [NameServer]127.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ud05pyr1.default-1355605257882
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Dominik\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Webzen.com/NPBrowserExt - C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dominik\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dominik\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - c:\program files (x86)\ubisoft\ubisoft game launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\nationzoom.xml
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afurladvisor@anchorfree.com
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [bonjour4firefox@apple.com] - C:\Program Files (x86)\Bonjour SDK\Bin\FirefoxExtension\
FF Extension: Bonjour Extension for Firefox - C:\Program Files (x86)\Bonjour SDK\Bin\FirefoxExtension\
FF HKCU\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF HKCU\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\extensions\extension@preispilot.com
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\extensions\firejump@firejump.net
FF Extension: FireJump - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\extensions\firejump@firejump.net

Chrome:
=======
CHR HomePage: hxxp://www.nationzoom.com/?type=hp&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW
CHR RestoreOnStartup: "hxxp://www.nationzoom.com/?type=hp&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW "
CHR DefaultSearchKeyword: nationzoom
CHR DefaultSearchProvider: nationzoom
CHR DefaultSearchURL: http://www.nationzoom.com/web/?type=ds&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (PriceGong) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.7_0\plugins/npPriceGong_CH.dll No File
CHR Plugin: (Babylon ToolBar) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_1\BabylonChromeToolBar.dll No File
CHR Plugin: (SweetIM GC Helper) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\mgHelperGCFB.dll No File
CHR Plugin: (SweetIM GC Helper) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.0.0.1_0\mgHelperGC.dll No File
CHR Plugin: (Application Manager) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll No File
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (WEBZEN Browser Extension) - C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
CHR Extension: (Extended Protection) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0
CHR Extension: (Skype Click to Call) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Google Wallet) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.nationzoom.com/?type=sc&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-07-17] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-07-17] (BlueStack Systems, Inc.)
R2 HiPatchService; E:\livegame\Hi-Rez Studios\HiPatchService.exe [8704 2012-10-26] (Hi-Rez Studios)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [831272 2013-06-21] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-06-21] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [548136 2013-06-21] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1845248 2011-03-21] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-13] ()
R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [743320 2012-10-02] (Tunngle.net GmbH)
S4 Browser Manager; C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-05-06] (AVM Berlin)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-07-17] (BlueStack Systems)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-06-21] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [88200 2011-03-21] (Locktime Software)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S3 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [73040 2012-10-10] (Dataram, Inc.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [990864 2012-09-28] (Realtek Semiconductor Corporation )
R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [25600 2012-10-25] (Razer USA Ltd)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [23040 2012-10-25] (Razer USA Ltd)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 tizeqdrv; C:\Users\Dominik\AppData\Roaming\TZAC2\tizeq64.sys [171704 2012-08-07] ()
R3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [124176 2012-11-30] (High Criteria inc.)
S3 ucgnm; C:\Windows\System32\DRIVERS\ucgnmx.sys [994816 2010-04-16] (Ralink Technology Corp.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-04-12] (Oracle Corporation)
S3 VCam_WDM; C:\Windows\System32\DRIVERS\VCam_WDM.sys [104120 2012-05-25] (e2eSoft)
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294232 2013-06-19] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Dominik\AppData\Local\Temp\ALSysIO64.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\Drivers\androidusb.sys F47CEC45FB85791D4AB237563AD0FA8F
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgntflt.sys 7806BFCD1D7FA5EC23F7324D4EAFD25B
C:\Windows\System32\DRIVERS\avipbb.sys C3A58DBD18786C338126D30BF8C33D72
C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\System32\DRIVERS\avmaura.sys 6A300AD0E23A155B2C3A7FAB0D4AABD1
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys E9030B35175CAA68F96F4F73DB9E4902
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\danew.sys 003626F7CA17C204F16CD5047AF0703A
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hssdrv6.sys 26B05FFD8FB5E70EB501A610E3425341
C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F
C:\Windows\System32\DRIVERS\htcnprot.sys B8B1B284362E1D8135112573395D5DA5
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys E9740A3BC0AE6EA035FF7ECE3A1B27B6
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\jraid.sys 3CE8227864A5C4574F5FD99658D69885
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lvuvc64.sys FF3A488924B0032B1A9CA6948C1FA9E8
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\DRIVERS\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\loop.sys 103B3BBE23AB774B009D182276EC6786
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nlndis.sys AD42FB061166AF0643806800304BD76F
C:\Windows\System32\DRIVERS\nlndis.sys AD42FB061166AF0643806800304BD76F
C:\Program Files\NetLimiter 3\nltdi.sys 75E6581DE9A0B155EDAB6807E668BE06
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys 1B32C54B95121AB1683C7B83B2DB4B96
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys CE1B54F1ED2080B15DAF9044EC92075A
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\System32\drivers\nvvad64v.sys E54A699931F73E52C6DA2DA2776BA98D
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\pwdrvio.sys DEFD557D9B8C0FA3CEA6CC576400114E
C:\Windows\system32\pwdspio.sys A2EE3B70A9E05F651B888078726C2787
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RAMDiskVE.sys 4845C93A5EAAD43924EE286502E0E80E
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys 130DD683DCC902F47A4AC35201D07E2F
C:\Windows\System32\DRIVERS\rtwlanu.sys 52D33FBC67562C8FE82EFCD15FD79B1E
C:\Windows\System32\DRIVERS\rzdaendpt.sys 407ACE94C8CE23871B630B9A17F92768
C:\Windows\System32\DRIVERS\rzudd.sys B047199A905DF30B69439C2703775978
C:\Windows\System32\DRIVERS\rzvkeyboard.sys 6E79D499714DBC9792703ECDD664352F
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssadbus.sys 8F8324ED1DE63FFC7B1A02CD2D963C72
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tap0901t.sys B08740047145B9BCE15BF75CA0F9718A
C:\Windows\System32\DRIVERS\taphss.sys B70DF208E97536CA9F29289E609F5B16
C:\Windows\System32\DRIVERS\taphss6.sys 83C57F165F0216E5CE40D7E4E00DC76D
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Users\Dominik\AppData\Roaming\TZAC2\tizeq64.sys 5C049741E220DC6FE3D7469528B787EA
C:\Windows\system32\drivers\TotRec8.sys 36E1383019695CB722E685083C005FDD
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ucgnmx.sys AB96A327BE0FDC51ECA2D6F6F527321A
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys ACCEA6BC68D0C9A78EB97EE159028B4E
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 311C1DD1088E55BEAE15954D17F50646
C:\Windows\System32\DRIVERS\usbhub.sys 280E90CBF4B2DDD169F0728CB44D726F
C:\Windows\system32\drivers\usbohci.sys 9406D801042FAF859CF81B2C886413DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys A83D0EC9AE4C31704442099D40BA2471
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\DRIVERS\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\DRIVERS\VBoxDrv.sys AD6D273E646B94BB6668C8CB439CFBD3
C:\Windows\System32\DRIVERS\VBoxNetFlt.sys 2966838EDAFBEB2819D127BF7D23F27B
C:\Windows\System32\Drivers\VBoxUSB.sys 1E821B0057C861F6AFE88187466F7CA4
C:\Windows\System32\DRIVERS\VBoxUSBMon.sys E5C140160617B2B0545B4051AA9507FF
C:\Windows\System32\DRIVERS\VCam_WDM.sys 9024E915F803431E2C2C85070DC919FB
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vHidDev.sys 1161ACFF728D97F75D74D2F1465F8A46
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\Treiber\vmm.sys 091E009EF749C9D65CF9ADFAD316D251
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\VMNetSrv.sys BC2EA40B98B5E866D9A4F98AFB66B682
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUSB.SYS FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-23 14:19 - 2013-12-23 14:22 - 00047756 _____ C:\Users\Dominik\Downloads\FRST.txt
2013-12-23 14:19 - 2013-12-23 14:19 - 00000000 ____D C:\FRST
2013-12-23 14:10 - 2013-12-23 14:10 - 01928280 _____ (Farbar) C:\Users\Dominik\Downloads\FRST64.exe
2013-12-22 12:47 - 2012-08-20 14:48 - 00019032 ____N C:\Windows\system32\pwdrvio.sys
2013-12-21 15:21 - 2013-12-21 15:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-18 23:21 - 2013-12-18 23:21 - 04359168 _____ C:\Users\Dominik\Downloads\RogueKillerX64(1).exe
2013-12-18 22:14 - 2013-12-18 23:25 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2013-12-17 19:22 - 2013-12-17 19:22 - 03574272 _____ C:\Users\Dominik\Downloads\RogueKiller.exe
2013-12-17 19:16 - 2013-12-18 23:22 - 00000000 ____D C:\Users\Dominik\Desktop\RK_Quarantine
2013-12-17 19:15 - 2013-12-17 19:15 - 04159488 _____ C:\Users\Dominik\Downloads\RogueKillerX64.exe
2013-12-16 06:18 - 2013-12-16 06:19 - 13670584 _____ (Microsoft Corporation) C:\Users\Dominik\Downloads\mseinstall.exe
2013-12-15 22:25 - 2013-12-15 22:25 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-12-15 22:23 - 2013-12-15 22:23 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-15 22:22 - 2013-12-15 22:38 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-15 22:22 - 2013-12-15 22:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-15 22:22 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-12-15 22:09 - 2013-12-15 22:09 - 00614784 _____ C:\Users\Dominik\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2013-12-15 21:01 - 2013-12-15 21:01 - 00000000 ____D C:\ProgramData\TubeDimmer
2013-12-15 19:41 - 2013-12-15 19:43 - 25647320 _____ (Microsoft Corporation) C:\Users\Dominik\Downloads\Windows-KB890830-x64-V5.7.exe
2013-12-15 19:40 - 2013-12-15 19:45 - 95632144 _____ (Microsoft Corporation) C:\Users\Dominik\Downloads\msert.exe
2013-12-15 19:34 - 2013-12-16 20:50 - 00031538 _____ C:\Users\Dominik\Desktop\dds.txt
2013-12-15 19:34 - 2013-12-15 19:35 - 00012714 _____ C:\Users\Dominik\Desktop\attach.txt
2013-12-15 18:41 - 2013-12-15 18:41 - 05045639 _____ C:\Users\Dominik\Downloads\tweaking.com_windows_repair_aio_setup.exe
2013-12-15 18:41 - 2013-12-15 18:41 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-12-15 18:23 - 2013-12-15 18:23 - 00688992 ____R (Swearware) C:\Users\Dominik\Downloads\dds.com
2013-12-15 18:21 - 2013-12-15 18:21 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-15 18:21 - 2013-12-15 18:21 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Malwarebytes
2013-12-15 18:21 - 2013-12-15 18:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-15 18:21 - 2013-12-15 18:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-15 18:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-15 18:17 - 2013-12-15 18:17 - 01065219 _____ C:\Users\Dominik\Downloads\Tweaking.com-RepairWMI.exe
2013-12-15 18:17 - 2013-12-15 18:17 - 00000000 ____D C:\Users\Dominik\Downloads\Tweaking.com - Repair WMI
2013-12-15 18:03 - 2013-12-15 18:03 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\AVG2014
2013-12-15 18:02 - 2013-12-17 19:18 - 00000000 ___HD C:\$AVG
2013-12-15 18:02 - 2013-12-17 19:18 - 00000000 ____D C:\ProgramData\AVG2014
2013-12-15 18:01 - 2013-12-18 18:21 - 00000000 ____D C:\ProgramData\MFAData
2013-12-15 18:01 - 2013-12-15 18:04 - 00000000 ____D C:\Users\Dominik\AppData\Local\Avg2014
2013-12-15 18:01 - 2013-12-15 18:01 - 00000000 ____D C:\Users\Dominik\AppData\Local\MFAData
2013-12-15 00:35 - 2013-12-20 07:42 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-15 00:35 - 2013-12-16 06:22 - 00000000 ____D C:\ProgramData\Updater
2013-12-15 00:34 - 2013-12-21 14:27 - 00000000 ____D C:\ProgramData\WPM

 

2013-12-12 00:52 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 00:52 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 00:52 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 00:52 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 00:52 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 00:52 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 00:52 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 00:52 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 00:52 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 00:52 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 00:52 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 00:52 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 00:52 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 00:52 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 00:52 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 00:52 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 00:52 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 00:52 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 00:52 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 00:52 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 00:52 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 00:52 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 00:52 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 00:52 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 00:52 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 00:52 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 00:52 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 00:52 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 00:52 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 00:52 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 00:52 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 18:43 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 18:43 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 18:43 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 18:42 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 18:42 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 18:42 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 18:42 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 18:40 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 18:40 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 18:40 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 18:40 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 18:40 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 18:40 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 18:40 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 18:40 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-09 19:49 - 2013-12-09 19:49 - 00000000 ____D C:\Users\Dominik\AppData\Local\Blizzard
2013-12-09 18:46 - 2013-12-09 18:46 - 00000767 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-12-09 18:45 - 2013-12-22 02:40 - 00000000 ____D C:\Users\Dominik\AppData\Local\Battle.net
2013-12-09 18:45 - 2013-12-09 21:14 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Battle.net
2013-12-09 18:45 - 2013-12-09 18:45 - 00000770 _____ C:\Users\Public\Desktop\Battle.net.lnk
2013-12-06 19:57 - 2013-12-06 20:18 - 00000000 ____D C:\Users\Dominik\Desktop\4red
2013-12-05 00:39 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-05 00:36 - 2013-12-05 00:36 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-05 00:36 - 2013-12-05 00:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-05 00:36 - 2013-12-05 00:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-05 00:36 - 2013-12-05 00:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-05 00:36 - 2013-12-05 00:36 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-05 00:36 - 2013-12-05 00:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-05 00:36 - 2013-12-05 00:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-05 00:35 - 2013-12-05 00:35 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-12-05 00:35 - 2013-12-05 00:35 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-12-05 00:35 - 2013-12-05 00:35 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-12-05 00:35 - 2013-12-05 00:35 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-12-05 00:35 - 2013-12-05 00:35 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-12-05 00:35 - 2013-12-05 00:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-12-05 00:34 - 2013-12-05 00:40 - 00012567 _____ C:\Windows\IE11_main.log
2013-12-05 00:34 - 2013-12-05 00:34 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-12-05 00:34 - 2013-12-05 00:34 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-12-05 00:34 - 2013-12-05 00:34 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-12-05 00:34 - 2013-12-05 00:34 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-12-05 00:34 - 2013-12-05 00:34 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-12-03 22:52 - 2013-12-03 22:52 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Dominik\Downloads\HPUSBFW_v2.2.3.exe
2013-12-02 19:27 - 2013-10-30 18:03 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-12-02 19:27 - 2013-10-30 18:02 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-11-26 18:20 - 2013-11-26 18:20 - 01071224 _____ (Solid State Networks) C:\Users\Dominik\Downloads\install_flashplayer11x32au_mssa_aaa_aih.exe

==================== One Month Modified Files and Folders =======

2013-12-23 14:22 - 2013-12-23 14:19 - 00047756 _____ C:\Users\Dominik\Downloads\FRST.txt
2013-12-23 14:19 - 2013-12-23 14:19 - 00000000 ____D C:\FRST
2013-12-23 14:18 - 2012-10-17 15:22 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\vlc
2013-12-23 14:18 - 2012-10-17 15:11 - 00000000 ____D C:\Users\Dominik\AppData\Local\Deployment
2013-12-23 14:15 - 2012-10-17 14:57 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype
2013-12-23 14:10 - 2013-12-23 14:10 - 01928280 _____ (Farbar) C:\Users\Dominik\Downloads\FRST64.exe
2013-12-23 14:10 - 2009-07-14 05:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-23 14:10 - 2009-07-14 05:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-23 13:37 - 2012-12-10 21:50 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2153768106-3862201133-668011741-1000UA.job
2013-12-23 13:33 - 2012-10-17 14:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-23 13:31 - 2012-10-17 14:46 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-23 13:22 - 2012-10-17 14:21 - 01103344 _____ C:\Windows\WindowsUpdate.log
2013-12-23 12:18 - 2011-03-20 10:08 - 00688008 _____ C:\Windows\system32\perfh007.dat
2013-12-23 12:18 - 2011-03-20 10:08 - 00145536 _____ C:\Windows\system32\perfc007.dat
2013-12-23 12:18 - 2009-07-14 06:13 - 01621308 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-23 12:14 - 2013-11-12 20:54 - 00034700 _____ C:\Windows\setupact.log
2013-12-23 12:14 - 2013-10-13 14:59 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-23 12:13 - 2012-10-17 14:46 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-23 12:13 - 2012-10-17 14:28 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-23 12:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-23 00:44 - 2012-10-17 15:21 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\TS3Client
2013-12-22 18:37 - 2012-12-10 21:50 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2153768106-3862201133-668011741-1000Core.job
2013-12-22 12:46 - 2012-10-17 19:04 - 00000000 ____D C:\Users\Dominik\AppData\Local\TSVNCache
2013-12-22 12:45 - 2012-10-17 14:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-22 02:40 - 2013-12-09 18:45 - 00000000 ____D C:\Users\Dominik\AppData\Local\Battle.net
2013-12-22 01:24 - 2012-10-20 01:52 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-12-22 01:24 - 2012-10-20 01:52 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-12-22 01:23 - 2012-10-20 01:52 - 00271200 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-12-21 15:21 - 2013-12-21 15:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-21 14:27 - 2013-12-15 00:34 - 00000000 ____D C:\ProgramData\WPM
2013-12-21 14:27 - 2012-10-18 07:27 - 00000000 ____D C:\Program Files (x86)\StartNow Toolbar
2013-12-21 14:27 - 2010-11-21 04:47 - 00216342 _____ C:\Windows\PFRO.log
2013-12-20 07:42 - 2013-12-15 00:35 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-20 07:42 - 2012-10-18 05:34 - 00000000 ____D C:\Program Files (x86)\SweetIM
2013-12-20 01:30 - 2013-11-15 22:32 - 00000000 ____D C:\Windows\rescache
2013-12-18 23:25 - 2013-12-18 22:14 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2013-12-18 23:22 - 2013-12-17 19:16 - 00000000 ____D C:\Users\Dominik\Desktop\RK_Quarantine
2013-12-18 23:21 - 2013-12-18 23:21 - 04359168 _____ C:\Users\Dominik\Downloads\RogueKillerX64(1).exe
2013-12-18 18:29 - 2013-05-07 10:34 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-18 18:29 - 2013-04-19 14:06 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-18 18:29 - 2013-04-19 14:06 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-18 18:21 - 2013-12-15 18:01 - 00000000 ____D C:\ProgramData\MFAData
2013-12-17 19:22 - 2013-12-17 19:22 - 03574272 _____ C:\Users\Dominik\Downloads\RogueKiller.exe
2013-12-17 19:18 - 2013-12-15 18:02 - 00000000 ___HD C:\$AVG
2013-12-17 19:18 - 2013-12-15 18:02 - 00000000 ____D C:\ProgramData\AVG2014
2013-12-17 19:15 - 2013-12-17 19:15 - 04159488 _____ C:\Users\Dominik\Downloads\RogueKillerX64.exe
2013-12-16 20:50 - 2013-12-15 19:34 - 00031538 _____ C:\Users\Dominik\Desktop\dds.txt
2013-12-16 06:22 - 2013-12-15 00:35 - 00000000 ____D C:\ProgramData\Updater
2013-12-16 06:19 - 2013-12-16 06:18 - 13670584 _____ (Microsoft Corporation) C:\Users\Dominik\Downloads\mseinstall.exe
2013-12-15 22:38 - 2013-12-15 22:22 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-15 22:31 - 2013-12-15 22:22 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-15 22:25 - 2013-12-15 22:25 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-12-15 22:23 - 2013-12-15 22:23 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-15 22:09 - 2013-12-15 22:09 - 00614784 _____ C:\Users\Dominik\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2013-12-15 22:03 - 2012-10-26 06:40 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-15 22:03 - 2012-10-17 19:04 - 00000000 ____D C:\Users\Dominik\AppData\Local\PMB Files
2013-12-15 21:01 - 2013-12-15 21:01 - 00000000 ____D C:\ProgramData\TubeDimmer
2013-12-15 19:45 - 2013-12-15 19:40 - 95632144 _____ (Microsoft Corporation) C:\Users\Dominik\Downloads\msert.exe
2013-12-15 19:43 - 2013-12-15 19:41 - 25647320 _____ (Microsoft Corporation) C:\Users\Dominik\Downloads\Windows-KB890830-x64-V5.7.exe
2013-12-15 19:35 - 2013-12-15 19:34 - 00012714 _____ C:\Users\Dominik\Desktop\attach.txt
2013-12-15 18:41 - 2013-12-15 18:41 - 05045639 _____ C:\Users\Dominik\Downloads\tweaking.com_windows_repair_aio_setup.exe
2013-12-15 18:41 - 2013-12-15 18:41 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-12-15 18:23 - 2013-12-15 18:23 - 00688992 ____R (Swearware) C:\Users\Dominik\Downloads\dds.com
2013-12-15 18:21 - 2013-12-15 18:21 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-15 18:21 - 2013-12-15 18:21 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Malwarebytes
2013-12-15 18:21 - 2013-12-15 18:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-15 18:21 - 2013-12-15 18:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-15 18:17 - 2013-12-15 18:17 - 01065219 _____ C:\Users\Dominik\Downloads\Tweaking.com-RepairWMI.exe
2013-12-15 18:17 - 2013-12-15 18:17 - 00000000 ____D C:\Users\Dominik\Downloads\Tweaking.com - Repair WMI
2013-12-15 18:07 - 2012-10-17 14:56 - 00007629 _____ C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2013-12-15 18:04 - 2013-12-15 18:01 - 00000000 ____D C:\Users\Dominik\AppData\Local\Avg2014
2013-12-15 18:03 - 2013-12-15 18:03 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\AVG2014
2013-12-15 18:01 - 2013-12-15 18:01 - 00000000 ____D C:\Users\Dominik\AppData\Local\MFAData
2013-12-15 17:14 - 2012-10-17 14:46 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Xfire
2013-12-15 16:11 - 2012-10-17 14:21 - 00000000 ___RD C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-15 15:01 - 2013-05-06 20:58 - 00797616 _____ C:\Windows\avmacc.log
2013-12-15 03:04 - 2013-08-16 19:39 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 00:41 - 2013-10-13 15:19 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-12-15 00:34 - 2012-10-17 14:47 - 00002449 _____ C:\Users\Dominik\Desktop\Google Chrome.lnk
2013-12-15 00:34 - 2012-10-17 14:32 - 00001341 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-15 00:34 - 2012-10-17 14:21 - 00001627 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-12 08:09 - 2009-07-14 05:45 - 00443976 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 00:53 - 2012-10-24 13:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 23:00 - 2012-10-17 19:05 - 00000000 ____D C:\Users\Dominik\AppData\Local\Windows Live
2013-12-10 23:34 - 2012-10-17 14:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 23:34 - 2012-10-17 14:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 23:34 - 2012-10-17 14:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 19:26 - 2012-10-17 14:46 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-10 19:26 - 2012-10-17 14:46 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-10 08:07 - 2012-10-17 14:45 - 00000000 ____D C:\ProgramData\Xfire
2013-12-09 21:14 - 2013-12-09 18:45 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Battle.net
2013-12-09 19:49 - 2013-12-09 19:49 - 00000000 ____D C:\Users\Dominik\AppData\Local\Blizzard
2013-12-09 18:46 - 2013-12-09 18:46 - 00000767 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-12-09 18:45 - 2013-12-09 18:45 - 00000770 _____ C:\Users\Public\Desktop\Battle.net.lnk
2013-12-07 18:32 - 2012-12-10 21:50 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2153768106-3862201133-668011741-1000UA
2013-12-07 18:32 - 2012-12-10 21:50 - 00003710 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2153768106-3862201133-668011741-1000Core
2013-12-07 15:40 - 2013-09-17 17:27 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Guild Wars 2
2013-12-06 20:18 - 2013-12-06 19:57 - 00000000 ____D C:\Users\Dominik\Desktop\4red
2013-12-05 00:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-05 00:40 - 2013-12-05 00:34 - 00012567 _____ C:\Windows\IE11_main.log
2013-12-05 00:36 - 2013-12-05 00:36 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-05 00:36 - 2013-12-05 00:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-05 00:36 - 2013-12-05 00:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-05 00:36 - 2013-12-05 00:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-05 00:36 - 2013-12-05 00:36 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-05 00:36 - 2013-12-05 00:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-05 00:36 - 2013-12-05 00:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-05 00:36 - 2013-12-05 00:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-05 00:35 - 2013-12-05 00:35 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-12-05 00:35 - 2013-12-05 00:35 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-12-05 00:35 - 2013-12-05 00:35 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-12-05 00:35 - 2013-12-05 00:35 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-12-05 00:35 - 2013-12-05 00:35 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-12-05 00:35 - 2013-12-05 00:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-12-05 00:35 - 2013-12-05 00:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-12-05 00:34 - 2013-12-05 00:34 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-12-05 00:34 - 2013-12-05 00:34 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-12-05 00:34 - 2013-12-05 00:34 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-12-05 00:34 - 2013-12-05 00:34 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-12-05 00:34 - 2013-12-05 00:34 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-12-03 22:52 - 2013-12-03 22:52 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Dominik\Downloads\HPUSBFW_v2.2.3.exe
2013-12-02 20:34 - 2012-10-18 05:34 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-12-02 19:28 - 2013-10-28 20:18 - 00000000 ____D C:\Users\Dominik\AppData\Local\NVIDIA
2013-12-02 19:28 - 2013-10-13 15:46 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-02 19:28 - 2012-10-17 19:04 - 00000000 ____D C:\Users\Dominik\AppData\Local\NVIDIA Corporation
2013-12-02 19:27 - 2013-10-13 15:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-02 19:27 - 2012-10-17 14:27 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-01 15:07 - 2012-10-17 19:04 - 00000000 ____D C:\Users\Dominik\AppData\Local\PokerStars.EU
2013-12-01 14:42 - 2012-10-17 15:21 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-29 18:37 - 2013-06-05 05:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-29 18:37 - 2012-10-17 14:57 - 00000000 ____D C:\ProgramData\Skype
2013-11-29 17:56 - 2013-10-28 20:20 - 01096480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-11-29 17:56 - 2013-10-28 20:20 - 00979744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-11-26 20:33 - 2013-04-19 14:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 18:20 - 2013-11-26 18:20 - 01071224 _____ (Solid State Networks) C:\Users\Dominik\Downloads\install_flashplayer11x32au_mssa_aaa_aih.exe
2013-11-26 12:54 - 2013-12-12 00:52 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 11:19 - 2013-12-12 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 11:18 - 2013-12-12 00:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 11:11 - 2013-12-12 00:52 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:48 - 2013-12-12 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 10:46 - 2013-12-12 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 10:41 - 2013-12-12 00:52 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 10:29 - 2013-12-12 00:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 10:27 - 2013-12-12 00:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 10:23 - 2013-12-12 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 10:21 - 2013-12-12 00:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 10:18 - 2013-12-12 00:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 10:18 - 2013-12-12 00:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 10:16 - 2013-12-12 00:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:57 - 2013-12-12 00:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-12 00:52 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:38 - 2013-12-12 00:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 09:35 - 2013-12-12 00:52 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:32 - 2013-12-12 00:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 09:28 - 2013-12-12 00:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 09:16 - 2013-12-12 00:52 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-12 00:52 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-12 00:52 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-12 00:52 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-12 00:52 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-12 00:52 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-12 00:52 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-12 00:52 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-12 00:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-12 00:52 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-12 00:52 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

Files to move or delete:
====================
C:\Users\Dominik\AppData\Roaming\desktop.ini


Some content of TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=D:
path \bootmgr
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
default {current}
resumeobject {2dc6798e-4a3f-11df-906e-9a28538eea7f}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows-Startladeprogramm
-------------------------
Bezeichner {2dc67984-4a3f-11df-906e-9a28538eea7f}
device ramdisk=[H:]\Recovery\2dc67984-4a3f-11df-906e-9a28538eea7f\Winre.wim,{2dc67985-4a3f-11df-906e-9a28538eea7f}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[H:]\Recovery\2dc67984-4a3f-11df-906e-9a28538eea7f\Winre.wim,{2dc67985-4a3f-11df-906e-9a28538eea7f}
systemroot \windows
nx OptIn
winpe Yes

Windows-Startladeprogramm
-------------------------
Bezeichner {2dc67988-4a3f-11df-906e-9a28538eea7f}
device ramdisk=[H:]\Recovery\2dc67988-4a3f-11df-906e-9a28538eea7f\Winre.wim,{2dc67989-4a3f-11df-906e-9a28538eea7f}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[H:]\Recovery\2dc67988-4a3f-11df-906e-9a28538eea7f\Winre.wim,{2dc67989-4a3f-11df-906e-9a28538eea7f}
systemroot \windows
nx OptIn
winpe Yes

Windows-Startladeprogramm
-------------------------
Bezeichner {2dc6798c-4a3f-11df-906e-9a28538eea7f}
device ramdisk=[H:]\Recovery\2dc6798c-4a3f-11df-906e-9a28538eea7f\Winre.wim,{2dc6798d-4a3f-11df-906e-9a28538eea7f}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[H:]\Recovery\2dc6798c-4a3f-11df-906e-9a28538eea7f\Winre.wim,{2dc6798d-4a3f-11df-906e-9a28538eea7f}
systemroot \windows
nx OptIn
winpe Yes

Windows-Startladeprogramm
-------------------------
Bezeichner {2dc6798f-4a3f-11df-906e-9a28538eea7f}
device partition=H:
path \Windows\system32\winload.exe
description Windows 7
locale de-DE
inherit {bootloadersettings}
recoverysequence {2dc67990-4a3f-11df-906e-9a28538eea7f}
recoveryenabled Yes
osdevice partition=H:
systemroot \Windows
resumeobject {2dc6798e-4a3f-11df-906e-9a28538eea7f}
nx OptIn

Windows-Startladeprogramm
-------------------------
Bezeichner {2dc67990-4a3f-11df-906e-9a28538eea7f}
device ramdisk=[H:]\Recovery\2dc67990-4a3f-11df-906e-9a28538eea7f\Winre.wim,{2dc67991-4a3f-11df-906e-9a28538eea7f}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[H:]\Recovery\2dc67990-4a3f-11df-906e-9a28538eea7f\Winre.wim,{2dc67991-4a3f-11df-906e-9a28538eea7f}
systemroot \windows
nx OptIn
winpe Yes

Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7 Home Premium (recovered)
locale de-DE
recoverysequence {2dc67984-4a3f-11df-906e-9a28538eea7f}
recoveryenabled Yes
testsigning Yes
osdevice partition=C:
systemroot \Windows
resumeobject {40739984-379b-11e2-8132-806e6f6e6963}

Windows-Startladeprogramm
-------------------------
Bezeichner {2dc67993-4a3f-11df-906e-9a28538eea7f}
device ramdisk=[C:]\Recovery\af445914-f0c7-11de-8e86-96ac27c04db5\Winre.wim,{2dc67994-4a3f-11df-906e-9a28538eea7f}
path \windows\system32\winload.exe
description Windows Recovery Environment (recovered)
locale
osdevice ramdisk=[C:]\Recovery\af445914-f0c7-11de-8e86-96ac27c04db5\Winre.wim,{2dc67994-4a3f-11df-906e-9a28538eea7f}
systemroot \windows
winpe Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {2dc6798e-4a3f-11df-906e-9a28538eea7f}
device partition=H:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
filedevice partition=H:
filepath \hiberfil.sys
debugoptionenabled No

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {40739984-379b-11e2-8132-806e6f6e6963}
device partition=C:
path \Windows\system32\winresume.exe
description Windows 7 Home Premium (recovered)
locale de-DE
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=D:
path \boot\memtest.exe
description Windows-Speicherdiagnose
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes

EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems Yes

Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM-Defekte
-----------
Bezeichner {badmemory}

Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}

Ger„teoptionen
--------------
Bezeichner {2dc67985-4a3f-11df-906e-9a28538eea7f}
description Ramdisk Options
ramdisksdidevice partition=H:
ramdisksdipath \Recovery\2dc67984-4a3f-11df-906e-9a28538eea7f\boot.sdi

Ger„teoptionen
--------------
Bezeichner {2dc67989-4a3f-11df-906e-9a28538eea7f}
description Ramdisk Options
ramdisksdidevice partition=H:
ramdisksdipath \Recovery\2dc67988-4a3f-11df-906e-9a28538eea7f\boot.sdi

Ger„teoptionen
--------------
Bezeichner {2dc6798d-4a3f-11df-906e-9a28538eea7f}
description Ramdisk Options
ramdisksdidevice partition=H:
ramdisksdipath \Recovery\2dc6798c-4a3f-11df-906e-9a28538eea7f\boot.sdi

Ger„teoptionen
--------------
Bezeichner {2dc67991-4a3f-11df-906e-9a28538eea7f}
description Ramdisk Options
ramdisksdidevice partition=H:
ramdisksdipath \Recovery\2dc67990-4a3f-11df-906e-9a28538eea7f\boot.sdi

Ger„teoptionen
--------------
Bezeichner {2dc67994-4a3f-11df-906e-9a28538eea7f}
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\af445914-f0c7-11de-8e86-96ac27c04db5\boot.sdi



LastRegBack: 2013-12-20 01:22

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2013 01
Ran by Dominik at 2013-12-23 14:23:52
Running from C:\Users\Dominik\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 3.4.0.2710)
Adobe Download Assistant (x32 Version: 1.2.3)
Adobe Flash Media Live Encoder 3.2 (x32 Version: 3.2.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
AIM for Windows (HKCU)
Avidemux 2.6 (32-bit) (x32 Version: 2.6.4.8696)
Avira Free Antivirus (x32 Version: 14.0.2.286)
Battle.net (x32)
Battlefield 4™ Beta (x32 Version: 1.0.0.0)
Battlelog Web Plugins (x32 Version: 2.3.0)
Blink version 0.4.0 (x32 Version: 0.4.0)
BlueStacks App Player (x32 Version: 0.7.16.910)
BlueStacks Notification Center (x32 Version: 0.7.16.910)
Bonjour (Version: 2.0.2.0)
Bonjour SDK (Version: 2.0.2.0)
Borderlands 2 (x32)
Browser Manager (x32)
Call of Duty Black Ops II (x32)
Call of Duty: Black Ops II - Multiplayer (x32)
Chivalry: Medieval Warfare (x32)
Core Temp 1.0 RC4 (Version: 1.0)
Curse Client (HKCU Version: 5.1.1.792)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Diablo III (x32)
Dropbox (HKCU Version: 2.0.22)
EVGA Precision X 3.0.4 (x32 Version: 3.0.4)
Far Cry 3 (x32 Version: 1.01)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2)
FireJump (x32 Version: 1.0.2.5)
Fotogalerie (x32 Version: 16.4.3505.0912)
FreeCall (x32 Version: 4.13 build 719)
FRITZ!Box USB-Fernanschluss (HKCU Version: 2.3.1.0)
GeForce Experience NvStream Client Components (Version: 1.6.28)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (x32 Version: 31.0.1650.63)
Google Talk (remove only) (x32)
Google Talk Plugin (x32 Version: 4.9.1.16010)
Google Update Helper (x32 Version: 1.3.22.3)
Guild Wars 2 (x32)
HD Tune 2.55 (x32)
HD2 Toolkit version 4.3 (x32 Version: 4.3)
Hdd Speed Test Tool v. 1.0.14 (RC 1) (x32) <==== ATTENTION
Hearthstone (x32)
Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0)
Hotspot Shield 3.09 (x32 Version: 3.09)
ICQ7M (x32 Version: 7.8)
Image to PDF 2009 (x32 Version: 1.3.2)
ImgBurn (x32 Version: 2.5.8.0)
Intel Android Device USB driver (Version: 1.1.5)
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0004) <==== ATTENTION
IPTInstaller (x32 Version: 4.0.8)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java Auto Updater (x32 Version: 2.1.9.5)
Java SE Development Kit 7 Update 7 (64-bit) (Version: 1.7.0.70)
Java-Editor 11.19, 2012.10.28 (x32)
JDownloader 0.9 (x32 Version: 0.9)
JMB36X Raid Configurer (x32 Version: 1.00.0000)
K-Lite Mega Codec Pack 9.3.0 (x32 Version: 9.3.0)
Lagarith lossless video codec (Remove Only)
League of Legends (x32 Version: 1.02.0000)
Live Update 5 (x32 Version: 5.0.109)
Live Update 5 (x32 Version: 5.0.111)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MechWarrior Online (x32 Version: 1.4.1.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mathematics (64-Bit) (Version: 4.0)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Virtual PC 2007 (Version: 6.0.156.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
MiniTool Partition Wizard Home Edition 7.6 (x32)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
Mp3tag v2.56 (x32 Version: v2.56)
MSIHQ USB Bootable Tool and BIOS Helper 1.19R9 2011 (x32)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Mumble 1.2.3 (x32 Version: 1.2.3)
MurGee Auto Mouse Click 1.0 (x32 Version: 1.0)
NAVIGON Fresh 3.4.1 (x32 Version: 3.4.1)
NetLimiter 3 (Version: 3.0.0.11)
No23 Recorder (x32 Version: 2.1.0.3)
Notepad++ (x32 Version: 6.2)
NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01)
NVIDIA 3D Vision Treiber 327.23 (Version: 327.23)
NVIDIA GeForce Experience 1.8 (Version: 1.8)
NVIDIA Grafiktreiber 327.23 (Version: 327.23)
NVIDIA Install Application (Version: 2.1002.142.992)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA Network Service (Version: 1.0)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 10.10.5 (Version: 10.10.5)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723)
NVIDIA Systemsteuerung 327.23 (Version: 327.23)
NVIDIA Update 10.10.5 (Version: 10.10.5)
NVIDIA Update Core (Version: 10.10.5)
NVIDIA Virtual Audio 1.2.12 (Version: 1.2.12)
ooVoo (x32 Version: 3.5.8022)
Open Broadcaster Software (x32)
Oracle VM VirtualBox 4.2.12 (Version: 4.2.12)
Origin (x32 Version: 9.3.7.2735)
Paint.NET v3.5.10 (Version: 3.60.0)
Pando Media Booster (x32 Version: 2.6.0.8)
PCWin Speaker Record for Windows 7 & Vista (HKCU Version: 1.0.0.8)
PerformanceTest v8.0 (Version: 8.0.1008.0)
Phase 5 HTML-Editor (x32 Version: 5.6.2.3)
Photo Gallery (x32 Version: 16.4.3505.0912)
PokerStars.eu (x32)
Preispilot für Firefox (x32 Version: 2.0)
PunkBuster Services (x32 Version: 0.993)
Radeon RAMDisk (x32 Version: 4.0.1.4)
Radio.fx (x32)
Ragnarok Online 2 (x32 Version: 1.0.0)
Ragnarok Online 2 (x32)
RaidCall (x32 Version: 7.1.6-1.0.4610.40)
RAM Clean Tool 1.0.1 (x32)
Razer Synapse 2.0 (x32 Version: 1.6.1)
Realtek Ethernet Controller Driver (x32 Version: 7.72.410.2013)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7004)
SHIELD Streaming (Version: 1.6.75)
Skype Click to Call (x32 Version: 6.13.13771)
Skype™ 6.11 (x32 Version: 6.11.102)
Smite (x32 Version: 0.1.1148.2)
SplitMediaLabs VH Screen Capture Driver (x86) (x32 Version: 3.1.0.7)
Spotify (HKCU Version: 0.8.5.1356.gd1d40f3a)
Spybot - Search & Destroy (x32 Version: 2.2.25)
SSD Tweaker version 3.0.5 (x32 Version: 3.0.5)
StarCraft II (x32)
StartNow Toolbar (x32 Version: 2.5.0)
Steam (x32 Version: 1.0.0.0)
SweetIM for Messenger 3.7 (x32 Version: 3.7.0005) <==== ATTENTION
Team Fortress 2 (x32)
TeamSpeak 3 Client (Version: 3.0.13.1)
TeamViewer 7 (x32 Version: 7.0.17271)
TERA (x32 Version: 1.41)
TortoiseSVN 1.7.10.23359 (64 bit) (Version: 1.7.23359)
Total Recorder 8.4 Standard Edition (x32)
TP-LINK TL-WN8200ND Treiber (x32 Version: 1.3.1)
TP-LINK-Konfigurationstool (x32 Version: 1.3.1)
Tunngle beta (x32)
Tweaking.com - Windows Repair (All in One) (x32 Version: 2.1.0)
TZAC ANTICHEAT 2 (x32 Version: 2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32)
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008) <==== ATTENTION
Updater (x32 Version: 2.6.49)
Uplay (x32 Version: 2.0)
UScreenCapture (x64) - 2.0.15 (Version: 2.0.15)
Usenet.nl (x32)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Virtual Audio Cable 4.9
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
VLC media player 2.0.5 (x32 Version: 2.0.5)
Warframe (x32)
WEBZEN Browser Extension (x32 Version: 1.01.020)
Winamp (x32 Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
World of Warcraft (x32)
Xfire (x32)
Yahoo! Messenger (x32)
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32)

==================== Restore Points =========================

23-12-2013 11:40:46 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-12-11 15:58 - 2012-12-11 15:58 - 00001043 ____A C:\Windows\system32\Drivers\etc\hosts
188.165.234.190 auth3.buddyauth.com
188.165.234.190 auth2.buddyauth.com
188.165.234.190 http://buddyauth.com
127.0.0.1 auth3.buddyauth.com
127.0.0.1 auth2.buddyauth.com
127.0.0.1 Home Page - Buddy Auth Portal

==================== Scheduled Tasks (whitelisted) =============

Task: {078BE2F2-A0E9-432F-8DED-CD93E35EEC9C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2153768106-3862201133-668011741-1000Core => C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-29] (Google Inc.)
Task: {32045CBF-362B-4283-8BE7-A180D5F1B511} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {35F89AEB-F576-4076-96E7-79498C7FC045} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {92BF6A21-2156-4BAC-BA1C-B62EB5AE3CFE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {B0C020EC-EB0D-4B8A-BDC5-BEA6275BC17B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-17] (Google Inc.)
Task: {C93B1309-BD5A-479F-8971-3E5BBABC5227} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-17] (Google Inc.)
Task: {CCFADB47-8292-4845-8480-C280121DA43A} - System32\Tasks\{0AA89072-A806-49BB-AD3E-C0FC666FAADF} => Firefox.exe http://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsMain
Task: {DD1351FF-3F4D-4BBD-9F17-3FC9A8079300} - System32\Tasks\{A7625557-8D78-4E60-A05D-0D594D3BB89D} => C:\Windows\System32\msiexec.exe [2010-11-21] (Microsoft Corporation)
Task: {DD5DB711-8243-45B8-BBC9-A357EAB4C9C0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {E74829C0-3E76-4A3E-9F5E-028072DEACF8} - System32\Tasks\Browser Manager => Sc.exe start Browser Manager
Task: {ED61A39E-E78B-4979-807D-0D1A566280E0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {F43F7976-39E3-4241-88A0-FD2F99F484A0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2153768106-3862201133-668011741-1000UA => C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-29] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2153768106-3862201133-668011741-1000Core.job => C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2153768106-3862201133-668011741-1000UA.job => C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-08 20:10 - 2012-10-08 20:10 - 00088968 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-10-20 14:53 - 2013-10-20 14:53 - 00014848 ____N () C:\Users\Dominik\AppData\Local\Apps\2.0\XV8ZGWPT.T9K\81BWK8R0.A1P\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.WowDb.dll
2013-10-20 14:53 - 2013-10-20 14:53 - 00035840 ____N () C:\Users\Dominik\AppData\Local\Apps\2.0\XV8ZGWPT.T9K\81BWK8R0.A1P\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.Advertising.dll
2013-10-20 14:53 - 2013-10-20 14:53 - 00099840 ____N () C:\Users\Dominik\AppData\Local\Apps\2.0\XV8ZGWPT.T9K\81BWK8R0.A1P\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.CMOD2.dll
2012-10-17 15:04 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-06-21 01:46 - 2013-06-21 01:46 - 00749352 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2013-12-15 22:22 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-15 22:22 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-15 22:22 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-15 22:22 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-15 22:22 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-10-08 18:42 - 2012-10-08 18:42 - 00070536 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-13 15:01 - 2013-11-21 08:14 - 00064000 _____ () C:\Program Files (x86)\Origin\tufao.dll
2013-11-04 18:53 - 2012-12-18 16:31 - 01401856 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\nicLan.dll
2013-11-04 18:53 - 2012-12-18 16:30 - 00194560 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\DC_WFF.dll
2013-12-21 15:21 - 2013-12-21 15:21 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-10 23:34 - 2013-12-10 23:34 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Microsoft Loopbackadapter
Description: Microsoft Loopbackadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: msloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action ", and then click "Enable Device ". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Loopbackadapter #2
Description: Microsoft Loopbackadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: msloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action ", and then click "Enable Device ". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/23/2013 00:13:37 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/22/2013 00:45:38 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/22/2013 01:20:35 AM) (Source: Application Hang) (User: )
Description: Programm WoW-64.exe, Version 5.4.2.17688 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a60

Startzeit: 01cefeab61974aeb

Endzeit: 101

Anwendungspfad: E:\livegame\WoW\World of Warcraft\WoW-64.exe

Berichts-ID: de7d54cc-6a9e-11e3-aebb-001d92ab03c4

Error: (12/21/2013 10:31:15 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/21/2013 02:28:04 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/19/2013 06:09:15 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/19/2013 07:43:59 AM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/18/2013 11:25:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: RogueKillerX64(1).exe, Version: 8.7.13.0, Zeitstempel: 0x52b1b2e3
Name des fehlerhaften Moduls: RogueKillerX64(1).exe, Version: 8.7.13.0, Zeitstempel: 0x52b1b2e3
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000193911
ID des fehlerhaften Prozesses: 0x5ac
Startzeit der fehlerhaften Anwendung: 0xRogueKillerX64(1).exe0
Pfad der fehlerhaften Anwendung: RogueKillerX64(1).exe1
Pfad des fehlerhaften Moduls: RogueKillerX64(1).exe2
Berichtskennung: RogueKillerX64(1).exe3

Error: (12/18/2013 10:14:38 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: NaturalLanguage6.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c88d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000b1c5
ID des fehlerhaften Prozesses: 0x12b8
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (12/18/2013 06:22:07 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (12/23/2013 00:13:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064

Error: (12/23/2013 00:13:34 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (12/23/2013 00:13:32 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (12/22/2013 06:31:41 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/22/2013 00:45:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064

Error: (12/22/2013 00:45:35 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (12/22/2013 00:45:33 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (12/22/2013 02:14:04 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/21/2013 10:31:38 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (12/21/2013 10:31:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064


Microsoft Office Sessions:
=========================
Error: (12/23/2013 00:13:37 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/22/2013 00:45:38 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/22/2013 01:20:35 AM) (Source: Application Hang)(User: )
Description: WoW-64.exe5.4.2.176881a6001cefeab61974aeb101E:\livegame\WoW\World of Warcraft\WoW-64.exede7d54cc-6a9e-11e3-aebb-001d92ab03c4

Error: (12/21/2013 10:31:15 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/21/2013 02:28:04 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/19/2013 06:09:15 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/19/2013 07:43:59 AM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/18/2013 11:25:08 PM) (Source: Application Error)(User: )
Description: RogueKillerX64(1).exe8.7.13.052b1b2e3RogueKillerX64(1).exe8.7.13.052b1b2e34000001500000000001939115ac01cefc3fa3f91650C:\Users\Dominik\Downloads\RogueKillerX64(1).exeC:\Users\Dominik\Downloads\RogueKillerX64(1).exe4009351a-6833-11e3-a731-b4c7d3205416

Error: (12/18/2013 10:14:38 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4NaturalLanguage6.dll6.1.7601.175144ce7c88dc0000005000000000000b1c512b801cefc15d497ee04C:\Windows\Explorer.EXEC:\Windows\System32\NaturalLanguage6.dll665986a2-6829-11e3-a731-b4c7d3205416

Error: (12/18/2013 06:22:07 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


CodeIntegrity Errors:
===================================
Date: 2013-04-05 19:19:01.950
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2013-04-05 19:19:01.927
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2013-04-05 19:17:02.617
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2013-04-05 19:17:02.595
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 37%
Total physical RAM: 8191.14 MB
Available physical RAM: 5121.67 MB
Total Pagefile: 11189.32 MB
Available Pagefile: 7989.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:107.13 GB) (Free:2.49 GB) NTFS
Drive d: (2TB) (Fixed) (Total:1863.01 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:832.91 GB) (Free:45.43 GB) NTFS
Drive f: (Pass Studio 5) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive g: (Volume) (Fixed) (Total:1863.01 GB) (Free:68.3 GB) NTFS
Drive h: () (Fixed) (Total:98.5 GB) (Free:11.5 GB) NTFS
Drive i: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0D0F6D03)
Partition 1: (Active) - (Size=-198626966528) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 107 GB) (Disk ID: 1578D070)
Partition 1: (Not Active) - (Size=107 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: A520A516)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 39BBD6CF)
Partition 1: (Not Active) - (Size=99 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=833 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-12-2013 01
Ran by Dominik at 2013-12-25 03:05:09 Run:1
Running from C:\Users\Dominik\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
MountPoints2: J - J:\HTC_Sync_Manager_PC.exe
MountPoints2: {909ba1a2-513e-11e3-94a2-87ae777be3d2} - K:\HTC_Sync_Manager_PC.exe
MountPoints2: {9d4bac23-005d-11e3-82e3-a7b61ed8e140} - J:\HTC_Sync_Manager_PC.exe
MountPoints2: {d72a68e5-083c-11e3-993b-8238cb844907} - K:\HTC_Sync_Manager_PC.exe
HKLM-x32\...\Run: [] - [x]
AppInit_DLLs-x32: c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll [ ] ()
c:\progra~3\browse~1
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://home.sweetim.com/?crg=3.1010000.10025&barid={1C4BC75B-18DD-11E2-B2D6-001D92AB03C4}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10025&barid={1C4BC75B-18DD-11E2-B2D6-001D92AB03C4}
SearchScopes: HKCU - {0388404D-6072-4CEB-B521-8F090FEAEE57} URL = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code= &partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolba r_version=2.4.0&install_country=DE&install_date=20121018&user_guid=4142821A 63574368BBFEAEF946EF6615&machine_id=6958aa2c483e9694e6d5a820ec4f81f0&browse r=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10025&barid={1C4BC75B-18DD-11E2-B2D6-001D92AB03C4}
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll No File
BHO-x32: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
C:\Program Files (x86)\BabylonToolbar
C:\Program Files (x86)\StartNow Toolbar
Toolbar: HKLM-x32 - StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
CHR Plugin: (PriceGong) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.7_0\plugins/npPriceGong_CH.dll No File
CHR Plugin: (Babylon ToolBar) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_1\BabylonChrom eToolBar.dll No File
CHR Plugin: (SweetIM GC Helper) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\mgHelper GCFB.dll No File
CHR Plugin: (SweetIM GC Helper) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.0.0.1_0\mgHelper GC.dll No File
CHR Plugin: (Application Manager) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S4 Browser Manager; C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [x]
C:\ProgramData\Browser Manager
C:\Users\Dominik\AppData\Roaming\desktop.ini
C:\Users\Dominik\AppData\Local\Temp\avgnt.exe
testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!
Hdd Speed Test Tool v. 1.0.14 (RC 1) (x32) <==== ATTENTION
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0004) <==== ATTENTION
SweetIM for Messenger 3.7 (x32 Version: 3.7.0005) <==== ATTENTION
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008) <==== ATTENTION
Task: {35F89AEB-F576-4076-96E7-79498C7FC045} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {E74829C0-3E76-4A3E-9F5E-028072DEACF8} - System32\Tasks\Browser Manager => Sc.exe start Browser Manager

*****************

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{909ba1a2-513e-11e3-94a2-87ae777be3d2} => Key deleted successfully.
HKCR\CLSID\{909ba1a2-513e-11e3-94a2-87ae777be3d2} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d4bac23-005d-11e3-82e3-a7b61ed8e140} => Key deleted successfully.
HKCR\CLSID\{9d4bac23-005d-11e3-82e3-a7b61ed8e140} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d72a68e5-083c-11e3-993b-8238cb844907} => Key deleted successfully.
HKCR\CLSID\{d72a68e5-083c-11e3-993b-8238cb844907} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
"c:\progra~3\browse~1" => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Restore => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57} => Key deleted successfully.
HKCR\CLSID\{0388404D-6072-4CEB-B521-8F090FEAEE57} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F} => Key deleted successfully.
"C:\Program Files (x86)\BabylonToolbar" => File/Directory not found.

"C:\Program Files (x86)\StartNow Toolbar" directory move:

C:\Program Files (x86)\StartNow Toolbar\genfix.exe => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Reactivate.exe => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\ReactivateFF.exe => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\ToolbarBroker.exe => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\uninstall.dat => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\XBrowser.dll => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\installer.xml => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\toolbar.xml => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\update.xml => Moved successfully.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\chevron_button.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_hover.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_normal.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png" => Scheduled to move on reboot.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_background.png => Moved successfully.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_left.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_middle.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\separator.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\splitter.png" => Scheduled to move on reboot.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png => Moved successfully.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\engine_images.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\engine_maps.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\engine_news.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\engine_videos.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\engine_web.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_amazon.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_ebay.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_facebook.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_games.png" => Scheduled to move on reboot.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_msn.png => Moved successfully.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_shopping.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_travel.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_twitter.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar\Resources\images\startnow_logo.png" => Scheduled to move on reboot.
Could not move "C:\Program Files (x86)\StartNow Toolbar" directory. => Scheduled to move on reboot.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{5911488E-9D1E-40ec-8CBB-06B231CC153F} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{5911488E-9D1E-40ec-8CBB-06B231CC153F} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\livecall => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\msnim => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => Key not found.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.7_0\plugins/npPriceGong_CH.dll not found.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_1\BabylonChrom eToolBar.dll not found.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\mgHelper GCFB.dll not found.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.0.0.1_0\mgHelper GC.dll not found.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn => Key deleted successfully.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj => Key deleted successfully.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
Browser Manager => Service deleted successfully.
"C:\ProgramData\Browser Manager" => File/Directory not found.
C:\Users\Dominik\AppData\Roaming\desktop.ini => Moved successfully.
C:\Users\Dominik\AppData\Local\Temp\avgnt.exe => Moved successfully.

Der Vorgang wurde erfolgreich beendet.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35F89AEB-F576-4076-96E7-79498C7FC045} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35F89AEB-F576-4076-96E7-79498C7FC045} => Key deleted successfully.
C:\Windows\System32\Tasks\Desk 365 RunAsStdUser => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E74829C0-3E76-4A3E-9F5E-028072DEACF8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E74829C0-3E76-4A3E-9F5E-028072DEACF8} => Key deleted successfully.
C:\Windows\System32\Tasks\Browser Manager => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Manager => Key deleted successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2013-12-25 03:08:05)<=

C:\Program Files (x86)\StartNow Toolbar\Resources\skin\chevron_button.png => Is moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_hover.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_normal.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_left.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_middle.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\separator.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\splitter.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\engine_images.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\engine_maps.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\engine_news.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\engine_videos.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\engine_web.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_amazon.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_ebay.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_facebook.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_games.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_shopping.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_travel.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\icon_twitter.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar\Resources\images\startnow_logo.png => Moved successfully.
C:\Program Files (x86)\StartNow Toolbar => Moved successfully.

==== End of Fixlog ====

 

# AdwCleaner v3.016 - Bericht erstellt am 29/12/2013 um 01:57:28
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Dominik - DOMINIK-PC
# Gestartet von : C:\Users\Dominik\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : hshld
[#] Dienst Gelöscht : hsstrayservice
Dienst Gelöscht : hsswd

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\~Browser Manager
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\hotspot shield
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\ProgramData\TubeDimmer
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
Ordner Gelöscht : C:\Program Files (x86)\~BabylonToolbar
Ordner Gelöscht : C:\Program Files (x86)\hotspot shield
Ordner Gelöscht : C:\Program Files (x86)\simplitec
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Ordner Gelöscht : C:\Windows\SysWOW64\hotspot shield
Ordner Gelöscht : C:\Users\Dominik\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Dominik\AppData\Local\Temp\Desk365
Ordner Gelöscht : C:\Users\Dominik\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Dominik\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Dominik\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Dominik\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Dominik\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Dominik\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\Dominik\AppData\LocalLow\facemoods.com
Ordner Gelöscht : C:\Users\Dominik\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\Dominik\AppData\LocalLow\Vuze_Remote
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Complitly
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\StartNow Toolbar
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\Conduit
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\ICQToolbarData
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\CT2504091
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\sr9qlfiw.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\v3l0084k.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\xkx2bl7n.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\v3l0084k.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\xkx2bl7n.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\Extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\Extensions\DTToolbar@toolbarnet.com
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\xkx2bl7n.default\Extensions\ffxtlbr@Facemoods.com
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\Extensions\firejump@firejump.net
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\Extensions\support@predictad.com
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\v3l0084k.default\Extensions\support@predictad.com
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\xkx2bl7n.default\Extensions\support@predictad.com
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\v3l0084k.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Ordner Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\xkx2bl7n.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Ordner Gelöscht : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Datei Gelöscht : C:\Users\Public\Desktop\simplicheck.lnk
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\searchplugins\daemon-search.xml
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\searchplugins\icqplugin.gif
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\searchplugins\icqplugin.src
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\v3l0084k.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\xkx2bl7n.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\nationzoom.xml
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\searchplugins\SweetIm.xml
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\searchplugins\yahoo-zugo.xml
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\user.js
Datei Gelöscht : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\user.js
Datei Gelöscht : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Dominik\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{B64982B1-D112-42B5-B1E4-D3867C4533F8}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [firejump@firejump.net]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\incfcgceegpikennjoplhfghaaikdgei
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\HssIE.HssIEApp
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\HssIE.HssIEApp.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKCU\Software\d6ddd8b73abf12
Schlüssel Gelöscht : HKLM\SOFTWARE\d6ddd8b73abf12
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Zugo
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DynConIE
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\Freeze.com
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKLM\Software\hotspotshield
Schlüssel Gelöscht : HKLM\Software\simplitec
Schlüssel Gelöscht : HKLM\Software\StartNow Toolbar
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v26.0 (en-US)

[ Datei : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ac615xvc.default\prefs.js ]

Zeile gelöscht : user_pref( "CT2504091.AboutPrivacyUrl ", "hxxp://www.conduit.com/privacy/Default.aspx ");
Zeile gelöscht : user_pref( "CT2504091.CTID ", "CT2504091 ");
Zeile gelöscht : user_pref( "CT2504091.CurrentServerDate ", "5-12-2010 ");
Zeile gelöscht : user_pref( "CT2504091.DialogsAlignMode ", "LTR ");
Zeile gelöscht : user_pref( "CT2504091.EMailNotifierPollDate ", "Sun Dec 05 2010 19:24:18 GMT+0100 ");
Zeile gelöscht : user_pref( "CT2504091.FeedLastCount129079840422964131 ", 0);
Zeile gelöscht : user_pref( "CT2504091.FeedPollDate128891351169457132 ", "Sun Dec 05 2010 19:24:16 GMT+0100 ");
Zeile gelöscht : user_pref( "CT2504091.FeedPollDate129079840422964131 ", "Sun Dec 05 2010 19:24:16 GMT+0100 ");
Zeile gelöscht : user_pref( "CT2504091.FeedTTL128891351169457132 ", 40);
Zeile gelöscht : user_pref( "CT2504091.FirstServerDate ", "5-12-2010 ");
Zeile gelöscht : user_pref( "CT2504091.FirstTime ", true);
Zeile gelöscht : user_pref( "CT2504091.FirstTimeFF3 ", true);
Zeile gelöscht : user_pref( "CT2504091.FixPageNotFoundErrors ", true);
Zeile gelöscht : user_pref( "CT2504091.GroupingServerCheckInterval ", 1440);
Zeile gelöscht : user_pref( "CT2504091.GroupingServiceUrl ", "hxxp://grouping.services.conduit.com/ ");
Zeile gelöscht : user_pref( "CT2504091.Initialize ", true);
Zeile gelöscht : user_pref( "CT2504091.InitializeCommonPrefs ", true);
Zeile gelöscht : user_pref( "CT2504091.InstalledDate ", "Sun Dec 05 2010 19:24:16 GMT+0100 ");
Zeile gelöscht : user_pref( "CT2504091.IsGrouping ", false);
Zeile gelöscht : user_pref( "CT2504091.IsMulticommunity ", false);
Zeile gelöscht : user_pref( "CT2504091.IsOpenThankYouPage ", false);
Zeile gelöscht : user_pref( "CT2504091.IsOpenUninstallPage ", false);
Zeile gelöscht : user_pref( "CT2504091.LanguagePackLastCheckTime ", "Sun Dec 05 2010 19:24:18 GMT+0100 ");
Zeile gelöscht : user_pref( "CT2504091.LanguagePackReloadIntervalMM ", 1440);
Zeile gelöscht : user_pref( "CT2504091.LanguagePackServiceUrl ", "hxxp://translation.users.conduit.com/Translation.ashx ");
Zeile gelöscht : user_pref( "CT2504091.LastLogin_2.5.8.6 ", "Sun Dec 05 2010 19:24:16 GMT+0100 ");
Zeile gelöscht : user_pref( "CT2504091.LatestVersion ", "2.6.0.14 ");
Zeile gelöscht : user_pref( "CT2504091.Locale ", "en-us ");
Zeile gelöscht : user_pref( "CT2504091.LoginCache ", 4);
Zeile gelöscht : user_pref( "CT2504091.MCDetectTooltipHeight ", "83 ");
Zeile gelöscht : user_pref( "CT2504091.MCDetectTooltipUrl ", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1 ");
Zeile gelöscht : user_pref( "CT2504091.MCDetectTooltipWidth ", "295 ");
Zeile gelöscht : user_pref( "CT2504091.SHRINK_TOOLBAR ", 1);
Zeile gelöscht : user_pref( "CT2504091.SearchEngine ", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2504091&octid=EB_ORIGINAL_CTID&SearchSource=1 ");
Zeile gelöscht : user_pref( "CT2504091.SearchFromAddressBarIsInit ", true);
Zeile gelöscht : user_pref( "CT2504091.SearchFromAddressBarUrl ", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q= ");
Zeile gelöscht : user_pref( "CT2504091.SearchInNewTabEnabled ", true);
Zeile gelöscht : user_pref( "CT2504091.SearchInNewTabIntervalMM ", 1440);
Zeile gelöscht : user_pref( "CT2504091.SearchInNewTabLastCheckTime ", "Sun Dec 05 2010 19:24:16 GMT+0100 ");
Zeile gelöscht : user_pref( "CT2504091.SearchInNewTabServiceUrl ", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID ");
Zeile gelöscht : user_pref( "CT2504091.SearchInNewTabUsageUrl ", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID ");
Zeile gelöscht : user_pref( "CT2504091.SettingsCheckIntervalMin ", 120);
Zeile gelöscht : user_pref( "CT2504091.SettingsLastCheckTime ", "Sun Dec 05 2010 19:24:14 GMT+0100 ");
Zeile gelöscht : user_pref( "CT2504091.SettingsLastUpdate ", "1289439748 ");
Zeile gelöscht : user_pref( "CT2504091.ThirdPartyComponentsInterval ", 504);
Zeile gelöscht : user_pref( "CT2504091.ThirdPartyComponentsLastCheck ", "Sun Dec 05 2010 19:24:14 GMT+0100 ");
Zeile gelöscht : user_pref( "CT2504091.ThirdPartyComponentsLastUpdate ", "1246790578 ");
Zeile gelöscht : user_pref( "CT2504091.TrusteLinkUrl ", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112 ");
Zeile gelöscht : user_pref( "CT2504091.UserID ", "UN44884401321925889 ");
Zeile gelöscht : user_pref( "CT2504091.alertChannelId ", "897164 ");
Zeile gelöscht : user_pref( "CT2504091.clientLogIsEnabled ", false);
Zeile gelöscht : user_pref( "CT2504091.clientLogServiceUrl ", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent ");
Zeile gelöscht : user_pref( "CT2504091.myStuffEnabled ", true);
Zeile gelöscht : user_pref( "CT2504091.myStuffPublihserMinWidth ", 400);
Zeile gelöscht : user_pref( "CT2504091.myStuffSearchUrl ", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID ");
Zeile gelöscht : user_pref( "CT2504091.myStuffServiceIntervalMM ", 1440);
Zeile gelöscht : user_pref( "CT2504091.myStuffServiceUrl ", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT ");
Zeile gelöscht : user_pref( "CT2504091.uninstallLogServiceUrl ", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation ");
Zeile gelöscht : user_pref( "CommunityToolbar.SearchFromAddressBarSavedUrl ", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.2&q= ");
Zeile gelöscht : user_pref( "CommunityToolbar.ToolbarsList ", "CT2504091 ");
Zeile gelöscht : user_pref( "CommunityToolbar.ToolbarsList2 ", "CT2504091 ");
Zeile gelöscht : user_pref( "CommunityToolbar.alert.alertInfoInterval ", 60);
Zeile gelöscht : user_pref( "CommunityToolbar.alert.alertInfoLastCheckTime ", "Sun Dec 05 2010 19:24:16 GMT+0100 ");
Zeile gelöscht : user_pref( "CommunityToolbar.alert.clientsServerUrl ", "hxxp://alert.client.conduit.com ");
Zeile gelöscht : user_pref( "CommunityToolbar.alert.locale ", "en ");
Zeile gelöscht : user_pref( "CommunityToolbar.alert.loginIntervalMin ", 1440);
Zeile gelöscht : user_pref( "CommunityToolbar.alert.loginLastCheckTime ", "Sun Dec 05 2010 19:24:14 GMT+0100 ");
Zeile gelöscht : user_pref( "CommunityToolbar.alert.loginLastUpdateTime ", "1291052234 ");
Zeile gelöscht : user_pref( "CommunityToolbar.alert.messageShowTimeSec ", 20);
Zeile gelöscht : user_pref( "CommunityToolbar.alert.servicesServerUrl ", "hxxp://alert.services.conduit.com ");
Zeile gelöscht : user_pref( "CommunityToolbar.alert.showTrayIcon ", false);
Zeile gelöscht : user_pref( "CommunityToolbar.alert.userCloseIntervalMin ", 300);
Zeile gelöscht : user_pref( "CommunityToolbar.alert.userId ", "{a9016e54-cc0a-4581-8aa2-6fea166a10d6} ");
Zeile gelöscht : user_pref( "icqtoolbar.allowSendURL ", false);
Zeile gelöscht : user_pref( "icqtoolbar.engineVerified ", false);
Zeile gelöscht : user_pref( "icqtoolbar.geolastmodified ", 1291573454);
Zeile gelöscht : user_pref( "icqtoolbar.hiddenElements ", "itb_options ");
Zeile gelöscht : user_pref( "icqtoolbar.history ", "lineage2||Michelle%20Hasell||Michelle%20Hasell%20%20%20from%20UK||%20%20%20Michelle%20Hasell%20%20%20from%20UK||Michelle%20Hasell%20%20||Michelle%20Hazell||%20%20%20Mi[...]
Zeile gelöscht : user_pref( "icqtoolbar.icqgeo ", 49);
Zeile gelöscht : user_pref( "icqtoolbar.installTime ", "1291573563 ");
Zeile gelöscht : user_pref( "icqtoolbar.installsource ", "1 ");
Zeile gelöscht : user_pref( "icqtoolbar.newtab_state ", "1 ");
Zeile gelöscht : user_pref( "icqtoolbar.numberOfSearches ", 0);
Zeile gelöscht : user_pref( "icqtoolbar.previousFFVersion ", "3.6.12 ");
Zeile gelöscht : user_pref( "icqtoolbar.skip_default_search ", "no ");
Zeile gelöscht : user_pref( "icqtoolbar.suggestions ", false);
Zeile gelöscht : user_pref( "icqtoolbar.uniqueID ", "122523090012252309001225298228905 ");
Zeile gelöscht : user_pref( "icqtoolbar.usageStatstTimestamp ", 1291573457);
Zeile gelöscht : user_pref( "icqtoolbar.version ", "2.0.0.6 ");
Zeile gelöscht : user_pref( "icqtoolbar.xmlEnableSuggestions ", false);
Zeile gelöscht : user_pref( "icqtoolbar.xmlLanguage ", "de ");
Zeile gelöscht : user_pref( "keyword.URL ", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.6&q= ");

[ Datei : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\i6xxo072.default\prefs.js ]


[ Datei : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\prefs.js ]

Zeile gelöscht : user_pref( "browser.newtab.url ", "hxxp://www.nationzoom.com/newtab/?type=nt&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW ");
Zeile gelöscht : user_pref( "browser.search.defaultenginename ", "nationzoom ");
Zeile gelöscht : user_pref( "browser.search.selectedEngine ", "nationzoom ");
Zeile gelöscht : user_pref( "browser.startup.homepage ", "hxxp://www.nationzoom.com/?type=hp&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.admin ", false);
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.aflt ", "babsst ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.appId ", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB} ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.dfltLng ", "en ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.excTlbr ", false);
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.id ", "f03136cc00000000000002004c4f4f50 ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.instlDay ", "14643 ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.instlRef ", "sst ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.prdct ", "BabylonToolbar ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.prtnrId ", "babylon ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.tlbrId ", "base ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.tlbrSrchUrl ", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=f03136cc00000000000002004c4f4f50&q= ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.vrsn ", "1.8.3.8 ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar.vrsni ", "1.8.3.8 ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar_i.smplGrp ", "none ");
Zeile gelöscht : user_pref( "extensions.BabylonToolbar_i.vrsnTs ", "1.8.3.812:36:56 ");
Zeile gelöscht : user_pref( "extensions.dynconff.cache.www.nationzoom.com.content ", "<package expire=\ "3600\" es=\ "914\" pcdids=\ "_1500_1520_1146_1169_1348_1482_1493_1521_1717\ ">\r\n <content id=\ "us810_commonScript\ "[...]
Zeile gelöscht : user_pref( "extensions.dynconff.cache.www.nationzoom.com.expires ", "1388277415173 ");

[ Datei : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\n33ouegl.default\prefs.js ]


[ Datei : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\sr9qlfiw.default\prefs.js ]


[ Datei : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\v3l0084k.default\prefs.js ]

Zeile gelöscht : user_pref( "browser.startup.homepage ", "hxxp://start.icq.com/ ");
Zeile gelöscht : user_pref( "icqtoolbar.installsource ", "1 ");

[ Datei : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\xkx2bl7n.default\prefs.js ]

Zeile gelöscht : user_pref( "browser.startup.homepage ", "hxxp://start.icq.com/ ");
Zeile gelöscht : user_pref( "icqtoolbar.installsource ", "1 ");

[ Datei : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\yosy4qum.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : search_url
Gelöscht : keyword
Gelöscht : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [38611 octets] - [28/12/2013 18:57:57]
AdwCleaner[R1].txt - [38672 octets] - [29/12/2013 00:37:34]
AdwCleaner[S0].txt - [35695 octets] - [29/12/2013 01:57:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [35756 octets] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Dominik on 29.12.2013 at 2:18:54,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{37211D63-CCE9-4780-B182-96538CFC6FED}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8B9C4F32-044E-491C-893E-362CB8A679D5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CF2BF214-9D1E-4803-9AEB-38552615FD40}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2153768106-3862201133-668011741-1000\Software\sweetim



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\software informer "
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin "
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0007B15A-D84D-4D6D-B325-9C87CFF9F801}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{008E0FDC-77DF-46F3-A585-72270F5D81E1}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{00F89692-686C-4BD9-B5FA-699AC8D7DDEB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{01F5CEFA-F9E7-44D4-B94B-F2704737975D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{02443563-D92F-441E-8168-870DAAE506D0}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{025525EE-852D-4857-9224-D18F313344CB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{038EC0DD-06D8-48C7-AC7F-72517A4B9325}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0429526E-C04D-4897-8F1F-56754C042F26}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0653E875-77D0-470F-8F06-A16D21EE1D7C}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{06BF1A89-61DD-414F-A798-73B5F5B07B9A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{06FB5E1B-343E-4FBC-9C77-6A17CD067B18}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{097D647E-6F26-46B4-B1CD-E0F6A76E81EA}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0988C985-8B80-43AB-9E00-AFCE45E9BF51}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0B0A01D7-1248-4AFA-BED5-3A5C76360E2A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0C065AD8-C260-43C5-ADBA-344A2BBE9B90}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0C4CC7A5-A19C-4B2C-A5B7-AF1490DE489B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0C84C218-D5D8-4903-8DAB-5CC8A22D3312}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0E50CEA6-8F97-4F8D-B7BE-B9227E1427CE}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0EDDBA79-7518-4FE0-8418-852364433977}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0F18720E-773B-4988-B1A9-DD97521435EB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0F46641F-1A1B-4ED5-8CD2-5B09E94BB99A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{10D05F2F-981F-4156-AE63-2C4D269EB963}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{10E77EE2-BE70-4001-86F4-B5EF524FA780}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{119DCF9E-80DF-4967-9A2A-1939FB6AB7B4}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1267354D-D971-4C39-BB87-56A1CDDC0774}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{147AAF50-7C66-47CB-9290-6105B8C432A2}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{148F45DD-8600-4C9A-8945-E4FE55A119AC}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{14A0C8FE-F18F-4480-95EC-08167E4ED523}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{15F1FF77-B32D-4747-851D-B766ECC5DE74}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{164E26F8-B0B0-4200-B8B5-A262A24D0215}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{16C201FA-9EC4-4AF5-A792-71C4644C858B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{174CCC91-0AE0-464A-92D0-B50ECA0772D9}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{17B4A6E8-1B74-4D38-B39E-26FD5D3A3F20}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{182EBC4B-0693-4C57-95D2-6437880613E5}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{196EF3A4-71E3-4C91-9270-041C20ED0332}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1A171AFC-8321-4B6D-9E70-4C4689CD74C3}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1A2ADEA3-0E34-4029-A3F9-3480A1BF53AC}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1A2FE945-575A-4E40-B9AA-1B55E9457EC3}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1A405955-8A91-46CC-BFEF-BB29DE8271F7}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1BF29DC2-40E2-405D-A086-C6CD892D8CD9}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1CCD4B18-759C-40BA-8DFA-E114B3E6DF3D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1E42C0B4-071F-4A64-BDE1-83237CEF9DE5}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1EDCCB28-C820-4374-8E75-3734ADC4E271}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1F1772CE-2439-4EC5-AD2B-9C4189130ADD}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1F4550FE-E821-413C-A5E8-A1349D8C09E0}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1FE174C0-1BF2-4FC3-98B6-AF8F9CEEFB2C}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{20BC82C7-B5C4-49F1-8F39-45EBA55497A3}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{20F81EC1-A836-4C49-839F-BD4625645BEB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2103B3AB-D089-40AF-AE3B-160E2E5D3937}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2169FF23-FA21-49A4-A40D-50E63F64A9B7}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2356D191-EC46-4D5E-8F4C-F2FF7788A96A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{24C44688-F0AF-4C0E-A8CA-DF640665D516}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2566E729-9F38-408C-A0FC-A6F472D8D273}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{266FE283-8266-4F95-B33A-EFC039ED29BB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{27DFD31A-BD4A-4CE2-A01D-EB905FC13CB4}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{28600B6C-D3ED-44A7-A169-F1E752478D7B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{29098B9C-9557-4233-BC1C-5CD86534A773}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{290B3033-EA38-44DC-85C5-0F569FBED9D2}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{29150DB4-6790-44F8-84E0-E720FFC9E344}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{29AE0BDA-B934-4162-8F1C-041FA888796E}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2AED01FC-1E4F-4138-A665-C01A5D33EC1B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2DA9CC6E-4BBB-4954-90BA-59726267FBD8}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2E655905-9CB7-4DE2-91BA-229B43AAEE9E}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2ED52343-917B-41BC-A9FE-F29C30C5B4A2}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2EDAF051-34DC-4A8A-8E4D-FB2A42B697E9}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2F48AD85-ECA5-49C9-9F55-10E6269A13C6}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2F64ACEE-1097-4AAB-9109-61190BEC4C46}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2F77F2FB-D53C-4E6B-A55A-E2B7B4AADFFB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{2FA73C0B-AD28-4707-BC99-CA6AAEC4E434}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{327C3762-C6D0-43DF-B0F1-D65BE6CD4122}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{329E94AD-6F06-4A95-965F-5CABEF94E943}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{34FD5A1F-6725-4A20-A7D3-ECC7E3AE817B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{3615F200-2E33-4865-82EE-B11FF8CE2E17}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{387947DE-46D0-4DAC-BC7D-4EEB86802DD0}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{39466CC9-720F-46A9-BDC7-79784C7D00BF}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{3DED2B0F-C13A-4C91-8EA7-97C2E7BFD3AC}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{3E0ED6CD-D7D7-411A-9244-964A5F564A91}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{3EB4D239-3C51-4867-AEFA-4EA3650C319D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{3F05028A-7AE1-45E4-9165-8C2CF1A30FCF}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{3F70D811-6C97-4A30-8C65-FAB492257FC1}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{41B3D823-E821-417C-A5C3-43FE9A5C86EB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{420126F6-2861-4C69-A9D9-E1B6C74108DB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{42692AE2-9922-4F19-B541-47CE5A3BE863}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{42A8426B-DA53-4D35-84D9-A7385EF359AB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{43599EBF-6971-48CE-8451-26A439366F39}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{45062398-DE1D-4FBD-9224-9A844BEBF3A2}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{455C94BE-169B-476E-A5DF-4566C7870F26}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{457B4C3F-23F5-4113-BB0C-7B1D9600744A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{45A75531-11D8-47F7-B51A-601CAF8651E7}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{46961A05-D841-4AA3-A0C4-DB768E819009}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{4700A540-1850-480E-B9EF-4D7A7947F0E3}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{48D70A7A-3C41-4943-BD25-6EC8C566141B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{495B5C4D-1F5E-4F04-A6F6-40081BFB7AA1}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{4A67FC99-17FD-4D92-8FED-0490968EF490}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{4B5CD05C-6E44-4C9C-90EC-2EB7CA1DFC60}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{4C327354-4D94-4254-A1B3-4EC6DD606347}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{4D20C141-00B6-47CC-9C88-9F5E24D9A1D0}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{4EFD16E4-FCB5-4DC3-8B42-293B61F909F6}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{4F17711A-1AA7-410B-A7F3-122ADC5FC08B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{4F888D1F-6799-4696-92B9-05FB6C3E746C}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{50E5CA4E-AAF3-467A-A6EC-049670E81757}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{5139290F-00D4-4E5D-AE79-F415BD656E85}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{548D8F0A-E3A2-4D5A-9A58-107CB52EFC77}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{549463D5-D0E5-456C-843A-515CA400852E}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{55D401E5-DAB0-442C-A7B7-658F5C71BCAE}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{590E469E-17CD-471C-96A6-FBAB3663827D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{5972010B-BEAC-412F-8080-47862D789CE3}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{59867A8B-1738-4C5D-B327-5F81021FA88D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{59D68815-4C1C-4A15-87A3-08B2B54A4071}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{5ADAF1D5-87B2-4BAA-AB49-6BAF2C18DB87}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{5F1FA08D-664C-4353-BA4D-2652C1B2382D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{601FE4E9-0A54-494D-BC3C-DD808729AABD}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{667F773A-D7EB-4180-B2DB-8FF4AB55823D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{668D39A3-D951-4D02-AFFB-D084163D6637}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{670B9E2A-5AAE-4773-8288-B278EFB7879C}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{67A2363B-A094-4796-8313-C5E7EBF26A0B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{6951F34D-DA2A-4159-AE73-F39E5BF9B2C5}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{6BBE15DB-4AD0-42A2-A3C5-C4534CA4754A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{6CC35A8C-B1D9-421E-811F-8B85AFE94A7A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{6E590577-3CF7-44C5-8939-A3A6D6996CCF}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{6F9775FC-4328-4499-BD5A-9B765DFEE28A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{6FAA3681-236D-4E6E-886D-5CFFB96DC8A6}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{717643E7-A947-48B9-8944-A99069FC2C7D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{71B1F581-F0D7-4D2C-9C6D-A562D7E34839}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{73A0D04B-3410-4257-97EE-1C6BD0384821}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{752E532F-8927-4BE2-A0C5-75582B73198F}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{7546B7BF-5474-4272-A020-5F37CDB5F7EB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{75ADCC91-34B6-4468-8883-215F3505D1B4}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{75FE967D-55F6-4D29-857E-E398A904B699}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{760FBA75-9016-4B19-AC9A-4F84C1A43B18}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{7678F457-4D5E-4EE9-8237-C09D27D6BFFD}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{78FBA4E3-D0FF-4A78-A67A-8CC4992520B8}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{7961AF71-3222-4DF0-AA82-683757D886B2}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{82FDCD2A-979E-4333-98D4-54249790D7D4}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{8478DA93-B46F-4F62-92E1-C55089F5BDD0}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{84794464-E046-433B-8EC8-1DC52DD72132}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{84DF8BEB-E4E8-4F10-954F-3C091F6AFE4B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{86897B67-3D0E-4F86-BAFA-2A086BB7D6C2}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{878EE15B-55CC-4EF3-8990-27BEB9DAF17B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{88693BD0-52CA-4092-8DE8-D9AB1B278D15}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{888244B4-5F5B-4B44-AD2F-68F9A56A73F7}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{89B4DF88-4D2A-4925-A219-618AEC7D6BD5}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{8A97282E-6EB4-4FF4-807D-80FE86E865F2}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{8ABF73C7-C053-44E8-BBEA-527147771C49}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{8AC5E44E-2E16-4B0D-9BD0-4C9ECCD16CA2}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{8B3C9915-95CE-45A7-9018-AE24EA1FB35B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{8BED4B1F-AFD9-4B84-A826-1A20533897EF}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{8E14A4AA-B30E-4B14-A43F-D2229FFDE844}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{92376447-7294-47E6-913D-3D4F56A66EEF}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{9298705A-5066-47EB-8DBE-CC2116ED092A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{93E6808D-0CF3-4032-8719-787037E52DA4}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{9563FECA-7A1D-46E9-AF4C-408802A22FBB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{9657BD5F-0BEC-4222-9E50-7289A8795444}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{96A87B9C-D42F-4101-9C93-875F6CB5C45A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{9B01FA10-DE59-43A1-9CF0-E434A0AC4B2B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{9B49D192-C8CA-42E7-943E-A011E3D28990}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{9C608F69-E085-4AE8-8782-79B32F19C284}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{9CB3187C-1964-4C05-BF14-99FB095DDC2D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{9D98D31E-A759-43F2-8B41-95541E9EB02E}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{9D9E4135-5495-42D5-90FB-04A13F8138AA}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{9DCEB14E-B9C8-4F55-B4DB-EA96B4197E6B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{A0A6A249-2EC5-4DB4-AD74-98359CEE9682}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{A19D548C-9951-47BE-8A17-952C2F1D2EB8}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{A4BB13C7-3CC2-400F-83BF-6DF98A8738D1}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{A4FDE651-3B08-4E10-98CA-08374A45055C}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{A5A9F36A-9E5E-4ACB-B1BC-88CA6F24AEA8}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{A6E944C8-2A3D-4CD4-95F2-C5025B62835B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{A838972B-D41C-4174-B419-390CF8F67AF3}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{A86DB35B-D111-4652-B6EE-4F354715CDAC}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{A8A44C85-56BD-4B2C-BC59-2E7B4214DDBD}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{A8CEE864-49A0-4F44-8590-BD5979B880C1}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{A9E12F99-CB7A-4786-B9E7-03F31EDC2ED9}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{AA30F0C1-E199-4219-BA36-DB322FF7037F}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{ABF5DF7E-945D-411B-902B-EBD551430674}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{AC4DAC09-49AA-4E6F-9B46-6EF693D80C20}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{AC9D94AC-0DA3-4341-9873-921F7117AF83}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{AD5ADE07-5BA1-4D53-9626-85DE6F38AA24}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{AEA401C3-11CD-4141-A2C7-7331EEB1606E}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B0E20D65-DCE1-43CD-8B65-B79C336737B1}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B146B962-0270-4D76-9794-35EA45C1DC87}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B18BE134-D943-415F-9094-1C12505BF1B3}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B2BF05C9-F3B4-4253-B754-ED7D3308BB37}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B35155E2-260B-40AB-8B00-9E01BC2C1ECB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B38ED5A8-D190-44C1-8021-39697763E883}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B3BCAE86-98F9-422A-9CEC-08A6A9B569DF}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B477F673-86E1-4F6C-B994-9321C554E827}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B4FB8153-0C79-46C7-9990-2FC5FA369413}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B519533A-8273-4EA4-8D6A-7A4E18DBBFAD}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B5D52DAB-C79F-477B-808B-65A541A724BB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B63EA68B-3C69-4822-A085-D295FF7F0095}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B6E360DB-DC70-4AC2-A576-8B5545C5B794}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B6F9F4BA-6C15-4E8C-A842-4261763687F6}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B8B0ADAC-B632-4AA2-B635-CFD86EEFAEFC}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B9B2801B-A5B9-4CA5-9527-85561D41F14D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{BBF385DF-63D8-4FA5-BB23-57E7CC24A0CE}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{BCA66B9C-530C-4965-B8B8-29E1F7B3B9BE}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{BE537EA1-1117-4D5B-8D41-52422FB8BB15}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{BEBCEF5D-F95B-4508-9DC2-6142F89161E1}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{BFC78C96-C270-4230-9027-4BF7630DFF6C}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{C053B9A4-2A77-4409-887D-DCF7E57D8EBE}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{C05A665E-1A3A-4987-9397-8ADBA118F1C5}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{C05AF4F5-994D-41B9-AE88-476853D1BE5D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{C34D7724-0616-4605-9565-8FB0F1DDB22E}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{C4286046-256A-4BB2-AF85-18DF208EBF2D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{C5BCC00A-50AA-44F4-A967-69C9636DBFAB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{C67AF5E8-EC47-4417-B5E4-3AB5F0F145FD}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{C71E02FD-9A31-4CD9-A844-0B8EE87FA156}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{C765696B-C6D7-4975-9D29-3385BCD840AF}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{C8EF2268-6118-49D3-9265-AADDC0B5360A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{C91C587B-9378-4AB3-9993-A08D3DD8CA5A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{CA4D8104-239A-4700-8BA3-711447A1936F}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{CB88D59A-0BA8-421D-9E7F-E3976AD48951}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{CB8FEACC-AF0F-4DA7-B226-D79529615204}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{CD2CC5B1-9268-4637-B077-75F9F017FED7}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{CE3122D4-A2DA-4090-B4D3-20605B03B2E9}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{CE3D91E6-9AD1-4F15-841E-01D14821F3AC}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{CF103A48-3284-40AC-9B8A-A9C66B4AA767}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{D0B46F0B-5946-427F-8D99-72020D1BDB70}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{D0D6D501-5973-43BD-958A-4CE03209310D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{D160DC93-BCA3-44DA-BEF6-C3316088DF45}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{D276B6DA-935D-4D8C-AF50-11AD7181DF18}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{D490848E-7B66-4FE3-BF65-1C15D81623FA}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{D7EB76BB-B8A5-48FE-B916-D5F1828EB20F}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{D8B6DB3E-B81E-4364-9D06-F808D556EF9D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{DAB0F451-C0A9-49B5-8D73-2164F8B9747E}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{DB997D6A-CF99-4629-B873-551EDA0B31A5}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{DD6FC104-320A-4ADD-8392-0E9649CFD4A2}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{DFD3CC2C-BB2A-4043-B940-10F65F4E9628}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E165984A-229D-4A20-B7A1-1551B7D9F0F3}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E1BA4529-BEFC-4D69-8A72-6599FFA55BA3}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E1C3C838-EB1A-4A1B-AF47-D6086CE90E99}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E22E3EDC-DBAB-49B3-8146-CE2F864CA8D6}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E26F36F3-CFD5-4A46-8DBE-5803EC6EF212}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E5602F68-0DD0-4B5E-9944-AD5935624540}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E6553B2E-B9D1-48DA-93A6-FAF3D8013C28}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E7412927-19DC-435A-B051-DB27D37BEDC7}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E81AFD57-45AA-45AE-861C-CA42F91B39D2}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E8242CB3-FA70-46D6-B1C9-2020BC7BCBFD}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E8B953AE-111D-4603-BEF1-53C786602B78}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E9137704-D76F-4D4F-B20A-69674460F0D9}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{EBAA9506-D1A6-472D-B20D-C6266C66C77C}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{EDDD6D9A-C5D2-47FC-8829-2DD129C08F79}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{EDE70F4C-BAF6-4906-A3AD-1FB62B1142E8}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{EDF5DF28-D74E-4A1E-81CD-6285ED0176B7}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{EEF05D38-BD0B-4DEB-84CA-76F4ACC7889E}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{EF8EFC64-D903-4A2D-B550-A546617C617A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{F4E0C44E-5E83-49F0-B58B-DD8C1CC2BAF3}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{F630A39E-8119-455A-A966-54662F951511}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{F6844CA6-AC49-44B8-86F6-B06218BB9FC8}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{F6C2BBCB-610E-44EF-AA14-CB9FF405609A}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{F6D968E5-3B23-4E7C-9B48-87C01A8DE608}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{FA02CF25-5C2B-4E4C-B31E-4069CCEF53C4}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{FA952FE7-5149-4E69-8405-23BD7B93B5D8}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{FAEB87FE-A20A-47A8-BD67-2BFA88AB467F}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{FBA7A851-DAA3-4876-ACBB-B73BC113F287}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{FD139B69-D018-4D22-9D41-C32B256AD2E0}



~~~ FireFox

Emptied folder: C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\mse5cg91.default-1349613738826\minidumps [318 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.12.2013 at 2:30:59,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

OTL logfile created on: 02.01.2014 08:54:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dominik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

8,00 Gb Total Physical Memory | 3,67 Gb Available Physical Memory | 45,92% Memory free
10,93 Gb Paging File | 5,89 Gb Available in Paging File | 53,86% Paging File free
Paging file location(s): d:\pagefile.sys 1000 1000e:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 107,13 Gb Total Space | 4,53 Gb Free Space | 4,23% Space Free | Partition Type: NTFS
Drive D: | 1863,01 Gb Total Space | 0,16 Gb Free Space | 0,01% Space Free | Partition Type: NTFS
Drive E: | 832,91 Gb Total Space | 42,54 Gb Free Space | 5,11% Space Free | Partition Type: NTFS
Drive F: | 11,64 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1863,01 Gb Total Space | 45,72 Gb Free Space | 2,45% Space Free | Partition Type: NTFS
Drive H: | 98,50 Gb Total Space | 11,51 Gb Free Space | 11,68% Space Free | Partition Type: NTFS
Drive I: | 100,00 Mb Total Space | 74,37 Mb Free Space | 74,37% Space Free | Partition Type: NTFS

Computer Name: DOMINIK-PC | User Name: Dominik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.01.02 08:53:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominik\Downloads\OTL.exe
PRC - [2013.12.24 00:10:17 | 023,505,400 | ---- | M] (ArenaNet) -- C:\Users\Dominik\Desktop\Guild Wars 2\Gw2.exe
PRC - [2013.12.21 15:21:14 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.12.18 18:29:15 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.12.18 18:28:17 | 000,684,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.12.10 23:34:24 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2013.11.29 17:57:02 | 002,273,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013.11.29 17:56:51 | 001,370,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013.11.26 20:32:48 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.11.21 08:14:35 | 003,551,576 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2013.11.20 10:07:44 | 001,985,520 | ---- | M] (Micro-Star International) -- C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
PRC - [2013.10.18 02:35:01 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.10.15 12:27:38 | 003,921,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013.10.13 15:19:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.10.09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.09.20 10:57:26 | 001,042,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013.09.13 10:38:30 | 000,171,416 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013.09.12 00:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.07.25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013.07.17 15:02:48 | 000,384,840 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2013.06.03 12:06:20 | 003,999,512 | ---- | M] () -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
PRC - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.12 06:32:58 | 000,506,744 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2013.02.22 12:32:59 | 002,849,120 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2013.01.07 17:00:48 | 000,847,872 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
PRC - [2012.12.07 17:27:50 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.10.19 15:09:48 | 000,336,304 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2012.10.18 05:34:34 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\JDownloader\jre\bin\javaw.exe
PRC - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2010.11.21 04:25:10 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2008.11.09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2014.01.02 08:07:20 | 023,454,720 | ---- | M] () -- C:\Users\Dominik\AppData\Local\Temp\gw2cache-{BEF3A5BD-9BF3-167D-BEA5-F3BEF39B7D16}\awesomium.dll
MOD - [2013.12.21 15:21:14 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.12.10 23:34:24 | 016,242,056 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013.11.21 08:14:36 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\Origin\tufao.dll
MOD - [2013.10.13 15:48:11 | 002,659,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
MOD - [2013.10.13 15:48:10 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\10ef07233e429503b5bc942aa6194fe8\System.Runtime.DurableInstancing.ni.dll
MOD - [2013.10.13 15:48:09 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f58dc6b661c4fb91c68945da9b701135\System.Xml.Linq.ni.dll
MOD - [2013.10.10 20:33:26 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll
MOD - [2013.10.10 20:33:14 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll
MOD - [2013.10.10 20:33:10 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll
MOD - [2013.10.10 20:33:08 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
MOD - [2013.10.10 20:33:05 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll
MOD - [2013.10.10 20:33:04 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2013.08.18 07:42:49 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\6c422db78c17838c3eb9f9fcc01ca63f\System.Management.ni.dll
MOD - [2013.08.18 07:40:50 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\af7d7a2e47e0ac57b4f0fe5e0c1cda9a\SMDiagnostics.ni.dll
MOD - [2013.08.18 07:40:18 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013.08.16 19:46:14 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013.08.16 19:46:12 | 000,309,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9d160913e64d7732a8c725fc7f2d818b\PresentationFramework.Classic.ni.dll
MOD - [2013.08.16 19:46:08 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013.08.16 19:46:03 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013.07.11 21:01:19 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013.05.16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013.05.16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2013.01.07 17:00:48 | 000,847,872 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
MOD - [2012.12.18 16:31:08 | 001,401,856 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\nicLan.dll
MOD - [2012.12.18 16:30:44 | 000,194,560 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\DC_WFF.dll
MOD - [2012.10.08 18:42:58 | 000,070,536 | ---- | M] () -- C:\Programme\TortoiseSVN\bin\libsasl32.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013.11.26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013.12.21 15:21:14 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.18 18:29:15 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.12.10 23:34:25 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.11.29 17:56:51 | 001,370,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013.11.29 17:56:40 | 015,128,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013.11.26 20:32:48 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.10.30 20:25:56 | 000,566,696 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.10.13 15:19:01 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.10.09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.09.12 00:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.09.05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.07.17 15:02:48 | 000,384,840 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013.07.17 15:02:32 | 000,393,032 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2013.06.03 12:06:20 | 003,999,512 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe -- (Radio.fx)
SRV - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.02.22 12:32:59 | 002,849,120 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.12.07 17:27:50 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.10.26 11:07:10 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- E:\livegame\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012.10.02 21:19:04 | 000,743,320 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.03.21 15:19:16 | 001,845,248 | ---- | M] (Locktime Software) [Auto | Running] -- C:\Programme\NetLimiter 3\nlsvc.exe -- (nlsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.11.09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.12.18 18:29:21 | 000,131,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.12.18 18:29:21 | 000,108,440 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.11.26 20:33:40 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.10.30 18:03:12 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.06.21 02:07:16 | 000,046,792 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2013.06.19 02:00:16 | 000,294,232 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Treiber\VMM.sys -- (vmm)
DRV:64bit: - [2013.05.06 20:58:44 | 000,116,480 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmaura.sys -- (avmaura)
DRV:64bit: - [2013.04.24 20:28:08 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013.04.10 10:09:24 | 000,849,992 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.02.12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012.12.07 17:27:50 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2012.11.30 11:07:10 | 000,124,176 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TotRec8.sys -- (TotRec8)
DRV:64bit: - [2012.10.25 03:18:36 | 000,025,600 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzdaendpt.sys -- (rzdaendpt)
DRV:64bit: - [2012.10.25 03:18:32 | 000,023,040 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzvkeyboard.sys -- (rzvkeyboard)
DRV:64bit: - [2012.10.25 03:18:26 | 000,113,664 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2012.10.10 17:30:40 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2012.10.10 11:25:32 | 000,073,040 | ---- | M] (Dataram, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RAMDiskVE.sys -- (RAMDiskVE)
DRV:64bit: - [2012.09.28 17:45:02 | 000,990,864 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtwlanu.sys -- (RTL8192cu)
DRV:64bit: - [2012.08.20 14:48:50 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012.08.20 14:48:48 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012.05.25 11:25:56 | 000,104,120 | ---- | M] (e2eSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VCam_WDM.sys -- (VCam_WDM)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2011.05.13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.03.21 15:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisPT)
DRV:64bit: - [2011.03.21 15:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisMP)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.08.12 18:26:00 | 001,310,720 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CM10864.sys -- (USBPNPA)
DRV:64bit: - [2010.04.16 01:54:08 | 000,994,816 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ucgnmx.sys -- (ucgnm)
DRV:64bit: - [2010.03.23 15:37:34 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\danew.sys -- (danewFltr)
DRV:64bit: - [2009.12.21 20:50:00 | 000,007,552 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vHidDev.sys -- (vhidmini)
DRV:64bit: - [2009.11.02 11:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.11.02 11:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (androidusb)
DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:10 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\loop.sys -- (msloop)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.07.31 10:21:48 | 000,093,784 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2007.01.29 05:20:34 | 000,079,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2013.07.17 15:02:42 | 000,070,984 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2012.08.07 17:24:08 | 000,171,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\Dominik\AppData\Roaming\TZAC2\tizeq64.sys -- (tizeqdrv)
DRV - [2011.03.21 15:44:28 | 000,088,200 | ---- | M] (Locktime Software) [Kernel | System | Running] -- C:\Programme\NetLimiter 3\nltdi.sys -- (nltdi)
DRV - [2010.10.22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2153768106-3862201133-668011741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2153768106-3862201133-668011741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2153768106-3862201133-668011741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/
IE - HKU\S-1-5-21-2153768106-3862201133-668011741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2153768106-3862201133-668011741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 11 C0 8D AD 21 F4 CE 01 [binary data]
IE - HKU\S-1-5-21-2153768106-3862201133-668011741-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2153768106-3862201133-668011741-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-2153768106-3862201133-668011741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2153768106-3862201133-668011741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search "
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q= "
FF - prefs.js..browser.search.selectedEngine: "ICQ Search "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.de/ "
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.21.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: NPDyyno@dyyno.com:1.0.0.24
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {df4e4df5-5cb7-46b0-9aef-6c784c3249f8}:1.1.0
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..network.proxy.autoconfig_url: "http://pac.uni-karlsruhe.de/ "
FF - prefs.js..network.proxy.http: "221.203.154.26 "
FF - prefs.js..network.proxy.http_port: 8080
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Dominik\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dominik\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dominik\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: c:\program files (x86)\ubisoft\ubisoft game launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bonjour4firefox@apple.com: C:\Program Files (x86)\Bonjour SDK\Bin\FirefoxExtension\ [2013.07.02 22:02:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.12.21 15:21:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\extension@preispilot.com: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\extensions\extension@preispilot.com

[2012.10.17 15:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Extensions
[2012.02.19 09:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Extensions\Coder Preset
[2012.02.19 09:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Extensions\MediaCoder
[2012.02.19 09:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Extensions\MediaCoderPrefs
[2012.02.19 09:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Extensions\MediaCoder-Setup-Wizard
[2012.02.19 09:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Extensions\Transmedia
[2013.12.29 01:57:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\ac615xvc.default\extensions
[2012.10.17 18:50:03 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\ac615xvc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012.10.17 18:50:03 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\ac615xvc.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2012.10.17 18:50:03 | 000,000,000 | ---D | M] (Fox!Box) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\ac615xvc.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}
[2012.10.17 18:49:57 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\ac615xvc.default\extensions\battlefieldheroespatcher@ea.com
[2012.10.17 18:49:57 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\ac615xvc.default\extensions\ChoiceGuard@Microsoft
[2012.10.17 18:49:57 | 000,000,000 | ---D | M] (ICQ Sparberater) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\ac615xvc.default\extensions\ciuvo-extension@icq.de
[2013.01.07 21:30:36 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\ac615xvc.default\extensions\ich@maltegoetz.de
[2012.10.17 18:49:59 | 000,000,000 | ---D | M] (Simple Dyyno Launcher) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\ac615xvc.default\extensions\NPDyyno@dyyno.com
[2012.10.17 18:49:59 | 000,000,000 | ---D | M] (Flash AX Control) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\ac615xvc.default\extensions\npfax@microgaming.co.uk
[2012.10.17 18:50:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\ac615xvc.default\extensions\staged-xpis
[2012.10.17 18:49:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\ac615xvc.default\extensions\ciuvo-extension@icq.de\chrome
[2013.01.07 21:30:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\i6xxo072.default\extensions
[2012.10.17 18:50:04 | 000,000,000 | ---D | M] (ICQ Sparberater) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\i6xxo072.default\extensions\ciuvo-extension@icq.de
[2013.01.07 21:30:36 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\i6xxo072.default\extensions\ich@maltegoetz.de
[2012.10.17 18:50:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\i6xxo072.default\extensions\ciuvo-extension@icq.de\chrome
[2013.12.29 02:00:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\extensions
[2013.12.15 23:12:17 | 000,000,000 | ---D | M] (Tube Dimmer) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\mse5cg91.default-1349613738826\extensions\support@tubedimmerapp.com
[2013.01.07 21:30:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\n33ouegl.default\extensions
[2013.01.07 21:30:36 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\n33ouegl.default\extensions\ich@maltegoetz.de
[2013.01.07 21:30:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\sr9qlfiw.default\extensions
[2012.10.17 18:50:08 | 000,000,000 | ---D | M] (ICQ Sparberater) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\sr9qlfiw.default\extensions\ciuvo-extension@icq.de
[2013.01.07 21:30:36 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\sr9qlfiw.default\extensions\ich@maltegoetz.de
[2012.10.17 18:50:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\sr9qlfiw.default\extensions\ciuvo-extension@icq.de\chrome
[2013.12.29 01:57:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\v3l0084k.default\extensions
[2012.10.17 18:50:08 | 000,000,000 | ---D | M] (ICQ Sparberater) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\v3l0084k.default\extensions\ciuvo-extension@icq.de
[2013.01.07 21:30:36 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\v3l0084k.default\extensions\ich@maltegoetz.de
[2012.10.17 18:50:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\v3l0084k.default\extensions\ciuvo-extension@icq.de\chrome
[2013.12.29 01:57:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\xkx2bl7n.default\extensions
[2012.10.17 18:50:11 | 000,000,000 | ---D | M] (ICQ Sparberater) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\xkx2bl7n.default\extensions\ciuvo-extension@icq.de
[2013.01.07 21:30:36 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\xkx2bl7n.default\extensions\ich@maltegoetz.de
[2012.10.17 18:50:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\xkx2bl7n.default\extensions\ciuvo-extension@icq.de\chrome
[2013.01.07 21:30:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\yosy4qum.default\extensions
[2012.10.17 18:50:14 | 000,000,000 | ---D | M] (ICQ Sparberater) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\yosy4qum.default\extensions\ciuvo-extension@icq.de
[2013.01.07 21:30:36 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\yosy4qum.default\extensions\ich@maltegoetz.de
[2012.10.17 18:50:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\yosy4qum.default\extensions\ciuvo-extension@icq.de\chrome
[2009.10.18 19:48:16 | 000,341,616 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\ac615xvc.default\extensions\staged-xpis\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}\tmp.xpi
[2010.04.18 00:40:08 | 000,524,099 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\ac615xvc.default\extensions\staged-xpis\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\tmp.xpi
[2009.12.16 17:33:18 | 006,458,302 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\ac615xvc.default\extensions\staged-xpis\DivXWebPlayer@divx.com\tmp.xpi
[2010.01.03 21:19:46 | 001,192,896 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\ac615xvc.default\extensions\staged-xpis\fb_add_on@avm.de\tmp.xpi
[2012.05.09 13:23:12 | 000,588,513 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\i6xxo072.default\extensions\testpilot@labs.mozilla.com.xpi
[2013.11.13 22:26:52 | 000,639,485 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\mse5cg91.default-1349613738826\extensions\toolbar@web.de.xpi
[2013.12.29 02:00:29 | 000,587,582 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\mse5cg91.default-1349613738826\extensions\{1e9a63ef-84ec-49a4-8d6f-2dd9524e90d0}.xpi
[2013.10.09 21:28:35 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\mse5cg91.default-1349613738826\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2009.10.16 01:59:20 | 000,001,632 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\ac615xvc.default\searchplugins\live-search.xml
[2013.12.29 01:57:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.12.21 15:21:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.12.21 15:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.12.21 15:21:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.12.21 15:21:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.12.21 15:21:11 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\afurladvisor@anchorfree.com
File not found (No name found) -- C:\USERS\DOMINIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AC615XVC.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
File not found (No name found) -- C:\USERS\DOMINIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AC615XVC.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\DOMINIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AC615XVC.DEFAULT\EXTENSIONS\{BA14329E-9550-4989-B3F2-9732E92D17CC}
File not found (No name found) -- C:\USERS\DOMINIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AC615XVC.DEFAULT\EXTENSIONS\{E9A1DEE0-C623-4439-8932-001E7D17607D}
File not found (No name found) -- C:\USERS\DOMINIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AC615XVC.DEFAULT\EXTENSIONS\DTTOOLBAR@TOOLBARNET.COM
[2012.06.20 17:14:20 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

========== Chrome ==========

 

CHR - default_search_provider: nationzoom (Enabled)
CHR - default_search_provider: search_url = http://www.nationzoom.com/web/?type=ds&ts=1387064048&from=adks&uid=OCZ-AGILITY2_OCZ-3UNK1I37W5Y778UW&q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: PriceGong (Enabled) = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.7_0\plugins/npPriceGong_CH.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_1\BabylonChromeToolBar.dll
CHR - plugin: SweetIM GC Helper (Enabled) = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\mgHelperGCFB.dll
CHR - plugin: SweetIM GC Helper (Enabled) = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.0.0.1_0\mgHelperGC.dll
CHR - plugin: Application Manager (Enabled) = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: WEBZEN Browser Extension (Enabled) = C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll
CHR - Extension: Skype Click to Call = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Google Wallet = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Mail = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Skype Click to Call = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Google Wallet = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Mail = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012.12.11 15:58:02 | 000,001,043 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 188.165.234.190 auth3.buddyauth.com
O1 - Hosts: 188.165.234.190 auth2.buddyauth.com
O1 - Hosts: 188.165.234.190 http://buddyauth.com
O1 - Hosts: 127.0.0.1 auth3.buddyauth.com
O1 - Hosts: 127.0.0.1 auth2.buddyauth.com
O1 - Hosts: 127.0.0.1 Home Page - Buddy Auth Portal
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Cm108Sound] C:\Windows\Syswow64\cm108.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe ()
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2153768106-3862201133-668011741-1000..\Run: [AVMUSBFernanschluss] C:\Users\Dominik\AppData\Local\Apps\2.0\XV8ZGWPT.T9K\81BWK8R0.A1P\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\AVMAutoStart.exe (AVM Berlin)
O4 - HKU\S-1-5-21-2153768106-3862201133-668011741-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2153768106-3862201133-668011741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Programme\Bonjour SDK\Bin\ExplorerPlugin.dll (Apple Inc.)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files (x86)\Bonjour SDK\Bin\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59A4404E-0D37-4E0F-A8E5-02F0B090B854}: DhcpNameServer = 192.168.0.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67B12236-30E4-417F-943D-67BF11C83D6B}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67B12236-30E4-417F-943D-67BF11C83D6B}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72DDBD48-6047-4A84-AEAD-9FD8D9D6A50F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72DDBD48-6047-4A84-AEAD-9FD8D9D6A50F}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{989E84EF-B475-47EE-8F4D-648C7373B205}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A36E133C-85AB-457A-B672-B0BE0A93CC19}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A36E133C-85AB-457A-B672-B0BE0A93CC19}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AEE62AD3-C193-485C-A41B-0F31700FF0C6}: NameServer = 127.0.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{909ba1a2-513e-11e3-94a2-87ae777be3d2}\Shell - " " = AutoRun
O33 - MountPoints2\{909ba1a2-513e-11e3-94a2-87ae777be3d2}\Shell\AutoRun\command - " " = J:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.12.29 02:17:10 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.12.28 18:57:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.12.27 21:17:30 | 008,757,248 | ---- | C] (C-Media Corporation) -- C:\Windows\SysWow64\CM108.dll
[2013.12.27 21:17:30 | 000,200,704 | ---- | C] (C-Media) -- C:\Windows\SysWow64\cmpa108.dll
[2013.12.27 21:17:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPEEDLINK MEDUSA
[2013.12.27 21:17:08 | 001,310,720 | ---- | C] (C-Media Electronics Inc) -- C:\Windows\SysNative\drivers\CM10864.sys
[2013.12.27 21:17:08 | 000,315,392 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\fltr108.dll
[2013.12.27 03:02:00 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Desktop\mamastick
[2013.12.26 20:43:28 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Desktop\Meetzur
[2013.12.21 15:21:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.12.18 22:14:47 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\CrashDumps
[2013.12.15 22:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.12.15 22:22:55 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013.12.15 22:22:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.12.15 22:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013.12.15 18:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013.12.15 18:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2013.12.15 18:21:41 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Malwarebytes
[2013.12.15 18:21:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.12.15 18:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.12.15 18:21:29 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.12.15 18:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.12.15 18:03:14 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\AVG2014
[2013.12.15 18:02:06 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013.12.15 18:02:06 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2013.12.15 18:01:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.12.15 18:01:32 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\MFAData
[2013.12.15 18:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013.12.15 18:01:32 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Avg2014
[2013.12.15 00:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater
[2013.12.15 00:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers
[2013.12.09 19:49:38 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Blizzard
[2013.12.09 18:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
[2013.12.09 18:45:18 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Battle.net
[2013.12.09 18:45:18 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Battle.net
[2013.12.09 18:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2013.12.06 19:57:35 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Desktop\4red
[2012.10.17 14:56:37 | 001,638,400 | ---- | C] (LIGHTNING UK!) -- C:\Users\Dominik\AppData\Local\ImgBurn.exe
[2012.10.17 14:56:37 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\Dominik\AppData\Local\No23 Recorder.exe
[2012.10.17 14:56:35 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\Dominik\AppData\Local\CDRip.dll
[2012.10.17 14:56:35 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\Dominik\AppData\Local\bass.dll
[2012.10.17 14:56:35 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\Dominik\AppData\Local\basscd.dll
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.01.02 09:01:47 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.02 09:01:47 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.02 08:37:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2153768106-3862201133-668011741-1000UA.job
[2014.01.02 08:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.02 08:31:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.02 07:06:10 | 001,621,308 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.02 07:06:10 | 000,688,008 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.01.02 07:06:10 | 000,651,786 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.02 07:06:10 | 000,145,536 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.01.02 07:06:10 | 000,118,658 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.02 07:01:30 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.02 07:01:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.02 07:01:19 | 2146,807,807 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.01 18:37:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2153768106-3862201133-668011741-1000Core.job
[2014.01.01 08:42:16 | 001,728,225 | ---- | M] () -- C:\Users\Dominik\Desktop\IMAG061811.jpg
[2013.12.31 20:15:05 | 000,866,677 | ---- | M] () -- C:\Users\Dominik\Desktop\IMAG0618.jpg
[2013.12.29 02:06:18 | 000,001,432 | ---- | M] () -- C:\Users\Dominik\Desktop\Google Chrome.lnk
[2013.12.29 01:57:44 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.12.28 01:26:07 | 000,001,282 | ---- | M] () -- C:\Windows\Cm108.ini.imi
[2013.12.27 21:17:30 | 000,001,772 | ---- | M] () -- C:\Users\Dominik\Desktop\SPEEDLINK MEDUSA NX 7.1.lnk
[2013.12.27 21:17:30 | 000,000,366 | ---- | M] () -- C:\Windows\Cm108.ini.cfl
[2013.12.27 21:17:30 | 000,000,133 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2013.12.27 21:17:13 | 000,000,713 | ---- | M] () -- C:\Windows\System\Cm108.ini
[2013.12.27 00:56:24 | 000,040,393 | ---- | M] () -- C:\Users\Dominik\Desktop\Snapshot_20130701_18.jpg
[2013.12.26 19:39:24 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.12.26 19:39:24 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.12.23 21:21:09 | 000,769,087 | ---- | M] () -- C:\Users\Dominik\Desktop\Schnappschuss von mir 481.jpg
[2013.12.23 21:20:14 | 003,722,049 | ---- | M] () -- C:\Users\Dominik\Desktop\Schnappschuss von mir 48.png
[2013.12.23 19:20:12 | 000,082,692 | ---- | M] () -- C:\Users\Dominik\Desktop\Schnappschuss von mir 48.jpg
[2013.12.22 01:24:01 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.12.18 18:29:21 | 000,131,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.12.18 18:29:21 | 000,108,440 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.12.18 18:29:21 | 000,084,720 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.12.15 22:23:11 | 000,001,379 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.12.15 18:21:31 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.12.15 18:07:04 | 000,007,629 | ---- | M] () -- C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
[2013.12.12 08:09:36 | 000,443,976 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.12.09 18:46:58 | 000,000,767 | ---- | M] () -- C:\Users\Public\Desktop\Hearthstone.lnk
[2013.12.09 18:45:17 | 000,000,770 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2013.12.05 20:56:54 | 000,027,586 | ---- | M] () -- C:\Users\Dominik\Desktop\japrchat...PNG
[2013.12.05 00:36:13 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.12.05 00:36:08 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.12.31 20:45:32 | 001,728,225 | ---- | C] () -- C:\Users\Dominik\Desktop\IMAG061811.jpg
[2013.12.31 20:24:43 | 000,866,677 | ---- | C] () -- C:\Users\Dominik\Desktop\IMAG0618.jpg
[2013.12.27 21:17:30 | 000,804,352 | ---- | C] () -- C:\Windows\SysNative\Cmeau108.exe
[2013.12.27 21:17:30 | 000,389,120 | ---- | C] () -- C:\Windows\SysNative\CM108.cpl
[2013.12.27 21:17:30 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix108.dll
[2013.12.27 21:17:30 | 000,001,772 | ---- | C] () -- C:\Users\Dominik\Desktop\SPEEDLINK MEDUSA NX 7.1.lnk
[2013.12.27 21:17:30 | 000,000,366 | ---- | C] () -- C:\Windows\Cm108.ini.cfl
[2013.12.27 21:17:30 | 000,000,133 | ---- | C] () -- C:\Windows\System\Dlap.pfx
[2013.12.27 21:17:13 | 000,359,424 | ---- | C] () -- C:\Windows\SysNative\CmiInstallResAll64.dll
[2013.12.27 21:17:13 | 000,002,547 | ---- | C] () -- C:\Windows\Cm108.ini.cfg
[2013.12.27 21:17:13 | 000,001,282 | ---- | C] () -- C:\Windows\Cm108.ini.imi
[2013.12.27 21:17:13 | 000,000,713 | ---- | C] () -- C:\Windows\System\Cm108.ini
[2013.12.27 21:17:12 | 000,001,471 | ---- | C] () -- C:\Windows\cm108.ini
[2013.12.27 00:56:04 | 000,040,393 | ---- | C] () -- C:\Users\Dominik\Desktop\Snapshot_20130701_18.jpg
[2013.12.23 21:21:07 | 000,769,087 | ---- | C] () -- C:\Users\Dominik\Desktop\Schnappschuss von mir 481.jpg
[2013.12.23 21:16:34 | 003,722,049 | ---- | C] () -- C:\Users\Dominik\Desktop\Schnappschuss von mir 48.png
[2013.12.23 19:17:32 | 000,082,692 | ---- | C] () -- C:\Users\Dominik\Desktop\Schnappschuss von mir 48.jpg
[2013.12.22 12:47:53 | 000,019,032 | ---- | C] () -- C:\Windows\SysNative\pwdrvio.sys
[2013.12.15 22:23:15 | 000,001,391 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.12.15 22:23:11 | 000,001,379 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.12.15 18:21:31 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.12.09 18:46:58 | 000,000,767 | ---- | C] () -- C:\Users\Public\Desktop\Hearthstone.lnk
[2013.12.09 18:45:17 | 000,000,770 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2013.12.05 20:56:54 | 000,027,586 | ---- | C] () -- C:\Users\Dominik\Desktop\japrchat...PNG
[2013.12.05 00:36:13 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.12.05 00:36:08 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.10.14 17:57:35 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013.10.13 23:39:30 | 000,000,013 | ---- | C] () -- C:\Users\Dominik\tooldate.bsk
[2013.08.05 23:50:18 | 000,000,851 | ---- | C] () -- C:\Users\Dominik\AppData\Local\recently-used.xbel
[2013.05.06 21:06:43 | 000,000,011 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2013.05.06 21:06:43 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2013.05.06 21:06:13 | 000,000,326 | ---- | C] () -- C:\Windows\Brownie.ini
[2013.05.06 21:04:18 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013.05.06 21:04:18 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2030.DAT
[2013.03.21 05:10:18 | 000,042,880 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2013.02.21 22:15:29 | 003,678,800 | ---- | C] () -- C:\Users\Dominik\ts3_recording_13_02_21_22_15_24.wav
[2013.02.21 22:14:45 | 000,000,168 | ---- | C] () -- C:\Windows\psr.INI
[2013.02.21 22:11:57 | 000,000,232 | ---- | C] () -- C:\Windows\asr.INI
[2013.02.21 21:53:13 | 002,681,344 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
[2013.01.07 21:30:37 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012.10.25 21:45:00 | 001,602,214 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.23 23:57:31 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2012.10.20 01:52:54 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.10.20 01:52:29 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.10.18 07:27:00 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.10.18 07:27:00 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2012.10.18 07:27:00 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.10.18 07:26:58 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.10.17 15:20:31 | 001,695,744 | ---- | C] () -- C:\Users\Dominik\AppData\Roaming\databak.exe
[2012.10.17 15:20:31 | 000,001,655 | ---- | C] () -- C:\Users\Dominik\AppData\Roaming\SvcTraceViewer.exe.settings
[2012.10.17 15:20:31 | 000,000,760 | ---- | C] () -- C:\Users\Dominik\AppData\Roaming\setup_ldm.iss
[2012.10.17 15:20:31 | 000,000,221 | ---- | C] () -- C:\Users\Dominik\AppData\Roaming\default.rss
[2012.10.17 15:20:31 | 000,000,182 | ---- | C] () -- C:\Users\Dominik\AppData\Roaming\shedl.bat
[2012.10.17 14:56:38 | 000,226,816 | ---- | C] () -- C:\Users\Dominik\AppData\Local\tsMuxeR.exe
[2012.10.17 14:56:38 | 000,017,408 | ---- | C] () -- C:\Users\Dominik\AppData\Local\WebpageIcons.db
[2012.10.17 14:56:38 | 000,007,629 | ---- | C] () -- C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
[2012.10.17 14:56:38 | 000,000,842 | ---- | C] () -- C:\Users\Dominik\AppData\Local\sk9-gforce-bd9.meta
[2012.10.17 14:56:37 | 000,098,681 | ---- | C] () -- C:\Users\Dominik\AppData\Local\keylog.dat
[2012.10.17 14:56:37 | 000,001,476 | ---- | C] () -- C:\Users\Dominik\AppData\Local\RecConfig.xml
[2012.10.17 14:56:37 | 000,000,600 | ---- | C] () -- C:\Users\Dominik\AppData\Local\PUTTY.RND
[2012.10.17 14:56:37 | 000,000,302 | ---- | C] () -- C:\Users\Dominik\AppData\Local\MovieObject.bdmv
[2012.10.17 14:56:37 | 000,000,173 | ---- | C] () -- C:\Users\Dominik\AppData\Local\msmathematics.qat.Dominik
[2012.10.17 14:56:37 | 000,000,120 | ---- | C] () -- C:\Users\Dominik\AppData\Local\index.bdmv
[2012.10.17 14:56:35 | 000,054,272 | ---- | C] () -- C:\Users\Dominik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.17 14:56:35 | 000,007,728 | ---- | C] () -- C:\Users\Dominik\AppData\Local\d3d9caps.dat
[2012.10.17 14:56:35 | 000,001,460 | ---- | C] () -- C:\Users\Dominik\AppData\Local\d3d9caps64.dat
[2012.10.17 14:56:35 | 000,001,100 | ---- | C] () -- C:\Users\Dominik\AppData\Local\d3d8caps.dat
[2012.10.17 14:56:35 | 000,000,095 | ---- | C] () -- C:\Users\Dominik\AppData\Local\fusioncache.dat
[2012.10.17 14:55:06 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2012.01.18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2007.08.13 17:46:00 | 000,155,136 | ---- | C] () -- C:\Users\Dominik\AppData\Local\lame_enc.dll
[2006.10.26 01:06:48 | 000,064,000 | ---- | C] () -- C:\Users\Dominik\AppData\Local\vorbisenc.dll
[2006.10.26 01:06:48 | 000,019,456 | ---- | C] () -- C:\Users\Dominik\AppData\Local\vorbisfile.dll
[2006.10.26 01:06:46 | 000,143,872 | ---- | C] () -- C:\Users\Dominik\AppData\Local\vorbis.dll
[2006.10.26 01:06:36 | 000,015,872 | ---- | C] () -- C:\Users\Dominik\AppData\Local\ogg.dll
[2005.08.23 22:34:06 | 000,029,184 | ---- | C] () -- C:\Users\Dominik\AppData\Local\no23xwrapper.dll

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
" " = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
" " = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
" " = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.10.17 15:20:31 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\.kde
[2012.10.17 15:20:31 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\.marble
[2013.10.20 14:54:17 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\.minecraft
[2012.10.17 15:20:33 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\abgx360
[2012.10.17 15:20:33 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Acronis
[2012.10.17 15:20:35 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\AMD
[2012.10.17 15:20:38 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Audacity
[2012.10.17 15:20:38 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Autodesk
[2012.10.17 15:20:38 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\AVG10
[2013.12.15 18:03:14 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\AVG2014
[2013.07.29 11:27:53 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\avidemux
[2012.10.17 15:20:38 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\AVSMedia
[2012.10.17 15:20:39 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Azureus
[2013.12.09 21:14:09 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Battle.net
[2012.10.17 15:20:40 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\BinarySense
[2013.05.02 18:32:44 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Bitcoin
[2013.07.03 16:40:49 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Blink
[2012.10.17 15:20:43 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Broad Intelligence
[2012.10.17 15:20:43 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\cbuenger
[2012.10.17 15:20:43 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\CDZilla
[2012.10.17 15:20:43 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\CellularEmulator
[2012.10.17 15:20:43 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.10.17 15:20:43 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2012.10.17 15:20:43 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Command & Conquer 3 Kane's Wrath
[2012.10.17 15:20:47 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Command & Conquer 3 Kanes Rache
[2012.10.17 15:20:49 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2012.10.17 15:20:49 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Command and Conquer 3 Kanes Wrath
[2012.10.17 15:20:50 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Command and Conquer 3 Tiberium Wars
[2012.10.17 15:20:50 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\CommunicaEtor
[2012.10.17 15:20:50 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Cool Record Edit Pro
[2013.04.04 18:02:09 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Curse Advertising
[2012.10.17 15:20:50 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DAEMON Tools Lite
[2012.10.17 15:20:50 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DAEMON Tools Pro
[2012.10.17 15:20:50 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\de.3m5.wendel.flcd.FLCDB.4E7DF207D694E815646D9C9DD7DC91A41EB7FD23.1
[2012.10.17 15:20:50 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Downloaded Installations
[2013.08.19 17:45:43 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Dropbox
[2012.10.17 15:20:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DVDVideoSoft
[2012.12.17 21:29:01 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\FileZilla
[2012.10.17 15:20:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Free Audio Editor
[2012.10.17 15:20:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Free Sound Recorder
[2013.07.02 22:48:13 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\FreeCall
[2012.10.17 15:20:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\FxPro-xTrader
[2012.10.17 15:20:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\GeoSetter
[2012.02.19 09:49:29 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\GetRightToGo
[2012.10.17 15:20:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\gtk-2.0
[2013.12.28 03:41:28 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Guild Wars 2
[2012.10.17 15:20:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\HD Tune Pro
[2012.10.17 15:20:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\HLSW
[2013.03.11 22:54:00 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ICQ
[2012.10.17 15:21:01 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ICQ Search
[2012.10.17 15:21:01 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ICSharpCode
[2012.10.17 15:21:01 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ImgBurn
[2012.10.17 15:21:01 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\invendio Client
[2012.10.17 15:21:01 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\IObit
[2012.10.17 15:21:01 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\iZ3D Driver
[2012.10.17 15:21:02 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\JavaEditor
[2013.07.03 18:19:24 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Jitsi
[2012.10.17 15:21:02 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Language
[2012.10.17 15:21:02 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Leadertech
[2012.10.17 15:16:15 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\LolClient
[2012.10.17 15:21:02 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2012.10.17 15:21:02 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\LolClient2
[2013.08.08 22:06:54 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Mobile Atlas Creator
[2013.06.24 05:57:56 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Mp3tag
[2012.10.17 15:21:11 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\MrJobs
[2013.06.28 23:38:48 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Mumble
[2013.06.24 05:00:05 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\MusicBrainz
[2012.10.17 15:21:11 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\MyPhoneExplorer
[2012.10.17 15:21:13 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Namecoin
[2012.10.17 15:21:14 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Naviextras
[2012.10.17 15:21:14 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Need for Speed World
[2012.10.17 15:21:14 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\NetMeter
[2012.11.05 14:39:19 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Notepad++
[2012.10.17 15:21:14 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\NVD
[2013.09.01 11:53:57 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\OBS
[2012.10.17 15:21:15 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Octoshape
[2013.04.08 18:17:19 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ooVoo Details
[2012.10.17 15:21:15 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\OpenOffice.org
[2012.10.17 15:21:16 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Opera
[2012.10.17 15:21:16 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Oracle
[2013.10.13 15:14:36 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Origin
[2012.10.17 15:21:50 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\PacificPoker
[2012.10.17 15:21:50 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Pegasys Inc
[2013.05.02 19:24:12 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\poclbm
[2012.10.17 15:21:50 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\pokerth
[2012.02.19 09:41:57 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Publish Providers
[2013.02.25 11:19:41 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\raidcall
[2012.10.17 15:21:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Raptr
[2012.10.17 15:21:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\RayV
[2012.10.17 15:21:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Razer
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\RIFT
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\River Past G5
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ShareTV
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Shark007
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\SoftGrid Client
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Sony
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Sony Creative Software
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\SplitMediaLabs
[2013.02.21 21:53:16 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Spotify
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Stereoscopic Player
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Subversion
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Sytexis Software
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TankLeader
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TeamViewer
[2012.02.19 09:41:48 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TfsSQMLog
[2013.02.21 21:53:29 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Tobit
[2013.02.21 22:34:48 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TotalRecorder
[2012.10.17 15:21:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TP
[2013.12.29 02:18:31 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TP-LINK
[2012.10.17 15:21:59 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Truphone
[2014.01.02 07:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TS3Client
[2013.03.05 03:46:03 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ts3overlay
[2013.01.09 01:19:46 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ts3overlay_hook_win64
[2012.10.17 15:22:28 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TuneUp Software
[2012.11.11 14:22:35 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Tunngle
[2013.05.05 03:26:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TZAC2
[2012.10.17 15:22:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Uniblue
[2013.10.14 19:47:10 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Usenet.nl
[2012.10.17 15:22:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Valuga Software
[2012.10.17 15:22:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Video2Webcam
[2012.10.17 15:22:37 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\wargaming.net
[2012.10.17 15:22:37 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\WebCallDirect
[2012.10.17 15:22:37 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Win7codecs
[2012.04.16 17:32:18 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Windows Live Writer
[2012.10.17 15:22:37 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Wippien
[2012.10.17 15:22:37 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Wireshark
[2012.12.01 17:22:13 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Wise Care 365
[2012.10.17 15:22:37 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\WNR
[2012.10.17 15:22:37 | 000,000,000 | -HSD | M] -- C:\Users\Dominik\AppData\Roaming\wyUpdate AU
[2012.10.17 15:22:37 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\xTrader

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013.11.09 18:18:44 | 103,387,443 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ꄿ䡋‹
[2013.11.09 12:18:41 | 103,387,443 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ꄿ䡋‹

< End of report >

 

OTL Extras logfile created on: 02.01.2014 08:54:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dominik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

8,00 Gb Total Physical Memory | 3,67 Gb Available Physical Memory | 45,92% Memory free
10,93 Gb Paging File | 5,89 Gb Available in Paging File | 53,86% Paging File free
Paging file location(s): d:\pagefile.sys 1000 1000e:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 107,13 Gb Total Space | 4,53 Gb Free Space | 4,23% Space Free | Partition Type: NTFS
Drive D: | 1863,01 Gb Total Space | 0,16 Gb Free Space | 0,01% Space Free | Partition Type: NTFS
Drive E: | 832,91 Gb Total Space | 42,54 Gb Free Space | 5,11% Space Free | Partition Type: NTFS
Drive F: | 11,64 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1863,01 Gb Total Space | 45,72 Gb Free Space | 2,45% Space Free | Partition Type: NTFS
Drive H: | 98,50 Gb Total Space | 11,51 Gb Free Space | 11,68% Space Free | Partition Type: NTFS
Drive I: | 100,00 Mb Total Space | 74,37 Mb Free Space | 74,37% Space Free | Partition Type: NTFS

Computer Name: DOMINIK-PC | User Name: Dominik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2153768106-3862201133-668011741-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll ",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll ",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1 ",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{005EA041-EF74-4827-B11F-C521A2E26B4F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{07FB1957-2CE7-4DD3-8310-4BB60017E672}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0DDFE22F-826C-4310-A8ED-2F60E2F4A947}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{0F30ACC8-A9AD-4482-890D-61915CBD0677}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{125CCB29-45F6-4A05-9E9C-FF74FF352907}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{287102D0-33DD-4E21-9937-000CD4EBD7A6}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{3B55B9E8-1F24-45C8-8736-16DF4CD97BD7}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3DFEE179-E314-4F51-892B-57779D16C66C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3F4784FB-78E9-4349-BD05-2C3BCD6D1D90}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{473FE21F-8268-4833-A012-7BD1F4CCA2F6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A6550EC-E34A-47A5-A0AA-A65D0F6D93F0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{68262C41-978C-443F-9CBD-05E1522AEFDD}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{68429560-A1A2-46A0-9E22-BAC2D460C2F1}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{706CB823-683B-4BBB-853F-C752ECF35D64}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{7A98760B-678C-46AD-B62B-95C1A65275F3}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{80C1F4E1-837A-4A9D-9E06-0F3358A2070A}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8AC227E6-D36C-4599-88DC-19CB8AE89033}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8E6736C5-DE92-4221-A080-96A867855749}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A2B1BC80-4921-4C3C-8CFC-6A6CB99269C2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A31F1FB7-AAFA-4801-8C17-7945FCF9286C}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B072C6E6-1C40-4CD0-AB25-A14550770086}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B0DA06ED-8D83-4D36-8BBE-8E186F95E57D}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{BAE66A6A-BAAC-4D33-8A61-07A679AAA78E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BBA44153-E915-427C-BD94-E2BF64A09D8B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BE90BAB6-84BC-4AE0-8922-9F9E193E2DF5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C31536A6-28E5-479B-9EB3-34FCF73A3030}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C66D60C1-63BB-4413-B71C-3377607EB845}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{CD0AFACD-B060-473B-8196-497F64DC6540}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{CD0EEC27-11BF-428F-9C4B-019670BE6B6E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D279E8B1-899F-48B9-84B1-B4E6E3318E5F}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{E18CFAFA-3BA5-4ECA-9BA8-603C325255CE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F073EB83-A25F-4098-8EE1-D65AA111CDB8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F0B2A8CB-4495-4149-A8DA-67C969991939}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{FF1990BB-31DB-4B7D-BBDC-7C93C16DDE58}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C400DE-345F-4B0A-887E-2FE7B49E6D66}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\local\apps\2.0\xv8zgwpt.t9k\81bwk8r0.a1p\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe |
"{028A353D-C076-4267-80C2-BFFC84BA51BA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{062252D6-3C7A-4866-88A1-96D026EFB1D4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{08648A28-A2DF-4647-BF85-D0C5E8B5D024}" = protocol=17 | dir=in | app=e:\livegame\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{0BE79B1D-4305-4ECD-88A9-1E1AA3434451}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{0CB825D6-C86C-4625-A591-C96F4B89325E}" = protocol=6 | dir=in | app=e:\livegame\ubisoft\farcry 3\bin\fc3editor.exe |
"{0D8C83F6-4C2E-4F64-9D4A-4B0A2898CA5C}" = protocol=6 | dir=in | app=c:\botuser\auth\hb_auth_server.exe |
"{0DFE1BC5-AA22-4867-9DAB-6EF93B217F80}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\local\apps\2.0\xv8zgwpt.t9k\81bwk8r0.a1p\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe |
"{0F19AF37-0945-4320-BD28-8F963BFFA864}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe |
"{102226DD-8EE9-4AB0-A8B2-9E136B361424}" = protocol=17 | dir=in | app=e:\livegame\diablo iii - eu\diablo iii.exe |
"{10D22E72-3498-47CE-B101-F004A59632FB}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{11C50B47-EF68-4CE0-8572-7ADC3E64AD47}" = protocol=6 | dir=in | app=e:\livegame\ubisoft\farcry 3\bin\farcry3.exe |
"{13FFE702-8F55-4E51-96DB-B9ECD9D14259}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\roaming\dropbox\bin\dropbox.exe |
"{14C1BBA7-9A63-4683-869D-DEF7EA6832A9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{16614180-E9D1-44AF-AF03-8FD438B3ED8D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{167CB941-ECB4-4B75-9A4C-6B75D19A6C46}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{1783D1BE-B882-4CAE-A2E2-8FE0B48B4875}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{18082091-8E7B-454C-AFDF-1CCF0AF24BE9}" = protocol=17 | dir=in | app=e:\livegame\steam\steamapps\common\call of duty black ops\bin\launcher.exe |
"{18743CD3-9EBD-477B-A567-26F95F3BC8AA}" = protocol=6 | dir=in | app=e:\livegame\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{19F92620-2578-4FB2-95EE-FD2559BDD717}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{1B9A3289-A390-482B-B2F4-E6AE26333FDC}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{1C17799A-0068-42FF-92EC-228F4637B609}" = protocol=6 | dir=in | app=c:\program files (x86)\freecall.com\freecall\freecall.exe |
"{1D6DDD5D-022E-46ED-A5A2-986D2328ECB5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1DCD5F8E-4EF0-4E3A-A32C-F626DDDBF795}" = protocol=6 | dir=in | app=g:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe |
"{1FD391DE-D6B8-46CD-B14C-53CCADDE3BED}" = protocol=17 | dir=in | app=e:\livegame\ubisoft\farcry 3\bin\fc3editor.exe |
"{2204C017-E69A-431B-970F-323F9FEA838D}" = protocol=6 | dir=in | app=e:\livegame\gw2\gw2.exe |
"{2219836E-5102-4E38-A61B-CEAE72AE7784}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2426\agent.exe |
"{236F2C71-7661-400C-8E81-E60BFAF85BA9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{27C0E794-493F-42FC-8154-397CC4DAB862}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{283C4AC1-FF46-44EC-82F0-4F406DA0AB20}" = protocol=17 | dir=in | app=e:\livegame\steam\steamapps\common\team fortress 2\hl2.exe |
"{2990C26B-86D9-4A2E-881F-54826BC0AE4E}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{2C150F9A-32AF-4165-81B8-DB984C250178}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2DBD3418-4FD3-4265-84F9-9014932E364C}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{2FC2C045-0C1F-4B88-B3D1-07719D784F70}" = protocol=6 | dir=in | app=e:\livegame\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{305B9CAB-FF52-4B5A-959C-C5B04C187C56}" = protocol=6 | dir=in | app=e:\livegame\ubisoft\farcry 3\bin\fc3updater.exe |
"{30B874A1-F192-4EDE-B26A-0221AA87E8AB}" = protocol=17 | dir=out | app=e:\livegame\tera\client\tl.exe |
"{313C193A-0B5A-4F94-A35E-C52C03872EAD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{31CB6FA3-4B00-43CD-8AF3-F860A089E0FB}" = protocol=6 | dir=in | app=e:\livegame\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{326F1C20-3A61-4CAA-9B3A-211165B3814B}" = protocol=6 | dir=in | app=e:\livegame\tera\client\tera.exe |
"{381B56FD-2A5D-4AF0-9B63-25D6E416ECB8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{382926D9-B566-4D77-A7B8-D9E3E13D6F85}" = protocol=17 | dir=in | app=c:\program files (x86)\freecall.com\freecall\freecall.exe |
"{38B7AFD1-670C-4E18-8B62-59F3FEFFC507}" = protocol=6 | dir=in | app=e:\livegame\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{3BB8E9FA-2C62-4742-B3A9-871AECEC7261}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{3CA92962-A29D-4416-B9D1-3E18E436E5EB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{3D6AF430-BF2E-444B-9071-E07DEFEC460E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3E785C17-24A3-4DFB-A405-549622B0BF24}" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"{3EC8ABA0-0F6E-4C8C-B5FD-EEF2E241997F}" = protocol=17 | dir=in | app=e:\livegame\steam\steamapps\common\counter-strike source\hl2.exe |
"{4036C1AD-7F45-4B77-96DF-D67EFE97A882}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2426\agent.exe |
"{41B16202-FBDC-4AF3-AB0D-34581F0305FF}" = protocol=17 | dir=in | app=c:\program files (x86)\freecall.com\freecall\freecall.exe |
"{4287B27D-699E-47B0-92B1-543ED15C8639}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\local\apps\2.0\xv8zgwpt.t9k\81bwk8r0.a1p\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\curseclient.exe |
"{42C143F7-E328-409C-A1AC-266EEA003F09}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{43C659D3-7F14-40C5-88B5-18CC9488CA2E}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\roaming\dropbox\bin\dropbox.exe |
"{444944B3-3FE2-47CF-9270-28CF0CD889F1}" = protocol=17 | dir=in | app=e:\livegame\ubisoft\farcry 3\bin\fc3updater.exe |
"{4524C45E-7D10-48B1-8471-79B7698BD78C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{46154A9D-7A62-40F9-B4E0-33AF45328E3F}" = protocol=17 | dir=in | app=e:\livegame\ubisoft\farcry 3\bin\farcry3.exe |
"{475FBD19-2F45-4993-979A-438E8CE6F031}" = protocol=6 | dir=in | app=e:\livegame\tera\tera-launcher.exe |
"{4863381E-EAC2-4CEB-BAA0-3C1C5601FF8C}" = protocol=17 | dir=in | app=e:\livegame\steam\steamapps\common\warframe\tools\launcher.exe |
"{48BAE176-216B-44F4-9660-08794D464D60}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{493A5154-8F81-4184-BFF3-60EBE10081AB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4A1DA3D6-B804-430A-B591-36E4744F4D70}" = protocol=17 | dir=out | app=e:\livegame\tera\client\tera.exe |
"{4B340157-908D-4F49-8C2A-25E5B5687AF6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2426\agent.exe |
"{4CBC62EE-F473-420C-A201-1A5D16BBF8C5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5140A2C7-70A9-42E9-83F0-58459A7B88BF}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{52425613-4937-47FA-BA7E-16C424EB440C}" = protocol=6 | dir=in | app=e:\livegame\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{52C2C38F-1B0C-40E7-AB65-31E018AA0E92}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{55E8A0D1-0211-49DA-97BC-C1C7D78F188F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe |
"{57AB7DE8-2332-4A6C-925B-824227E627D7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{581AD0C6-A785-491B-BEBE-A36CC96BBAE5}" = protocol=17 | dir=in | app=c:\webzen\arcticcombat\system\arcticcombat.exe |
"{5B1D616F-D5CD-403A-B824-A7CCFDF89A44}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{5C4F5CCB-BB04-4A1A-8F38-02BD2E9C14A0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5CA00D0C-6862-4920-9756-D80746B2373A}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\roaming\spotify\spotify.exe |
"{5D51C1CF-FA4E-4157-BD72-0C2B74CC985A}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\roaming\spotify\spotify.exe |
"{5E3DB56F-3C89-41DF-AC45-0F451309ED77}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{60C4BB12-4BA1-40AA-8F91-F7D87A532F11}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{63AA73A5-BC49-4902-838F-EC690E3FC949}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{63ACD3A4-61A1-4308-91EE-00128CD58F6E}" = protocol=17 | dir=out | app=e:\livegame\tera\tera-launcher.exe |
"{64FBA175-F3FC-442E-AA43-CF4B0174CC94}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{6706810E-DD01-418C-AC3D-608F9E29E2F6}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{6977D5C2-0899-4199-A157-B9523D76FC7A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{69E3AC66-2281-4EE0-9643-21C0F81D1D14}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{6AE71645-0D8B-4392-82A8-66CE5482AA29}" = protocol=17 | dir=in | app=e:\livegame\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{6B0CF6DF-E3DF-4BF5-9822-3C916AC38B56}" = protocol=17 | dir=in | app=e:\livegame\tera\client\tera.exe |
"{6BFC8FD3-C95F-4293-AD78-3A8F7CD70BFB}" = protocol=6 | dir=in | app=e:\livegame\steam\steam.exe |
"{6E61B967-B4B5-43BB-A8EE-7F0B21EDFCA8}" = protocol=6 | dir=in | app=e:\livegame\steam\steamapps\common\warframe\tools\launcher.exe |
"{6E958AA0-9A35-413B-91E4-D5EAD6F37306}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{6F2E5B62-3976-4C04-84B2-5B2D8CC47222}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{7066D499-C282-4FA9-AD9A-CA2D31C9C0C2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{733EBCB4-0DBB-4504-BE34-F9D8646DDB57}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{746F20C3-DBA7-4B52-BB95-89E1B49E245A}" = protocol=6 | dir=in | app=c:\webzen\arcticcombat\system\arcticcombat.exe |
"{76BBA5F2-96ED-4E9E-8D37-9392F02FEF21}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{77DFD234-8A6A-4C34-82BD-321F7A2A4B9E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{80A1AE39-0F3A-4AD3-84DC-12898BF79302}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\local\apps\2.0\xv8zgwpt.t9k\81bwk8r0.a1p\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\curseclient.exe |
"{80A6EBCA-DC2C-470D-A5E3-4A2A56F84D10}" = protocol=6 | dir=in | app=e:\livegame\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{80AC2905-78DD-488D-BE2F-6B88A9EE569F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{84C7EFC5-593A-460A-AD7F-25FC71DE4D74}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8573E6A3-CE3C-4CC9-84B6-89BC85CD16B9}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{85C64F31-D8FE-4C85-AD19-C471E9CE0E63}" = protocol=6 | dir=in | app=e:\livegame\steam\steamapps\common\call of duty black ops\bin\launcher.exe |
"{86CFC775-A5C7-47A6-A2D0-982B70866762}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{87C38688-53DA-4456-9ADF-6CAD804E787D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8A3D133F-DBF7-425A-A39E-6688AC119F28}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\roaming\dropbox\bin\dropbox.exe |
"{8A7A1119-E1CA-4EDB-B38B-82245A3BD9CB}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\local\apps\2.0\xv8zgwpt.t9k\81bwk8r0.a1p\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe |
"{8A9762D5-BD43-4539-949E-30A0DA2188A7}" = protocol=17 | dir=in | app=e:\livegame\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{8ADFA754-9F0D-4925-8906-9F8475E3A38F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8D682CF0-D97C-4A8C-B405-5DB794F3AA47}" = protocol=6 | dir=in | app=e:\livegame\steam\steam.exe |
"{8EBCDAE3-A873-4A54-AA14-165E4F661A94}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{8FF1F29A-B278-4028-AC5B-BD0D6B55C9E7}" = protocol=17 | dir=in | app=e:\livegame\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{963939D8-7308-4EF4-A9C4-046EFA0951AD}" = protocol=6 | dir=out | app=system |
"{98BD38E4-37FF-4949-8297-DF5ACB0269F1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{9A96711A-4F86-423C-A574-2713CD5891D1}" = protocol=6 | dir=out | app=e:\livegame\tera\client\tl.exe |
"{9BE78428-1BD9-423E-8DF9-1CBA9F3B7AA9}" = protocol=6 | dir=in | app=e:\livegame\diablo iii - eu\diablo iii.exe |
"{9E03F182-D4AA-4B5D-8C8A-10831155FB06}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{A0689EED-2B28-491C-901C-77FFF3BC537C}" = protocol=17 | dir=in | app=e:\livegame\steam\steam.exe |
"{A16D6E01-6BF1-4682-8AE5-0384260A2EE2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{A18A2EEB-E14B-4760-8724-AE7DB00AE4F9}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{A3036857-F02C-4906-9053-4672DDAD9F4B}" = protocol=17 | dir=in | app=e:\livegame\gw2\gw2.exe |
"{A33B1160-A8F7-40CE-AF56-7065CD081146}" = protocol=6 | dir=in | app=e:\livegame\steam\steamapps\common\ragnarok online 2\wplauncher.exe |
"{A40E9AAD-82A0-4459-9202-BFD1691FF843}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{A4675D51-CBA7-4420-9D51-144E3E1DD3AC}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{A6DB399E-9194-45A8-B8C9-79C345C819DA}" = protocol=6 | dir=in | app=e:\livegame\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{A720F3FB-E6B4-43B2-9FEC-17394FD4D661}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{A897BCF6-9983-4597-83AC-0566667BDA27}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AB3377DB-35CB-45EA-9D5A-F6AC870FEC2C}" = protocol=17 | dir=in | app=e:\livegame\steam\steam.exe |
"{AC90D7CD-4EDC-4DD7-83A1-8E5DE4FAE436}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{ACEE4869-3019-4FF3-8D91-7171305A3E94}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 beta\bf4.exe |
"{AF6A0ED5-1B94-4AFD-A017-CFDEEB5F1EDB}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 beta\bf4.exe |
"{B120BFC2-7817-46B0-B549-C9921CD7D6B0}" = protocol=17 | dir=in | app=g:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe |
"{B59124E2-C991-473B-B103-D14EE71734D0}" = protocol=17 | dir=in | app=c:\botuser\auth\hb_auth_server.exe |
"{B5F6457B-A10E-4E44-A48D-DE84EFF22D50}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{B93F5F7C-FC9B-484A-A115-FB0C9F38ECDC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BB43FB0D-9E5B-45B2-AD30-0D986FF7196B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{BC33B6C1-74D2-4328-ADC3-5E33BD546B3C}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BEC83280-996D-463D-8C90-969B61098F45}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{BF91EFCB-9347-4B6C-9FB8-FC492E66097A}" = protocol=17 | dir=in | app=e:\livegame\steam\steamapps\common\ragnarok online 2\wplauncher.exe |
"{BF9FDB89-E687-43A8-92CC-4134F649295D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2426\agent.exe |
"{BFA1402E-7A2C-42A7-87D1-D4288EF273F0}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BFA45F2B-81C1-4560-8FA8-38636981767D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{C0DC91AF-BCFE-4F03-8B63-07E3097900BF}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{C188F9E1-6F19-4DB6-B473-B883C3F12435}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C431530A-FAB4-4392-ACF2-4905D0F9BD1F}" = protocol=6 | dir=in | app=c:\program files (x86)\freecall.com\freecall\freecall.exe |
"{C4CC0AF3-0BE7-4067-8F64-05DDB7DE177C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C590ADA6-C7D1-4C0B-B9A0-5FA2421963D4}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{C6AC94AA-AF7F-4EA0-A369-791637AE42FE}" = protocol=17 | dir=in | app=e:\livegame\steam\steamapps\common\counter-strike source\hl2.exe |
"{C826577E-2525-4FE3-87B9-5984A31C2FA3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CB2E9BB7-3E18-43CC-837C-7C178D02EC02}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{CCAA59C3-154D-4C05-923B-1A7373BB14EB}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{CE639C57-D6AC-4DC7-9732-5F05D79D6444}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CED9CDEC-CECF-4182-8765-19570C5868D0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D00FF866-10CF-4DBC-B397-BF37BE363A27}" = protocol=17 | dir=in | app=e:\livegame\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{D0A1554A-A0F5-4413-9155-2E19F18DFFF9}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\local\apps\2.0\xv8zgwpt.t9k\81bwk8r0.a1p\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\curseclient.exe |
"{D37FCDAE-31FE-4D87-9518-5EDB2FCE5422}" = protocol=6 | dir=in | app=e:\livegame\tera\client\tl.exe |
"{D4D51282-9B47-479E-B059-F63080F3B5A1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D62732FE-0109-4C95-8DB2-738A7798DFA6}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{D77DB801-7A2C-440F-A4AB-75F7CD6B6E50}" = protocol=17 | dir=in | app=e:\livegame\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{D9F75098-EB12-4012-8E26-68601C4E3784}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DC028A09-4E0F-4A95-A270-DB82011A3F05}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{DE024AD0-28F3-454B-A2E0-922953B58988}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{DE9DBC8C-031A-47C6-B8F1-F25A8045048B}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{DFB7CDBC-3612-4587-A0DC-DD36E1B75544}" = protocol=17 | dir=in | app=e:\livegame\tera\client\tl.exe |
"{E01833FB-9D91-45A2-91AC-4D4216A6CF67}" = protocol=6 | dir=out | app=e:\livegame\tera\client\tera.exe |
"{E0571859-59F8-4AA8-B1AD-6F590300B78A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E4CA54E9-6418-4C35-AC8D-6C3FC552C948}" = protocol=6 | dir=in | app=e:\livegame\steam\steamapps\common\team fortress 2\hl2.exe |
"{E51D4C57-8D9B-40F5-9196-DB6F5FB7D117}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E5510C53-CAB2-4ECF-9DE6-7C0C557EB5A9}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E6961D56-EC3A-46B6-87C9-A378371D1E2F}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{E73715AB-CCDF-40F3-85A7-21146FE70364}" = protocol=17 | dir=in | app=e:\livegame\tera\tera-launcher.exe |
"{E74DFAAC-1ED5-4540-BFA6-70D87D160B00}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\local\apps\2.0\xv8zgwpt.t9k\81bwk8r0.a1p\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe |
"{E864E85E-CACA-49B4-A1BF-3189BCB11E3E}" = protocol=6 | dir=in | app=e:\livegame\steam\steamapps\common\counter-strike source\hl2.exe |
"{E880DE84-E521-4CCF-820F-427D2DBB8066}" = protocol=6 | dir=in | app=e:\livegame\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{E92531A2-FCE5-4572-B8ED-6689C9E25F32}" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"{E9FEBF4E-2A73-4FE6-88FA-C56DB4F157D0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{EB73E316-CB1B-4F85-9161-10F74ADAB468}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{EBFA83C2-7329-46C4-A3FD-E941E51AB316}" = protocol=6 | dir=in | app=e:\livegame\steam\steamapps\common\counter-strike source\hl2.exe |
"{EE8E1D86-1C3D-4873-9F6B-494942534B45}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EF46BF78-48C5-4403-B906-BD15C63940DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EF4E5D6C-0F42-4630-B964-3A2D2DBCB4F7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{F01EBC74-498A-4509-9634-4BA84307F8CE}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{F128CC26-4380-48DA-B9F5-10A32F391DE7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{F449BE55-B38B-4EBF-905F-8C9A8A262B3E}" = protocol=6 | dir=out | app=e:\livegame\tera\tera-launcher.exe |
"{F7C6BE2D-91AC-4870-B7E2-239D70FB8C36}" = protocol=17 | dir=in | app=e:\livegame\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{F832FD2A-7CEA-4BF5-8250-F27EA0E2E26A}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\roaming\dropbox\bin\dropbox.exe |
"{F8517138-9C37-4E27-9366-87671148AB7F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{FB5F8CE9-8633-441C-8382-80F0D977CB48}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{FE7741AF-25ED-44B4-9963-77D5C15F518F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FE776B7D-0FEF-4C27-A420-C0D870E818D6}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\local\apps\2.0\xv8zgwpt.t9k\81bwk8r0.a1p\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\curseclient.exe |
"{FEC83AF1-DF20-4781-9E11-057CF4EB3D7F}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{FFEC3551-080F-444A-A84C-E32A94B7FB8C}" = protocol=17 | dir=in | app=e:\livegame\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"TCP Query User{05EAC246-FDE8-4417-9D03-F50871B1798A}C:\users\dominik\desktop\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\dominik\desktop\guild wars 2\gw2.exe |
"TCP Query User{15B1B8D2-7301-49B7-BC3C-E4C55A58EBCA}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{17F5A17F-02FC-4EE8-A7C9-C1C98A30F818}G:\program files (x86)\activision\call of duty black ops ii\t6sp.exe" = protocol=6 | dir=in | app=g:\program files (x86)\activision\call of duty black ops ii\t6sp.exe |
"TCP Query User{29338912-7C3D-4031-B607-CEB46874F0F2}E:\livegame\hearthstone\hearthstone.exe" = protocol=6 | dir=in | app=e:\livegame\hearthstone\hearthstone.exe |
"TCP Query User{629E97A0-B584-4C79-8FAE-E2B4C5D38790}E:\livegame\hearthstone\hearthstone.exe" = protocol=6 | dir=in | app=e:\livegame\hearthstone\hearthstone.exe |
"TCP Query User{68AA2249-BB84-4805-AAD3-E5292C40FA7B}C:\users\dominik\desktop\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\dominik\desktop\guild wars 2\gw2.exe |
"TCP Query User{77E6F4A3-EE4B-4442-B467-A87319D28882}E:\livegame\gw2\gw2.exe" = protocol=6 | dir=in | app=e:\livegame\gw2\gw2.exe |
"TCP Query User{81285344-9C3D-47DB-A5A1-F4E88982DC2C}E:\livegame\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=e:\livegame\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{8F871223-E6C4-4C0B-A3D4-4E88D42128F3}E:\livegame\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=e:\livegame\diablo iii\diablo iii.exe |
"TCP Query User{95887541-8695-491B-B4E4-4890CAB0FBEA}E:\livegame\diablo iii - eu\diablo iii.exe" = protocol=6 | dir=in | app=e:\livegame\diablo iii - eu\diablo iii.exe |
"TCP Query User{C7900F31-D33E-417F-8E1B-C33C60DE0554}G:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=g:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{E0D6D0FF-757B-4B1A-8E8A-2827FC55CB59}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"TCP Query User{ED4395F2-47FF-4944-85AF-BB7F09883CE6}E:\livegame\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=e:\livegame\diablo iii\diablo iii.exe |
"TCP Query User{FED74239-3D8A-4B6F-A605-7A55AFF7D152}C:\botuser\auth\hb_auth_server.exe" = protocol=6 | dir=in | app=c:\botuser\auth\hb_auth_server.exe |
"UDP Query User{128E3A89-0EFD-4A87-AB90-6314264DC838}E:\livegame\gw2\gw2.exe" = protocol=17 | dir=in | app=e:\livegame\gw2\gw2.exe |
"UDP Query User{1AC5F656-11F3-4FC7-B453-D31F57706979}G:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=g:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{4A10F769-FDC6-4A8C-B5AC-B4E1B8CBC117}E:\livegame\diablo iii - eu\diablo iii.exe" = protocol=17 | dir=in | app=e:\livegame\diablo iii - eu\diablo iii.exe |
"UDP Query User{57DE2496-F56C-4ABB-8DDC-BCC7DD68E6B1}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"UDP Query User{615FA1A3-B843-404D-8917-51DDB459DE43}C:\botuser\auth\hb_auth_server.exe" = protocol=17 | dir=in | app=c:\botuser\auth\hb_auth_server.exe |
"UDP Query User{72375094-7FD0-4A03-9634-EE8A16F00B53}E:\livegame\hearthstone\hearthstone.exe" = protocol=17 | dir=in | app=e:\livegame\hearthstone\hearthstone.exe |
"UDP Query User{74CC16CB-7251-46DF-8FBD-217A186CA663}C:\users\dominik\desktop\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\dominik\desktop\guild wars 2\gw2.exe |
"UDP Query User{752A365D-1931-4795-9321-360E7D8F387A}E:\livegame\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=e:\livegame\diablo iii\diablo iii.exe |
"UDP Query User{899053AC-199D-4BFD-9DE8-86553377BF57}C:\users\dominik\desktop\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\dominik\desktop\guild wars 2\gw2.exe |
"UDP Query User{94871038-85C3-48B0-A5BB-BBACDBA15030}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{A047B779-7551-4615-A47C-0118CA837DEF}E:\livegame\hearthstone\hearthstone.exe" = protocol=17 | dir=in | app=e:\livegame\hearthstone\hearthstone.exe |
"UDP Query User{CD610329-E45F-433B-A638-88F8517FEC31}G:\program files (x86)\activision\call of duty black ops ii\t6sp.exe" = protocol=17 | dir=in | app=g:\program files (x86)\activision\call of duty black ops ii\t6sp.exe |
"UDP Query User{DB63DAD8-1671-4286-A896-71FF9701406C}E:\livegame\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=e:\livegame\diablo iii\diablo iii.exe |
"UDP Query User{EA2AD067-5199-448F-8564-BBD3C2396C25}E:\livegame\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=e:\livegame\activision\call of duty 4 - modern warfare\iw3mp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========