Home » Viren, Trojaner & Malware Forum » Trojaner: Patched3_c.BLDE lässt sich nicht entfernen » Themenansicht
Trojaner: Patched3_c.BLDE lässt sich nicht entfernen |
||
|---|---|---|
| #0
| ||
|
24.08.2015, 19:26
Member
Beiträge: 104 |
||
 
|
|
|
|
25.08.2015, 17:03
Member
 Beiträge: 4730 |
#2
Die Datei C:\Windows\SECOH-QAD.exe ist sehr wahrscheinlich kein Virus. Soweit ich sehen kann, ist diese Datei u.a. in Verbindung mit der Aktivierung von Windows oder Office häufig in Erscheinung getreten. Und zwar dann, wenn man aus irgendeinem Grund Windows oder Office nicht über Microsoft aktiviert hat, sondern über ein separates Tool (KMSPico). Bspw. dann, wenn das Windows oder Office nicht lizenziert wurde (also illegal ist) oder man paranoid ist (dass man dann ganz auf Windows/Office verzichten sollte, ist ein anderes Thema).
__________ Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren. Der Grabsteinschubser |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
Ich fange mal direkt an mit
Problembeschreibung / Symptome
Also seit knapp einer Woche habe ich bei jeden Computer Start eine Trojaner Warnung vom AVG Antivirus programm.AVG entfernt den Trojaner angeblich aber nach jeden Neustart ist er wieder da.
Es steht immer Bedrohung: Trojaner
und Objektname: c:\Windows\SECOH-QAD.exe
Probleme habe ich eigentlich nicht mit meinem PC.
Ausser das ab und zu das internet mal kurz aus und an geht. Aber da bin ich mir nicht sicher ob das nicht am Wlan liegt.
Geändert habe ich nichts am System. Ich habe aber vor einer weile mal diverse Daten wie Fotos/Musik von einer cd auf den Pc gezogen.
OTL.txt
OTL logfile created on: 24.08.2015 18:59:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17937)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,93 Gb Total Physical Memory | 6,44 Gb Available Physical Memory | 81,16% Memory free
15,93 Gb Paging File | 14,48 Gb Available in Paging File | 90,86% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237,96 Gb Total Space | 177,58 Gb Free Space | 74,62% Space Free | Partition Type: NTFS
Drive D: | 698,63 Gb Total Space | 555,43 Gb Free Space | 79,50% Space Free | Partition Type: NTFS
Drive E: | 4,15 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: CHUCKNORIS | User Name: Dasmo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2015.08.24 18:54:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Desktop\OTL.exe
PRC - [2015.07.23 17:46:51 | 003,175,312 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
PRC - [2015.07.23 17:46:51 | 001,874,320 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe
PRC - [2015.07.23 17:46:51 | 001,402,768 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
PRC - [2015.07.23 17:46:51 | 001,195,920 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
PRC - [2015.07.23 17:46:51 | 000,168,336 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\loggingserver.exe
PRC - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015.07.07 14:32:32 | 003,730,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe
PRC - [2015.07.07 14:28:04 | 000,314,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
PRC - [2015.02.18 20:57:11 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2015.01.04 16:31:22 | 000,896,512 | ---- | M] () -- C:\Users\Dasmo\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\3356edf7a88e475d88eac25e50bcafe7\AddonsHelper.exe
PRC - [2014.12.15 13:29:58 | 005,426,448 | ---- | M] (TeamViewer GmbH) -- c:\users\dasmo\appdata\local\temp\teamviewer\TeamViewer_Service.exe
PRC - [2014.10.29 04:05:57 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2014.05.28 11:10:36 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2014.05.28 11:10:36 | 000,016,232 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2014.05.14 16:08:22 | 000,405,976 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2014.05.14 16:08:16 | 000,154,584 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.02.16 10:46:42 | 000,043,112 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2015.08.12 19:10:26 | 007,785,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43edd630a9f8cd6ac38c527b106ec94f\System.Xml.ni.dll
MOD - [2015.08.12 19:10:23 | 001,874,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\6281ab590224520bad7c4f5b3ef37575\System.Xaml.ni.dll
MOD - [2015.08.12 19:10:22 | 012,898,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\592a40dd076e6e46b4a8bc95bb64b2e8\System.Windows.Forms.ni.dll
MOD - [2015.08.12 19:10:15 | 019,567,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\662aae610c401a254416904a4861b189\System.ServiceModel.ni.dll
MOD - [2015.08.12 19:10:05 | 002,803,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ab763e7f2c7532e9fe8f587995105156\System.Runtime.Serialization.ni.dll
MOD - [2015.08.12 19:10:02 | 001,635,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8efdc7a3726640f79d9333da88accaf8\System.Drawing.ni.dll
MOD - [2015.08.12 19:09:56 | 000,968,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\814dd462b742d7c16c620e79397b2463\System.Configuration.ni.dll
MOD - [2015.07.23 17:46:52 | 040,638,864 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\libcef.dll
MOD - [2015.07.23 17:46:52 | 000,528,272 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\log4cplusU.dll
MOD - [2015.07.23 17:46:51 | 003,175,312 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
MOD - [2015.07.17 09:28:14 | 002,964,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\fc3b086418e8d8807cfb6b88ccae1c64\System.IdentityModel.ni.dll
MOD - [2015.07.17 09:28:13 | 001,070,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\3d476a44c20ddf99250f3ade1b0da1da\System.ServiceModel.Web.ni.dll
MOD - [2015.07.17 09:28:11 | 000,424,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv30e99c02#\480b7d78c66bc87afdaf1b7c2abc726f\System.ServiceModel.Channels.ni.dll
MOD - [2015.07.17 09:28:09 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7159bb28e23de8ed898a2acb1dbfef6c\System.ServiceModel.Internals.ni.dll
MOD - [2015.07.17 09:28:08 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\1c09d6db83322a23a1744d75c4836f85\SMDiagnostics.ni.dll
MOD - [2015.07.16 21:14:16 | 006,951,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\67bdc09fa286920c1f42f2a98c400f95\System.Core.ni.dll
MOD - [2015.07.16 21:14:13 | 010,030,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\1c5fe4cb68f67046baec4c3a854f722f\System.ni.dll
MOD - [2014.01.27 13:52:41 | 017,395,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV:64bit: - [2015.05.30 21:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2015.05.25 15:07:50 | 001,430,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015.05.12 15:19:37 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2015.05.07 17:21:51 | 000,522,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2015.03.31 22:13:18 | 000,246,272 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2015.02.21 01:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014.10.31 06:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.10.29 06:09:06 | 000,092,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2014.10.29 05:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014.10.29 05:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014.10.29 04:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2014.10.29 04:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2014.10.29 04:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2014.10.29 04:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2014.10.29 04:30:35 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2014.10.29 04:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2014.10.29 03:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2014.10.29 03:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2014.10.29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2014.10.29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2014.10.29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2014.10.29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2014.10.29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2014.10.29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2014.10.29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2014.10.29 03:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2014.10.29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014.10.29 03:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2014.10.29 03:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2014.10.29 03:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2014.10.29 03:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2014.10.29 03:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2014.10.29 03:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014.10.29 03:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2014.10.29 03:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014.10.29 03:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014.10.29 03:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014.10.29 03:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2014.10.29 02:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2014.10.29 02:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014.10.29 02:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014.10.29 02:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013.11.01 02:50:20 | 000,241,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV - [2015.08.19 22:39:00 | 000,838,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015.08.03 12:47:10 | 002,545,512 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2015.08.03 12:13:12 | 000,417,552 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2015.07.23 17:46:51 | 001,874,320 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe -- (vToolbarUpdater18.8.0)
SRV - [2015.07.23 17:46:51 | 001,195,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe -- (WtuSystemSupport)
SRV - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.07.07 14:35:34 | 003,518,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2015.07.07 14:28:04 | 000,314,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe -- (avgwd)
SRV - [2015.06.03 16:42:38 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015.05.07 17:05:40 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2015.04.13 12:24:03 | 000,237,352 | ---- | M] (EasyAntiCheat Ltd) [On_Demand | Stopped] -- C:\Windows\SysWOW64\EasyAntiCheat.exe -- (EasyAntiCheat)
SRV - [2015.03.14 16:18:09 | 001,910,640 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015.02.18 20:57:11 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2015.02.02 22:53:24 | 000,971,968 | ---- | M] (@ByELDI) [Auto | Stopped] -- C:\Programme\KMSpico\Service_KMS.exe -- (Service KMSELDI)
SRV - [2015.01.04 16:31:22 | 000,896,512 | ---- | M] () [Auto | Running] -- C:\Users\Dasmo\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\3356edf7a88e475d88eac25e50bcafe7\AddonsHelper.exe -- (AddonsHelper)
SRV - [2015.01.04 16:31:21 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Users\Dasmo\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2014.12.15 13:29:58 | 005,426,448 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- c:\users\dasmo\appdata\local\temp\teamviewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2014.10.29 05:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014.10.29 03:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014.10.29 03:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014.05.28 11:10:36 | 000,016,232 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2014.05.14 16:08:22 | 000,405,976 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2014.05.14 16:08:16 | 000,154,584 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2014.01.31 16:42:00 | 000,887,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV - [2012.02.16 10:46:42 | 000,043,112 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe -- (ADExchange)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:64bit: - [2015.08.03 12:12:32 | 000,045,680 | -H-- | M] (LogMeIn Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Hamdrv.sys -- (Hamachi)
DRV:64bit: - [2015.07.07 11:40:12 | 000,044,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2015.07.07 11:40:05 | 000,270,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2015.07.07 11:40:05 | 000,114,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2015.06.26 09:49:10 | 000,293,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2015.06.16 15:55:04 | 000,259,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2015.06.15 23:58:30 | 000,295,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2015.06.10 16:38:48 | 000,226,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2015.06.07 00:45:50 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015.05.20 17:20:52 | 000,095,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2015.05.12 14:36:54 | 000,253,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2015.05.07 13:50:22 | 000,378,336 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2015.04.16 08:17:07 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2015.03.31 22:41:18 | 019,338,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2015.03.31 22:09:30 | 000,591,872 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2015.03.27 08:40:48 | 000,021,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2015.03.20 12:18:18 | 000,040,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2015.03.20 03:56:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2015.03.17 19:26:06 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2015.03.13 06:03:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2015.03.11 12:16:06 | 000,162,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2015.03.09 04:02:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2015.03.09 04:02:45 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2015.03.04 12:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014.12.21 05:38:18 | 000,223,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWB6.sys -- (AtiHDAudioService)
DRV:64bit: - [2014.10.29 05:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014.10.29 05:59:12 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014.10.29 05:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014.10.29 05:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014.10.29 04:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2014.10.29 04:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2014.10.29 04:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014.10.29 04:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2014.10.29 04:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2014.10.28 01:46:14 | 000,062,152 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2014.10.15 10:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014.10.13 04:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014.10.13 04:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014.10.07 08:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014.10.07 08:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2014.08.15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014.05.28 11:10:20 | 000,672,104 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2014.05.14 16:08:16 | 000,125,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2014.03.19 16:23:08 | 000,050,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2014.03.13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014.02.22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014.02.22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014.01.22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014.01.22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.10.26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013.10.05 17:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013.09.30 06:13:28 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013.09.30 05:59:31 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013.09.30 05:59:20 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013.09.30 05:59:19 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013.09.30 05:59:19 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013.09.30 05:59:19 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013.08.29 09:55:50 | 000,468,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d64x64.sys -- (e1dexpress)
DRV:64bit: - [2013.08.22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013.08.22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.08.22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013.08.22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013.08.22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.08.22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013.08.22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013.08.22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013.08.22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013.08.22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013.08.22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013.08.22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013.08.22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013.08.22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013.08.22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013.08.22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013.08.22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.08.22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013.08.22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013.08.22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.08.22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013.08.22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013.08.22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013.08.22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.08.22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013.08.22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013.08.22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013.08.22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013.08.22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013.08.22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013.08.22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013.08.22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013.08.22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013.08.22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.08.22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013.08.22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013.08.22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013.08.22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013.08.22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013.08.22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.08.22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013.08.22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013.08.22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013.08.22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013.08.13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013.08.10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013.07.30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013.07.25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013.06.18 16:45:26 | 000,460,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2012.09.23 01:17:24 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {721061fb-eb79-4568-a03c-3ce26d68dae9}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = http://www.firetab.org/?type=ds3se&p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={D6E87753-D348-477A-ADEA-6F19C6072043}&mid=732a4978a95147cda1e2a59d731f0f6a-9cbbfd42fb27663bd4451ac766897ab1cd5bda5d&lang=de&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-12-11 08:53:08&v=4.1.0.411&pid=wtu&sg=&sap=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/de-de/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 FB C7 5B 48 0B D0 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {721061fb-eb79-4568-a03c-3ce26d68dae9}
IE - HKCU\..\SearchScopes\{00A28309-5798-452F-AEE3-1E5B05FB09B0}: "URL" = http://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e754e442-f799-449e-8d9e-50c90cbedaae&pid=chipde&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494553523032&st={searchTerms}&clid=e754e442-f799-449e-8d9e-50c90cbedaae&pid=chipde&k=0
IE - HKCU\..\SearchScopes\{6EB195C8-2055-4B1A-A356-0880DD2BCF16}: "URL" = http://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e754e442-f799-449e-8d9e-50c90cbedaae&pid=chipde&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = http://www.firetab.org.anonymize-me.de/?anonymto=687474703A2F2F7777772E666972657461622E6F72672F3F747970653D647333736526703D7B7365617263685465726D737D&st={searchTerms}&clid=e754e442-f799-449e-8d9e-50c90cbedaae&pid=chipde&k=0
IE - HKCU\..\SearchScopes\{75114CE0-8118-4419-B291-8E0103BAF262}: "URL" = http://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e754e442-f799-449e-8d9e-50c90cbedaae&pid=chipde&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{90EEBAC7-92D0-4072-9844-7C2B43FD5273}: "URL" = http://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e754e442-f799-449e-8d9e-50c90cbedaae&pid=chipde&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://mysearch.avg.com/search?cid={D6E87753-D348-477A-ADEA-6F19C6072043}&mid=732a4978a95147cda1e2a59d731f0f6a-9cbbfd42fb27663bd4451ac766897ab1cd5bda5d&lang=de&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-12-11 08:53:08&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{DDAA6842-FADE-457E-AE87-7363A6447F0A}: "URL" = http://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e754e442-f799-449e-8d9e-50c90cbedaae&pid=chipde&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{FF4B8124-6FC9-425B-8D12-6341D77AA1A9}: "URL" = http://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e754e442-f799-449e-8d9e-50c90cbedaae&pid=chipde&mode=bounce&k=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.8.0\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[color=#E56717]========== Chrome ==========[/color]
CHR - Extension: No name found = C:\Users\Dasmo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Dasmo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Dasmo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\Dasmo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Dasmo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\
CHR - Extension: No name found = C:\Users\Dasmo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Dasmo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Dasmo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\Dasmo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.4.6_0\
CHR - Extension: No name found = C:\Users\Dasmo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Dasmo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2013.08.22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (AVG Web TuneUp) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Web TuneUp\4.1.5.143\AVG Web TuneUp.dll (AVG)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (DVDVideoSoft IE Extension) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O2 - BHO: (AVG Web TuneUp) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.1.5.143\AVG Web TuneUp.dll (AVG)
O2 - BHO: (DVDVideoSoft IE Extension) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Dasmo\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Web TuneUp\vprot.exe ()
O4 - HKCU..\Run: [Dropbox Update] C:\Users\Dasmo\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Dasmo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Dasmo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A426CD8C-F172-4276-8BD4-988F99A508DA}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9348757b-3a05-11e5-8359-74d435fbe699}\Shell - "" = AutoRun
O33 - MountPoints2\{9348757b-3a05-11e5-8359-74d435fbe699}\Shell\AutoRun\command - "" = "G:\pushinst.exe"
O33 - MountPoints2\{f4311630-0c23-11e5-831b-74d435fbe699}\Shell - "" = AutoRun
O33 - MountPoints2\{f4311630-0c23-11e5-831b-74d435fbe699}\Shell\AutoRun\command - "" = "G:\autorun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {78E345F7-E976-3595-9C30-2458D6A8EC32} - .NET Framework
ActiveX:64bit: {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EC43E638-09F0-38CC-A585-72FCCDDF035C} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs:64bit: MsKeyboardFilter - C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2015.08.24 18:54:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Desktop\OTL.exe
[2015.08.23 14:22:07 | 000,000,000 | ---D | C] -- D:\Desktop\Minecraft Server
[2015.08.14 17:19:33 | 000,000,000 | ---D | C] -- C:\Users\Dasmo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2015.08.06 17:42:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2015.08.06 17:42:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2015.08.05 20:56:53 | 000,000,000 | ---D | C] -- C:\Users\Dasmo\AppData\Local\Diagnostics
[2015.08.05 20:40:15 | 000,000,000 | ---D | C] -- C:\Users\Dasmo\AVM_Driver
[2015.08.03 12:12:32 | 000,045,680 | -H-- | C] (LogMeIn Inc.) -- C:\Windows\SysNative\drivers\Hamdrv.sys
[2015.07.26 20:25:02 | 000,000,000 | ---D | C] -- C:\Users\Dasmo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2015.07.26 20:25:02 | 000,000,000 | ---D | C] -- C:\Users\Dasmo\AppData\Roaming\IrfanView
[2015.07.26 20:25:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2015.08.24 18:54:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Desktop\OTL.exe
[2015.08.24 18:54:33 | 000,380,416 | ---- | M] () -- D:\Desktop\uuthscg7.exe
[2015.08.24 18:45:43 | 001,780,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.08.24 18:45:43 | 000,765,378 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2015.08.24 18:45:43 | 000,723,316 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.08.24 18:45:43 | 000,159,696 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2015.08.24 18:45:43 | 000,135,930 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.08.24 18:43:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.08.24 18:42:40 | 000,001,140 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.08.24 18:41:31 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.08.24 18:41:30 | 000,004,608 | ---- | M] () -- C:\Windows\SECOH-QAD.exe
[2015.08.24 18:41:26 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015.08.24 18:41:25 | 2519,121,919 | -HS- | M] () -- C:\hiberfil.sys
[2015.08.24 18:16:52 | 000,001,246 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3918229237-664957073-1599165679-1001UA.job
[2015.08.21 18:44:00 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.08.14 17:19:40 | 000,001,147 | ---- | M] () -- C:\Users\Dasmo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2015.08.12 18:40:10 | 000,362,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.08.09 11:16:00 | 000,001,194 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3918229237-664957073-1599165679-1001Core.job
[2015.08.03 19:32:17 | 638,083,607 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2015.08.03 12:12:32 | 000,045,680 | -H-- | M] (LogMeIn Inc.) -- C:\Windows\SysNative\drivers\Hamdrv.sys
[2015.07.30 19:59:54 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[2015.07.26 20:25:03 | 000,000,910 | ---- | M] () -- D:\Desktop\IrfanView.lnk
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2015.08.24 18:54:32 | 000,380,416 | ---- | C] () -- D:\Desktop\uuthscg7.exe
[2015.08.24 18:41:30 | 000,004,608 | ---- | C] () -- C:\Windows\SECOH-QAD.exe
[2015.08.12 16:47:56 | 000,411,133 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2015.07.26 20:25:03 | 000,000,910 | ---- | C] () -- D:\Desktop\IrfanView.lnk
[2015.06.07 14:36:53 | 000,000,109 | ---- | C] () -- C:\Windows\SysWow64\LPPCD01.ini
[2015.05.03 16:22:08 | 000,008,932 | ---- | C] () -- C:\Users\Dasmo\AppData\Local\recently-used.xbel
[2015.03.31 22:26:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\amdhdl32.dll
[2015.03.31 16:35:44 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014.12.23 22:24:58 | 000,348,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.12.23 22:24:57 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.11.29 00:45:55 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014.11.29 00:45:48 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2014.11.28 23:58:04 | 000,000,060 | ---- | C] () -- C:\Windows\Picture2avi.ini
[2014.11.28 23:32:05 | 000,003,584 | ---- | C] () -- C:\Windows\SECOH-QAD.dll
[2014.11.28 23:21:49 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014.11.28 23:11:45 | 001,713,704 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.11.28 23:10:09 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014.11.28 22:57:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014.07.21 23:04:58 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014.07.21 23:04:58 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014.07.21 23:04:46 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014.07.21 23:04:04 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014.07.21 23:04:04 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2014.11.29 14:09:37 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.05.07 19:50:50 | 022,292,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.05.07 18:53:12 | 019,734,960 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014.10.29 03:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014.10.29 02:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014.10.29 03:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
[color=#E56717]========== LOP Check ==========[/color]
[2015.07.09 20:10:58 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\.minecraft
[2015.04.24 19:36:30 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\.mono
[2015.07.12 10:59:07 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\7DaysToDie
[2014.11.29 01:15:24 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\AMD
[2015.03.01 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\Ashampoo
[2014.11.29 01:07:43 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\AVG2015
[2014.12.10 15:10:34 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\avidemux
[2015.02.18 20:30:22 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\ClassicShell
[2014.12.05 19:40:04 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\concept design
[2015.06.07 14:49:37 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\DAEMON Tools Lite
[2015.05.30 13:41:28 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\DAEMON Tools Pro
[2015.01.04 16:31:22 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\DesktopIconForAmazon
[2015.08.24 18:41:46 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\Dropbox
[2015.02.28 15:38:27 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\DVDVideoSoft
[2015.01.02 16:09:07 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\elsterformular
[2015.01.04 16:32:16 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\HDRsoft
[2014.11.29 14:09:58 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\HeroesAndGeneralsDesktop
[2015.07.26 20:25:02 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\IrfanView
[2015.01.11 13:06:34 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\java
[2015.05.03 16:25:56 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\library_dir
[2015.01.04 16:31:21 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\OCS
[2015.05.20 18:54:24 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\OpenOffice
[2015.01.04 16:31:23 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\Opera
[2015.02.18 20:36:44 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\Origin
[2015.08.01 14:21:38 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\Raptr
[2015.05.14 20:30:07 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\SpaceEngineers
[2014.12.21 19:58:15 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\SQLite Administrator
[2014.12.21 20:01:12 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\TeamViewer
[2014.11.29 01:07:25 | 000,000,000 | ---D | M] -- C:\Users\Dasmo\AppData\Roaming\TuneUp Software
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color]
[2014.11.29 01:06:50 | 000,000,000 | -H-D | M] -- C:\$AVG
[2014.11.28 23:06:06 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2015.05.03 16:22:57 | 000,000,000 | ---D | M] -- C:\AMD
[2013.08.22 16:45:52 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2014.11.28 22:06:30 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2013.08.22 17:22:35 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2015.06.12 19:40:32 | 000,000,000 | R--D | M] -- C:\Program Files
[2015.08.06 17:42:37 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2015.07.15 19:09:24 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2014.11.28 22:06:30 | 000,000,000 | -HSD | M] -- C:\Programme
[2015.08.24 19:00:15 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2014.11.28 22:11:50 | 000,000,000 | R--D | M] -- C:\Users
[2015.08.24 18:41:30 | 000,000,000 | ---D | M] -- C:\Windows
[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color]
[color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2015.03.14 17:47:55 | 000,087,190 | ---- | M] () MD5=1BF154F7BFAE2B9E0545FB09946C1817 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_42bfa1f94d79e1bb\explorer.exe
[2014.12.07 18:36:50 | 000,395,976 | ---- | M] () MD5=45DD8FAA7B53ABD29BCB9BACABFFC818 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2015.03.14 17:52:05 | 000,107,122 | ---- | M] () MD5=52063502D4A2E28FEBEA781D0EE5C453 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_4d144c4b81daa3b6\explorer.exe
[2014.12.07 18:36:38 | 000,403,708 | ---- | M] () MD5=522DDC0696B8EB4686DE43FA99C10B53 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2014.12.19 19:50:42 | 000,346,147 | ---- | M] () MD5=55391B845E5D22B584AEA0DE35966F98 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2014.12.07 18:36:40 | 000,406,681 | ---- | M] () MD5=62238257A6B69315C3787E6C4486870A -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014.12.19 19:50:55 | 000,351,441 | ---- | M] () MD5=6A6935B33EE18E13EDFEF98404654FA5 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2014.12.19 19:50:48 | 000,345,550 | ---- | M] () MD5=76D95D618ADDE0293388ACBB89EC4094 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2015.01.28 01:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\SysWOW64\explorer.exe
[2015.01.28 01:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe
[2014.12.19 19:51:02 | 000,338,811 | ---- | M] () MD5=9E110FC1BA4AB7CB5F2F9D27DB534223 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2014.12.19 19:50:52 | 000,345,429 | ---- | M] () MD5=AC04D9498581D3AC2A73F6F2A13D1A93 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2015.01.28 01:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\explorer.exe
[2015.01.28 01:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe
[2014.12.07 18:36:45 | 000,406,199 | ---- | M] () MD5=C976EC89ECC3E8F0A96CF0FB4B2D4524 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014.12.07 18:36:43 | 000,406,201 | ---- | M] () MD5=D30BB9A38A9420AD4E4C8BEABAA1EC91 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014.12.19 19:50:45 | 000,346,156 | ---- | M] () MD5=D9069754FA93AD21A7F7A3FD90C5FA3E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014.12.07 18:36:36 | 000,402,986 | ---- | M] () MD5=F3A87D5CBF5BF5DF75AD23DC8E1289D8 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[color=#A23BEC]< MD5 for: REGEDIT.EXE >[/color]
[2014.10.29 04:12:30 | 000,154,624 | ---- | M] (Microsoft Corporation) MD5=2F3FED31AC2846D8AD5DBC396A7E3DF1 -- C:\Windows\regedit.exe
[2014.10.29 03:34:53 | 000,134,144 | ---- | M] (Microsoft Corporation) MD5=2F3FED31AC2846D8AD5DBC396A7E3DF1 -- C:\Windows\SysWOW64\regedit.exe
[2014.10.29 03:34:53 | 000,134,144 | ---- | M] (Microsoft Corporation) MD5=2F3FED31AC2846D8AD5DBC396A7E3DF1 -- C:\Windows\WinSxS\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.3.9600.17415_none_ef8e5a9de3f6db8e\regedit.exe
[2014.12.27 15:38:32 | 000,023,818 | ---- | M] () MD5=80A78D879EE46A658C52E08B99A48871 -- C:\Windows\WinSxS\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.3.9600.16384_none_ef41bfc1e4306f06\regedit.exe
[2014.10.29 04:12:30 | 000,154,624 | ---- | M] (Microsoft Corporation) MD5=B67DB709F5FDAA89CA6C2CB6C1E39B3B -- C:\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.3.9600.17415_none_e539b04baf961993\regedit.exe
[2014.12.08 14:27:37 | 000,019,857 | ---- | M] () MD5=C3E5389FB614612FD4226EE577666D21 -- C:\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.3.9600.16384_none_e4ed156fafcfad0b\regedit.exe
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2014.12.17 09:52:08 | 000,002,671 | ---- | M] () MD5=061AC3BD7ADC5DCBA6AC0F23895266F8 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2014.12.28 18:40:03 | 000,004,269 | ---- | M] () MD5=1AE98168631581DE1343C3A87A6CBCA9 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
[2014.10.29 03:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\Windows\SysNative\userinit.exe
[2014.10.29 03:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_cd33b4fca56d6b07\userinit.exe
[2014.10.29 03:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\SysWOW64\userinit.exe
[2014.10.29 03:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_71151978ed0ff9d1\userinit.exe
[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2014.10.29 03:25:54 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=A570A64292214C43E0BA50E6A72A6380 -- C:\Windows\SysNative\wininit.exe
[2014.10.29 03:25:54 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=A570A64292214C43E0BA50E6A72A6380 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.3.9600.17415_none_21fdb3b5d80e199e\wininit.exe
[2014.12.17 09:57:12 | 000,026,215 | ---- | M] () MD5=DCF5C72FC1D8BE1165975F1339DC92DA -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.3.9600.16384_none_21b118d9d847ad16\wininit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2014.12.17 09:57:15 | 000,100,951 | ---- | M] () MD5=A176623494AF009927242266EF51DCFB -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014.12.17 09:57:14 | 000,101,964 | ---- | M] () MD5=E83463DC1465FF73660AD78CDFF51F15 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2014.10.29 03:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\Windows\SysNative\winlogon.exe
[2014.10.29 03:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17415_none_60cdfbfda8aeeef1\winlogon.exe
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
< End of report >
Extras.txt
OTL Extras logfile created on: 24.08.2015 18:59:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17937)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,93 Gb Total Physical Memory | 6,44 Gb Available Physical Memory | 81,16% Memory free
15,93 Gb Paging File | 14,48 Gb Available in Paging File | 90,86% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237,96 Gb Total Space | 177,58 Gb Free Space | 74,62% Space Free | Partition Type: NTFS
Drive D: | 698,63 Gb Total Space | 555,43 Gb Free Space | 79,50% Space Free | Partition Type: NTFS
Drive E: | 4,15 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: CHUCKNORIS | User Name: Dasmo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[color=#E56717]========== Shell Spawning ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
[color=#E56717]========== Security Center Settings ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07952486-BC70-4902-AF78-6E05210F9E73}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{07D10560-8289-4106-A8B6-EF9C1294CA30}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1C60C591-8561-44F2-AD10-3CF9BFCBDFFE}" = lport=137 | protocol=17 | dir=in | app=system |
"{210162A2-100D-43CD-A96D-D256642C24B7}" = rport=445 | protocol=6 | dir=out | app=system |
"{239446CE-46E3-4940-A014-D373BAAFFFD1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3C489B6F-78DE-492E-8030-83D226AD4BC6}" = lport=138 | protocol=17 | dir=in | app=system |
"{95882E53-19E8-4C18-8FF3-71904DA757D9}" = rport=138 | protocol=17 | dir=out | app=system |
"{99458ED2-6BFD-4004-9AD4-1C854FC373F5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{9A0BC8EB-84CC-4F5E-99F9-BD58931B1052}" = lport=1688 | protocol=6 | dir=in | name=kms emulator port |
"{A52FAFFD-F1CD-45E9-A998-6ED3AF316859}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B52B5F4C-9CFE-4A67-93C2-4E0E15D3E5C1}" = lport=139 | protocol=6 | dir=in | app=system |
"{BE738D65-C268-4D5B-A128-9346C57FB165}" = rport=139 | protocol=6 | dir=out | app=system |
"{D4151E8E-E9CB-44C3-9688-17A9A674F3F5}" = rport=137 | protocol=17 | dir=out | app=system |
"{FAE1ACA0-8B27-4555-92AA-8D3FFFCFA675}" = lport=445 | protocol=6 | dir=in | app=system |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042C246A-7965-45CB-8D59-CC464555F5DD}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\grand theft auto v\gtavlauncher.exe |
"{05584740-297B-496D-B204-4B49B7CF0FEB}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\7 days to die\7daystodie_eac.exe |
"{05D97499-FD56-4324-800C-D4C82A02C899}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\theme hospital\data\game\dosbox\launcher.exe |
"{0A39781B-6B64-4476-A868-5337DA191E33}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{12A71403-51C5-4A78-B09C-440A9F89D110}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\unturned\unturned.exe |
"{14E9AD8E-BE77-4E1C-97B4-976CA76AA3E3}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\reign of kings\rok.exe |
"{167CAACB-054C-4DC7-868E-B23E84D04CE5}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\prison architect\prison architect.exe |
"{168F35A0-8530-4412-8234-381E92D634CE}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2160B6A3-DF32-4000-87F0-5F3563F36326}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\robocraft\robocraft.exe |
"{22ACDFA5-EBE9-4E27-A91C-3038739DC039}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{2405EED2-68DF-4393-84FD-B8A7224F1D3F}" = protocol=17 | dir=in | app=c:\program files\kmspico\service_kms.exe |
"{2A924F25-F76B-47C4-9AA4-6BDF58CA701E}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{2E9C2D34-E612-433C-9C82-6BD59A83973D}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\spaceengineers\bin64\spaceengineers.exe |
"{2F62B60C-3FD5-4DC8-AF26-8C00FF95B367}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{30547360-7A56-4318-8652-B2A969378289}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{309435A4-DF11-4027-99CE-5D00DECF74FE}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\reign of kings\reign of kings.exe |
"{31279014-7470-4864-919E-2364E00244F8}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\grand theft auto v\gta5.exe |
"{329C53B5-50E4-40B9-88B2-4E2D49240914}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\unturned\unturned.exe |
"{380557D2-5FB2-43DA-8DE5-32E036547B7F}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\prison architect\prison architect.exe |
"{3DC13D71-8E41-401B-9AAE-BF5DF468F52A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{40C790B1-5056-4C0F-977E-DF0A408A3EFB}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{4521A7B1-E32E-40C0-93BB-B7EE49018967}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\spaceengineers\bin64\spaceengineers.exe |
"{481D2C07-A3C8-4356-9938-D8B7DC21C505}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{4AA5FDE3-0968-4BBD-9C6F-C1D97801F874}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{4C61F24E-60A0-4779-8833-5749B43507E6}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{5689A303-35A1-4208-A972-A51EF78266F2}" = dir=out | name=@{microsoft.bingweather_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{57E001A2-3FD0-48CA-8E82-155E01E492E6}" = protocol=58 | dir=in | app=system |
"{5CC0B3D9-E103-42FF-B1C4-38FCF2926BAF}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\projectzomboid\projectzomboid64.exe |
"{633CBBD2-0992-4F78-A3BE-630D3BC3FB1A}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\projectzomboid\projectzomboid32.exe |
"{67A0B30F-4AEE-4254-B05A-141D0FD050B4}" = protocol=6 | dir=in | app=c:\program files\kmspico\service_kms.exe |
"{6B77477A-EF51-4DC8-B5A4-FE281DD47135}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\kerbal space program\ksp.exe |
"{6F05B098-2412-4BDE-BA44-541D8431453E}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{6F9C4847-607F-42DE-8EC0-29FD6CA29495}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\reign of kings\reign of kings.exe |
"{7269CA6F-DB9E-47A3-AF54-E0D24382C932}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{7769BF90-FF85-4CF4-ACF6-015B7C398325}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{79C02586-7464-4754-96F6-F75B98AE006A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{7DC4420E-D429-473D-8D7C-B1BB91C82767}" = protocol=17 | dir=in | app=d:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"{86B699F4-17EA-4E26-B997-9CD5AD517571}" = dir=out | name=@{microsoft.bingnews_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{87585B9C-662F-4F83-9B2C-BC8FF05CAEF2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{89AD994A-EBD8-4888-8255-820CED0975A2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{8CA30DB1-A289-47C0-9224-77D0D097CF63}" = dir=out | name=@{microsoft.zunevideo_2.6.441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{91D77ACB-2308-446C-96DB-5BB5AA6DA13A}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{9703E050-8E17-42E5-A622-E1A4F4301644}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9B764C5F-2EA8-49A5-9B90-74D5F441AED4}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A4A30FAE-457C-4247-9BA0-095D9CAAFA6D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A4BC8522-3089-4F6C-B92E-DBA09BFFFA54}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\theme hospital\data\game\dosbox\launcher.exe |
"{A513EF53-56BB-4784-A275-9917B7AF5307}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\7 days to die\7daystodie.exe |
"{A88B700C-BC01-4E5A-9BE9-47EFB4479B06}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{AA31B37C-D1CD-4144-9233-4CA8EB9AC398}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\reign of kings\rok.exe |
"{B399654F-0179-48FB-93CF-9BB209FFA9B3}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{B8D7337B-2AEE-40EE-B695-FA8AB809445E}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\grand theft auto v\gta5.exe |
"{BA63A566-B9B2-487A-B701-E872AC3B62B3}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\7 days to die\7daystodie.exe |
"{BD46E31C-2337-427F-B8CB-7023B698E434}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\kerbal space program\ksp.exe |
"{C0347793-05F4-4582-BA67-45CB4A1A4AFF}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\grand theft auto v\gtavlauncher.exe |
"{C24A7678-7F1D-41C5-B439-BF1C97C61F5A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{C437D8AF-B37E-4C81-B777-5C67CD13E1E4}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\projectzomboid\projectzomboid64.exe |
"{C7889DC2-97EE-4A54-AD65-D13D7CE0DD84}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CDF06169-3C20-4B52-AFE7-2FF4AE5C11A2}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\cities_skylines\cities.exe |
"{D199BE68-9B11-4604-A4D3-7CFA64376014}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{D2DA8DF5-FBE2-4CAE-A293-EBDBB74FCBA4}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{D5600734-48BC-4FB3-9B73-89763B378A8E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D763755A-72B0-420B-8D6C-DA542AB3E3F4}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\projectzomboid\projectzomboid32.exe |
"{E372E4AD-47BF-4934-9EF2-C3E8691AE0E5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E884C39E-A402-4962-94CE-939EF75C09BE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E8BF9859-0329-467E-BC2E-F576E4894FEC}" = protocol=6 | dir=in | app=d:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"{EC8B991A-0248-4236-A3DD-9A94C6BE6921}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F045F34C-6C9E-4550-852D-12F2FC51AA5B}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\cities_skylines\cities.exe |
"{F05B3594-B762-439B-99C3-2750E1C78A19}" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\robocraft\robocraft.exe |
"{F4C67F7A-3D78-49D2-8C7B-03EA845453AD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FC8CE146-21C1-4ED1-A862-422FE04E7D0C}" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\7 days to die\7daystodie_eac.exe |
"{FC90D9E1-710B-4E62-A081-E94D482ED520}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{0EDE89A8-62DB-440E-B001-C1D38B13DA43}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=6 | dir=in | app=d:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"TCP Query User{23DC423B-82DE-4BEC-A1B1-218BC518FFA7}C:\users\dasmo\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\dasmo\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{30FD2350-E6DF-4E1F-B4BF-967B4FF30E03}D:\spiele\steamgames\steamapps\common\projectzomboid\projectzomboid32.exe" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\projectzomboid\projectzomboid32.exe |
"TCP Query User{6696394C-03CF-417A-9744-7C26621238BF}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{6F9282EA-43A5-4435-BCBE-DB491DAEB9E2}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{B73A062D-F5F2-4FF7-83D9-AF38BA956C0C}D:\spiele\steamgames\steamapps\common\grand theft auto v\gta5.exe" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\grand theft auto v\gta5.exe |
"TCP Query User{DFD15768-E031-4260-9E8F-179AC294D727}D:\spiele\steamgames\steamapps\common\projectzomboid\jre64\bin\java.exe" = protocol=6 | dir=in | app=d:\spiele\steamgames\steamapps\common\projectzomboid\jre64\bin\java.exe |
"UDP Query User{23E147AF-1955-430F-92C2-CB60E98BF5A7}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{41EA6517-C6EE-46F2-8435-DDF20427E129}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{844E1119-F097-4ED7-9970-338FDAE11DB9}C:\users\dasmo\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\dasmo\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{8F3B700B-8201-4F8B-ACD8-2FAA8B0D97EE}D:\spiele\steamgames\steamapps\common\projectzomboid\jre64\bin\java.exe" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\projectzomboid\jre64\bin\java.exe |
"UDP Query User{AB52FD39-18AD-49AF-A6EE-824C40930CDC}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=17 | dir=in | app=d:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"UDP Query User{B1A49638-AAD5-4812-A43F-15E2CFC40F83}D:\spiele\steamgames\steamapps\common\projectzomboid\projectzomboid32.exe" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\projectzomboid\projectzomboid32.exe |
"UDP Query User{E8F8455D-81CB-4A34-B68D-204724D5F999}D:\spiele\steamgames\steamapps\common\grand theft auto v\gta5.exe" = protocol=17 | dir=in | app=d:\spiele\steamgames\steamapps\common\grand theft auto v\gta5.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}" = Microsoft-Maus- und Tastatur-Center
"{26A24AE4-039D-4CA4-87B4-2F06417060FF}" = Java 7 Update 60 (64-bit)
"{2B7A8C9C-465A-42F0-B9C3-180FDAAB2C4B}" = Intel(R) Network Connections 18.8.136.0
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3DE97849-544D-4D68-9255-11DF6F9F10D8}" = Intel® Trusted Connect Service Client
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4EB358EF-712D-4294-9B2C-5E60E5636590}" = Intel(R) Management Engine Components
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6B171EFC-F41F-4055-A4DE-5B9480DA17AA}" = AVG 2015
"{72E3EE99-DA63-40BE-956A-CD72ECD41BD8}" = Intel(R) Management Engine Components
"{7C129CF8-199F-4269-AAEE-60B5D8D716E2}" = Classic Shell
"{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1" = KMSpico
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98841A35-1CBE-4EA3-BFF5-F3E3AD894666}" = Intel(R) Chipset Device Software
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ACCD4860-2B38-4301-B7C4-F27F567FE3EA}" = AVG 2015
"{BA1EC89D-BA1F-433B-B15E-C528C4F48A7F}" = Intel(R) Management Engine Components
"{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}" = Adobe Photoshop Lightroom 5.7.1 64-bit
"{C1B2375A-A154-4A86-898A-F959B8A3EE1A}" = Intel(R) ME UninstallLegacy
"{CD01DD9B-B9CC-F036-754A-9F5CDB3AD737}" = AMD Accelerated Video Transcoding
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EAF826C0-245E-4D02-9D51-BA4C98717EAE}" = Intel(R) Rapid Storage Technology
"{F88356F5-1AA4-BBE9-E6CF-5B1CF179D052}" = AMD Catalyst Install Manager
"AVG" = AVG 2015
"CCleaner" = CCleaner
"DesktopIconAmazon" = Desktop Icon für Amazon
"GIMP-2_is1" = GIMP 2.8.14
"KMSpico_is1" = KMSpico v9.2.3
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"Picture2avi_is1" = Picture2avi uninstaller
"PROSetDX" = Intel(R) Network Connections 18.8.136.0
"SearchAnonymizer" = SearchAnonymizer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{071BA946-56BA-F2D5-F178-B40034A155AD}" = CCC Help Japanese
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}" = Fotogalerie
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding
"{110EE6FC-8774-45CC-F053-32088691C7FB}" = CCC Help Spanish
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1BFA90D6-0268-4210-3AD7-FD1597486E50}" = CCC Help German
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{237598DE-8957-15C8-D7DF-382566100272}" = Catalyst Control Center Localization All
"{23B93929-FAD4-40E5-96C6-0E977BB87204}" = Windows Live Essentials
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.6
"{2EE41571-5874-EC90-DBF5-1C1CD4732C6C}" = CCC Help Polish
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{32BD87FC-A8FF-3418-3A37-EC65F0C55E8D}" = CCC Help Turkish
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3792258C-6BDE-A375-8DA3-85CAC1505CD9}" = CCC Help Korean
"{39914EDC-82DC-16C0-C2B7-7CAD33784BAD}" = CCC Help Russian
"{3F220C8D-F60A-7E29-A22E-E676C701AF3C}" = CCC Help Greek
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{49DC9658-D26A-4AAB-A83A-2655B8033056}" = Photo Common
"{4A5F4E2B-E560-4EDF-862F-96987190E031}" = CCC Help Finnish
"{4E83D0CE-8E3D-7018-70AA-9F8B51911DBD}" = CCC Help Norwegian
"{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}" = Theme Hospital
"{512CDBF5-72C1-771C-4874-86643967807E}" = CCC Help Chinese Standard
"{517E7DBD-7A5B-4B7F-B137-82AB4DAD68FC}" = LogMeIn Hamachi
"{57C2EBCA-60B4-BEF7-CC9D-426CA7589AFD}" = Catalyst Control Center Graphics Previews Common
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5AD03F55-1384-8F57-C5E4-FF827E1440CF}" = CCC Help Thai
"{5C614E57-4AAD-729C-6183-0637F5501F22}" = CCC Help Dutch
"{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}" = Movie Maker
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{63227E62-F417-497E-9060-22B3A9A52D7A}" = Minecraft
"{68A3B423-5100-9551-BBC8-80F45604EDDC}" = CCC Help Chinese Traditional
"{68EB2782-3E06-986E-1E08-757533B69D4F}" = CCC Help Danish
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6DCF78ED-6477-1BBF-056F-095C49BD5B66}" = CCC Help Swedish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{80680785-2EE1-053F-9CD3-4B2C904596EE}" = Catalyst Control Center InstallProxy
"{8A7D0970-C0A4-4B56-94D4-E3A175AB45BB}" = ArcSoft Panorama Maker 6
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{986C27F8-32FB-3618-EC40-CBCDD29F22F6}" = CCC Help Czech
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CBDDA11-B3F8-0DA9-A271-6BFE298F1297}" = CCC Help Italian
"{9D17D581-C254-F143-F553-F5DDD44DC54E}" = AMD Catalyst Control Center
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.12) - Deutsch
"{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}" = OpenOffice 4.1.1
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C15640F1-6D24-3CFF-69F0-04AEF34ECC80}" = CCC Help Hungarian
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}" = Windows Live UX Platform Language Pack
"{d370215a-d003-43ae-a3b6-1028af64d5a1}" = Intel® Chipsatz-Gerätesoftware
"{D5E20E3E-F3E8-54EE-8656-457C4C7B6D96}" = CCC Help Portuguese
"{DE52C211-9110-4421-195B-FF0AFF090893}" = CCC Help French
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E7748BAC-E658-14F6-803D-4B3E08D258A8}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"Ashampoo Burning Studio 7_is1" = Ashampoo Burning Studio 7
"AVG Web TuneUp" = AVG Web TuneUp
"Avidemux 2.6" = Avidemux 2.6 (32-bit)
"ElsterFormular" = ElsterFormular
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.50.1122
"Google Chrome" = Google Chrome
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Origin" = Origin
"pepakura_designer3en" = Pepakura Designer 3
"PunkBusterSvc" = PunkBuster Services
"QuickTime" = QuickTime
"Raptr" = Raptr
"Rockstar Games Social Club" = Rockstar Games Social Club
"Steam" = Steam
"Steam App 108600" = Project Zomboid
"Steam App 211820" = Starbound
"Steam App 220200" = Kerbal Space Program
"Steam App 227940" = Heroes & Generals
"Steam App 233450" = Prison Architect
"Steam App 244850" = Space Engineers
"Steam App 251570" = 7 Days to Die
"Steam App 255710" = Cities: Skylines
"Steam App 270770" = Etherlords
"Steam App 271590" = Grand Theft Auto V
"Steam App 301520" = Robocraft
"Steam App 304930" = Unturned
"Steam App 344760" = Reign Of Kings
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live Essentials
"WUCCCApp" = Catalyst Control Center
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 14.06.2015 16:28:25 | Computer Name = ChuckNoris | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“
ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error - 16.06.2015 14:29:17 | Computer Name = ChuckNoris | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“
ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error - 16.06.2015 16:29:17 | Computer Name = ChuckNoris | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“
ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error - 19.06.2015 10:52:14 | Computer Name = ChuckNoris | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“
ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error - 19.06.2015 12:42:04 | Computer Name = ChuckNoris | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“
ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error - 19.06.2015 14:28:31 | Computer Name = ChuckNoris | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“
ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error - 19.06.2015 16:42:04 | Computer Name = ChuckNoris | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“
ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error - 20.06.2015 06:20:45 | Computer Name = ChuckNoris | Source = MsiInstaller | ID = 10005
Description =
Error - 20.06.2015 06:20:45 | Computer Name = ChuckNoris | Source = MsiInstaller | ID = 10005
Description =
Error - 20.06.2015 06:30:30 | Computer Name = ChuckNoris | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“
ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
[ System Events ]
Error - 22.08.2015 03:00:05 | Computer Name = ChuckNoris | Source = Service Control Manager | ID = 7034
Description = Dienst "Service KMSELDI" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 22.08.2015 03:15:00 | Computer Name = ChuckNoris | Source = DCOM | ID = 10010
Description =
Error - 22.08.2015 03:15:30 | Computer Name = ChuckNoris | Source = DCOM | ID = 10010
Description =
Error - 23.08.2015 06:48:41 | Computer Name = ChuckNoris | Source = Service Control Manager | ID = 7034
Description = Dienst "Service KMSELDI" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 23.08.2015 09:59:21 | Computer Name = ChuckNoris | Source = DCOM | ID = 10010
Description =
Error - 23.08.2015 09:59:51 | Computer Name = ChuckNoris | Source = DCOM | ID = 10010
Description =
Error - 24.08.2015 11:45:42 | Computer Name = ChuckNoris | Source = Service Control Manager | ID = 7034
Description = Dienst "Service KMSELDI" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 24.08.2015 12:19:51 | Computer Name = ChuckNoris | Source = DCOM | ID = 10010
Description =
Error - 24.08.2015 12:20:21 | Computer Name = ChuckNoris | Source = DCOM | ID = 10010
Description =
Error - 24.08.2015 12:41:56 | Computer Name = ChuckNoris | Source = Service Control Manager | ID = 7034
Description = Dienst "Service KMSELDI" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
< End of report >
Schonmal Danke im vorraus.
Dasmo