API tools faq
paste
Advertisement
max9076

OTL

max9076
Jan 20th, 2015
341
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 61.07 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 20.01.2015 17:56:56 - Run 2
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Max\Downloads
  3. 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.7600.16385)
  5. Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
  6.  
  7. 8,00 Gb Total Physical Memory | 3,66 Gb Available Physical Memory | 45,78% Memory free
  8. 15,99 Gb Paging File | 11,06 Gb Available in Paging File | 69,15% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 717,27 Gb Total Space | 138,65 Gb Free Space | 19,33% Space Free | Partition Type: NTFS
  13. Drive D: | 104,98 Gb Total Space | 53,59 Gb Free Space | 51,04% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: MAX-PC | User Name: Max | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
  17. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - [2015.01.20 17:48:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Downloads\otl.exe
  22. PRC - [2015.01.19 19:49:12 | 001,530,048 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
  23. PRC - [2015.01.19 19:49:12 | 000,834,752 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
  24. PRC - [2015.01.19 19:49:10 | 001,942,720 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
  25. PRC - [2015.01.18 15:01:42 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
  26. PRC - [2015.01.08 18:35:51 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\Avast\avastui.exe
  27. PRC - [2014.12.18 15:33:37 | 003,618,648 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
  28. PRC - [2014.12.18 03:08:16 | 039,206,760 | ---- | M] (Dropbox, Inc.) -- C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe
  29. PRC - [2014.12.09 14:12:59 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  30. PRC - [2014.11.25 18:35:37 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\Avast\AvastSvc.exe
  31. PRC - [2014.10.29 23:26:06 | 004,673,432 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Max\AppData\Local\Akamai\netsession_win.exe
  32. PRC - [2014.07.30 23:00:08 | 000,184,320 | ---- | M] (Nenad Hrg SoftwareOK) -- C:\Users\Max\Desktop\DesktopOK\DesktopOK.exe
  33. PRC - [2014.06.02 18:03:30 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
  34. PRC - [2014.03.16 20:08:17 | 000,567,880 | ---- | M] () -- C:\Program Files (x86)\puush\puush.exe
  35. PRC - [2013.11.01 09:47:40 | 000,360,952 | ---- | M] (Twitter) -- C:\Program Files (x86)\Twitter\TweetDeck\TweetDeck.exe
  36. PRC - [2012.07.07 11:57:40 | 001,622,016 | ---- | M] (Don HO don.h@free.fr) -- C:\Program Files (x86)\Notepad++\notepad++.exe
  37. PRC - [2010.03.12 05:40:54 | 000,136,544 | ---- | M] () -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
  38.  
  39.  
  40. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  41.  
  42. MOD - [2015.01.20 13:33:39 | 000,043,008 | ---- | M] () -- c:\users\max\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeqbwqn.dll
  43. MOD - [2015.01.19 19:49:34 | 002,227,904 | ---- | M] () -- C:\Program Files (x86)\Steam\video.dll
  44. MOD - [2015.01.19 19:49:12 | 000,696,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
  45. MOD - [2015.01.18 15:01:42 | 016,844,464 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll
  46. MOD - [2015.01.16 00:42:26 | 034,641,288 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
  47. MOD - [2015.01.16 00:42:26 | 001,709,960 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
  48. MOD - [2014.12.18 15:33:27 | 001,007,104 | ---- | M] () -- C:\Program Files (x86)\Origin\platforms\qwindows.dll
  49. MOD - [2014.12.18 15:33:22 | 000,337,408 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff.dll
  50. MOD - [2014.12.18 15:33:22 | 000,261,120 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng.dll
  51. MOD - [2014.12.18 15:33:22 | 000,216,576 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
  52. MOD - [2014.12.18 15:33:22 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico.dll
  53. MOD - [2014.12.18 15:33:22 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif.dll
  54. MOD - [2014.12.18 15:33:22 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtga.dll
  55. MOD - [2014.12.18 15:33:22 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
  56. MOD - [2014.12.16 23:22:36 | 000,750,080 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Dropbox\bin\libGLESv2.dll
  57. MOD - [2014.12.16 23:22:36 | 000,047,616 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Dropbox\bin\libEGL.dll
  58. MOD - [2014.12.16 23:22:35 | 000,863,744 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
  59. MOD - [2014.12.16 23:22:35 | 000,200,704 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
  60. MOD - [2014.12.09 14:12:59 | 003,758,192 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
  61. MOD - [2014.12.08 15:34:07 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll
  62. MOD - [2014.12.08 15:33:43 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
  63. MOD - [2014.12.08 15:33:38 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
  64. MOD - [2014.12.08 15:33:34 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
  65. MOD - [2014.12.08 15:33:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll
  66. MOD - [2014.12.08 15:33:19 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
  67. MOD - [2014.12.08 15:33:09 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll
  68. MOD - [2014.12.02 01:29:50 | 005,002,752 | ---- | M] () -- C:\Program Files (x86)\Steam\v8.dll
  69. MOD - [2014.12.02 01:29:34 | 001,612,800 | ---- | M] () -- C:\Program Files (x86)\Steam\icui18n.dll
  70. MOD - [2014.12.02 01:29:34 | 001,210,368 | ---- | M] () -- C:\Program Files (x86)\Steam\icuuc.dll
  71. MOD - [2014.12.01 22:31:16 | 002,396,672 | ---- | M] () -- C:\Program Files (x86)\Steam\libavcodec-56.dll
  72. MOD - [2014.12.01 22:31:16 | 000,485,888 | ---- | M] () -- C:\Program Files (x86)\Steam\libswscale-3.dll
  73. MOD - [2014.12.01 22:31:16 | 000,479,744 | ---- | M] () -- C:\Program Files (x86)\Steam\libavformat-56.dll
  74. MOD - [2014.12.01 22:31:16 | 000,442,880 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-54.dll
  75. MOD - [2014.12.01 22:31:16 | 000,332,800 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-2.dll
  76. MOD - [2014.11.25 18:35:39 | 038,562,088 | ---- | M] () -- C:\Program Files (x86)\Avast\libcef.dll
  77. MOD - [2014.11.11 19:47:56 | 000,774,656 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
  78. MOD - [2014.03.21 19:14:27 | 001,020,928 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\3iw67cd4.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
  79. MOD - [2014.03.16 20:08:17 | 000,567,880 | ---- | M] () -- C:\Program Files (x86)\puush\puush.exe
  80. MOD - [2013.11.01 09:47:46 | 000,880,640 | ---- | M] () -- C:\Program Files (x86)\Twitter\TweetDeck\libGLESv2.dll
  81. MOD - [2013.11.01 09:47:46 | 000,861,184 | ---- | M] () -- C:\Program Files (x86)\Twitter\TweetDeck\ffmpegsumo.dll
  82. MOD - [2013.11.01 09:47:44 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Twitter\TweetDeck\libEGL.dll
  83. MOD - [2013.11.01 09:47:40 | 036,625,920 | ---- | M] () -- C:\Program Files (x86)\Twitter\TweetDeck\libcef.dll
  84. MOD - [2011.09.21 21:46:28 | 001,673,728 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
  85. MOD - [2011.07.18 22:07:28 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
  86. MOD - [2009.07.14 18:58:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
  87.  
  88.  
  89. [color=#E56717]========== Services (SafeList) ==========[/color]
  90.  
  91. SRV:[b]64bit:[/b] - [2014.11.21 03:12:40 | 000,244,736 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
  92. SRV:[b]64bit:[/b] - [2014.11.20 21:23:06 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
  93. SRV:[b]64bit:[/b] - [2014.06.28 15:39:00 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
  94. SRV - [2015.01.19 19:49:12 | 000,834,752 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
  95. SRV - [2014.12.23 18:51:31 | 000,182,304 | ---- | M] (EasyAntiCheat Ltd) [Disabled | Stopped] -- C:\Windows\SysWOW64\EasyAntiCheat.exe -- (EasyAntiCheat)
  96. SRV - [2014.12.18 15:33:43 | 001,903,472 | ---- | M] (Electronic Arts) [Disabled | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
  97. SRV - [2014.12.11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  98. SRV - [2014.11.25 18:35:37 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files (x86)\Avast\AvastSvc.exe -- (avast! Antivirus)
  99. SRV - [2014.11.25 18:35:30 | 004,012,248 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files (x86)\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
  100. SRV - [2014.10.31 23:27:38 | 000,183,488 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe -- (Razer Game Scanner Service)
  101. SRV - [2014.09.11 16:01:18 | 000,105,448 | ---- | M] (Razer Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe -- (RzKLService)
  102. SRV - [2014.09.04 10:44:28 | 002,525,008 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
  103. SRV - [2014.08.29 05:23:20 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  104. SRV - [2014.08.08 14:02:36 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
  105. SRV - [2014.08.06 10:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
  106. SRV - [2014.06.02 18:03:30 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
  107. SRV - [2014.01.28 23:27:58 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
  108. SRV - [2013.11.05 23:11:42 | 004,797,064 | ---- | M] (INCA Internet Co., Ltd.) [Disabled | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
  109. SRV - [2012.08.10 18:31:02 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)
  110. SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
  111. SRV - [2012.07.08 23:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  112. SRV - [2011.06.17 08:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
  113. SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
  114. SRV - [2010.03.12 05:40:54 | 000,136,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
  115. SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  116.  
  117.  
  118. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  119.  
  120. DRV:[b]64bit:[/b] - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.2.0)
  121. DRV:[b]64bit:[/b] - [2014.11.25 18:35:50 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
  122. DRV:[b]64bit:[/b] - [2014.11.25 18:35:41 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
  123. DRV:[b]64bit:[/b] - [2014.11.25 18:35:41 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
  124. DRV:[b]64bit:[/b] - [2014.11.25 18:35:41 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
  125. DRV:[b]64bit:[/b] - [2014.11.25 18:35:41 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
  126. DRV:[b]64bit:[/b] - [2014.11.25 18:35:41 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
  127. DRV:[b]64bit:[/b] - [2014.11.25 18:35:41 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
  128. DRV:[b]64bit:[/b] - [2014.11.25 18:35:40 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
  129. DRV:[b]64bit:[/b] - [2014.11.21 03:40:00 | 018,959,360 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
  130. DRV:[b]64bit:[/b] - [2014.11.21 03:08:54 | 000,589,312 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
  131. DRV:[b]64bit:[/b] - [2014.10.31 23:27:07 | 000,037,184 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rzpmgrk.sys -- (rzpmgrk)
  132. DRV:[b]64bit:[/b] - [2014.06.21 18:01:22 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
  133. DRV:[b]64bit:[/b] - [2013.12.06 13:48:42 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vncmirror.sys -- (vncmirror)
  134. DRV:[b]64bit:[/b] - [2013.12.05 19:55:59 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
  135. DRV:[b]64bit:[/b] - [2013.08.21 05:31:40 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
  136. DRV:[b]64bit:[/b] - [2013.08.21 05:31:40 | 000,103,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
  137. DRV:[b]64bit:[/b] - [2013.04.12 11:41:28 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
  138. DRV:[b]64bit:[/b] - [2013.03.18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
  139. DRV:[b]64bit:[/b] - [2011.04.30 12:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
  140. DRV:[b]64bit:[/b] - [2011.04.30 12:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
  141. DRV:[b]64bit:[/b] - [2011.04.30 12:59:10 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
  142. DRV:[b]64bit:[/b] - [2011.04.30 12:59:10 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
  143. DRV:[b]64bit:[/b] - [2011.03.04 16:00:14 | 000,390,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
  144. DRV:[b]64bit:[/b] - [2011.03.04 16:00:14 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
  145. DRV:[b]64bit:[/b] - [2011.01.30 13:58:40 | 000,036,448 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
  146. DRV:[b]64bit:[/b] - [2010.08.24 17:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
  147. DRV:[b]64bit:[/b] - [2010.06.25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
  148. DRV:[b]64bit:[/b] - [2010.06.11 14:37:14 | 000,015,368 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
  149. DRV:[b]64bit:[/b] - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
  150. DRV:[b]64bit:[/b] - [2009.08.21 09:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
  151. DRV:[b]64bit:[/b] - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  152. DRV:[b]64bit:[/b] - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  153. DRV:[b]64bit:[/b] - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  154. DRV:[b]64bit:[/b] - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  155. DRV:[b]64bit:[/b] - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  156. DRV:[b]64bit:[/b] - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  157. DRV:[b]64bit:[/b] - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  158. DRV:[b]64bit:[/b] - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb80236.sys -- (usbrndis6)
  159. DRV:[b]64bit:[/b] - [2009.06.10 21:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
  160. DRV:[b]64bit:[/b] - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  161. DRV:[b]64bit:[/b] - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  162. DRV:[b]64bit:[/b] - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  163. DRV:[b]64bit:[/b] - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  164. DRV:[b]64bit:[/b] - [2009.05.04 01:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
  165. DRV:[b]64bit:[/b] - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
  166. DRV - [2014.11.25 18:35:30 | 000,271,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files (x86)\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
  167. DRV - [2014.07.22 17:57:33 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
  168. DRV - [2014.02.11 16:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\AMD\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
  169. DRV - [2013.03.11 13:33:22 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
  170. DRV - [2012.08.24 16:45:54 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)
  171. DRV - [2010.03.12 05:40:48 | 000,052,280 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys -- (AODDriver)
  172. DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  173.  
  174.  
  175. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  176.  
  177.  
  178. [color=#E56717]========== Internet Explorer ==========[/color]
  179.  
  180. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  181. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  182. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  183. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
  184. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
  185. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
  186. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  187. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  188. IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}
  189.  
  190. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
  191. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
  192. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
  193. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
  194. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
  195. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  196. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  197. IE - HKCU\..\SearchScopes\{29DC1F7C-52EF-415D-887E-257EB78B2415}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
  198. IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
  199. IE - HKCU\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}
  200. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  201. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
  202.  
  203. [color=#E56717]========== FireFox ==========[/color]
  204.  
  205. FF - prefs.js..browser.search.defaultengine: "Google"
  206. FF - prefs.js..browser.search.isUS: false
  207. FF - prefs.js..browser.search.order.1: "Google"
  208. FF - prefs.js..browser.search.update: false
  209. FF - prefs.js..browser.search.update.interval: 31536000
  210. FF - prefs.js..browser.search.useDBForOrder: true
  211. FF - prefs.js..browser.startup.homepage: "about:home"
  212. FF - prefs.js..extensions.enabledAddons: locationbar2%40design-noir.de:1.0.6
  213. FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
  214. FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:3.1.1
  215. FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.6
  216. FF - prefs.js..extensions.enabledAddons: omnibar%40ajitk.com:0.7.28.20141004
  217. FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:2.3
  218. FF - prefs.js..extensions.enabledAddons: goo.gl_lite%40matthew.flaschen.gatech.edu:1.8.1
  219. FF - prefs.js..extensions.enabledAddons: ClassicThemeRestorer%40ArisT2Noia4dev:1.2.8.2
  220. FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.9.11
  221. FF - prefs.js..extensions.enabledAddons: pastebin.com%40gmail.com:3.0
  222. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
  223. FF - user.js - File not found
  224.  
  225. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll File not found
  226. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files (x86)\PDF XChange Viewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
  227. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
  228. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
  229. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  230. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  231. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files (x86)\PDF XChange Viewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
  232. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
  233. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
  234. FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files (x86)\PDF XChange Viewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
  235. FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll File not found
  236. FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
  237. FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
  238. FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
  239. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  240. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  241. FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
  242. FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
  243. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
  244. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
  245. FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files (x86)\PDF XChange Viewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
  246. FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files (x86)\PDF XChange Viewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
  247. FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
  248.  
  249. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00F0643E-B367-4779-B45D-7046EBA37A88}: C:\Program Files (x86)\Steganos Password Manager 2012\spmplugin3
  250. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files (x86)\Avast\WebRep\FF [2014.11.25 18:35:41 | 000,000,000 | ---D | M]
  251. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  252. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  253. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
  254. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
  255. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  256. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  257. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 31.4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
  258. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 31.4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
  259.  
  260. [2012.08.15 18:21:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Extensions
  261. [2015.01.18 04:19:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\3iw67cd4.default\extensions
  262. [2013.12.10 16:01:12 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\3iw67cd4.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
  263. [2014.09.05 19:40:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\3iw67cd4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
  264. [2014.10.30 16:51:16 | 000,000,000 | ---D | M] (goo.gl lite) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\3iw67cd4.default\extensions\goo.gl_lite@matthew.flaschen.gatech.edu
  265. [2014.10.29 17:59:11 | 000,000,000 | ---D | M] (Better Battlelog (BBLog)) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\3iw67cd4.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack
  266. [2014.03.22 00:02:59 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\3iw67cd4.default\extensions\support@lastpass.com
  267. [2015.01.02 18:01:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles3iw67cd4.default\extensions
  268. [2015.01.02 18:01:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles3iw67cd4.default\extensions\staged
  269. [2014.12.16 19:46:56 | 000,025,126 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\CanvasBlocker@kkapsner.de.xpi
  270. [2014.12.23 13:22:08 | 000,433,727 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
  271. [2014.09.12 05:49:55 | 000,105,346 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\ich@maltegoetz.de.xpi
  272. [2014.07.02 15:10:58 | 000,623,272 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi
  273. [2015.01.09 21:27:56 | 000,080,018 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\jid1-PmCaAQKMFABjHg@jetpack.xpi
  274. [2013.11.10 04:51:47 | 000,021,763 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\locationbar2@design-noir.de.xpi
  275. [2014.10.05 11:34:14 | 000,068,986 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\omnibar@ajitk.com.xpi
  276. [2015.01.18 04:19:34 | 000,042,999 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\pastebin.com@gmail.com.xpi
  277. [2014.08.10 18:55:51 | 000,070,417 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\privateTab@infocatcher.xpi
  278. [2014.09.27 17:42:48 | 000,011,802 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\youtube2mp3@mondayx.de.xpi
  279. [2015.01.18 00:30:38 | 000,544,303 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
  280. [2015.01.03 21:28:03 | 002,769,697 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi
  281. [2015.01.15 21:28:02 | 000,985,112 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
  282. [2014.11.15 19:24:53 | 000,731,942 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
  283. [2014.10.30 15:39:25 | 000,304,000 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\3iw67cd4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
  284. [2014.12.25 16:44:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
  285. [2014.12.09 14:12:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  286.  
  287. [color=#E56717]========== Chrome ==========[/color]
  288.  
  289. CHR - plugin: Error reading preferences file
  290. CHR - Extension: No name found = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
  291. CHR - Extension: No name found = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
  292. CHR - Extension: No name found = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
  293.  
  294. O1 HOSTS File: ([2014.07.20 15:27:23 | 000,001,089 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  295. O1 - Hosts: 127.0.0.1 rad.msn.com
  296. O1 - Hosts: 127.0.0.1 live.rads.msn.com
  297. O1 - Hosts: 127.0.0.1 ads1.msn.com
  298. O1 - Hosts: 127.0.0.1 static.2mdn.net
  299. O1 - Hosts: 127.0.0.1 g.msn.com
  300. O1 - Hosts: 127.0.0.1 a.ads2.msads.net
  301. O1 - Hosts: 127.0.0.1 b.ads2.msads.net
  302. O1 - Hosts: 127.0.0.1 ac3.msn.com
  303. O1 - Hosts: 127.0.0.1 apps.skype.com
  304. O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
  305. O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files (x86)\Avast\aswWebRepIE64.dll (AVAST Software)
  306. O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  307. O2:[b]64bit:[/b] - BHO: (no name) - AutorunsDisabled - No CLSID value found.
  308. O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files (x86)\Avast\aswWebRepIE.dll (AVAST Software)
  309. O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
  310. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
  311. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
  312. O4:[b]64bit:[/b] - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
  313. O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files (x86)\Avast\AvastUI.exe (AVAST Software)
  314. O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
  315. O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Max\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
  316. O4 - HKCU..\Run: [DesktopOK] C:\Users\Max\Desktop\DesktopOK\DesktopOK.exe (Nenad Hrg SoftwareOK)
  317. O4 - HKCU..\Run: [puush] C:\Program Files (x86)\puush\puush.exe ()
  318. O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2014.09.28 11:26:02 | 000,000,000 | -H-D | M]
  319. O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopOK.lnk = C:\Users\Max\Desktop\DesktopOK\DesktopOK.exe (Nenad Hrg SoftwareOK)
  320. O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
  321. O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk = C:\Windows\Installer\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}\SkypeIcon.exe ()
  322. O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Steam.lnk = C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
  323. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  324. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  325. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
  326. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  327. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  328. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
  329. O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
  330. O8:[b]64bit:[/b] - Extra context menu item: Free YouTube Download - C:\Users\Max\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
  331. O8:[b]64bit:[/b] - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000 File not found
  332. O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
  333. O8 - Extra context menu item: Free YouTube Download - C:\Users\Max\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
  334. O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000 File not found
  335. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
  336. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
  337. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
  338. O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
  339. O13[b]64bit:[/b] - gopher Prefix: missing
  340. O13 - gopher Prefix: missing
  341. O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
  342. O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
  343. O15 - HKCU\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
  344. O15 - HKCU\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
  345. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32E44E83-063D-4FB5-A65C-2AD58C1C2CEB}: DhcpNameServer = 192.168.178.1
  346. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41A30278-896A-4FB3-B799-ED02D11221FD}: DhcpNameServer = 192.168.178.1
  347. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  348. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  349. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  350. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  351. O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
  352. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  353. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  354. O22:[b]64bit:[/b] - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - No CLSID value found.
  355. O32 - HKLM CDRom: AutoRun - 1
  356. O33 - MountPoints2\{03cb29da-5db0-11e3-9bae-00e07dde376b}\Shell - "" = AutoRun
  357. O33 - MountPoints2\{03cb29da-5db0-11e3-9bae-00e07dde376b}\Shell\AutoRun\command - "" = F:\SETUP.EXE
  358. O33 - MountPoints2\{03cb29da-5db0-11e3-9bae-00e07dde376b}\Shell\configure\command - "" = F:\SETUP.EXE
  359. O33 - MountPoints2\{03cb29da-5db0-11e3-9bae-00e07dde376b}\Shell\install\command - "" = F:\SETUP.EXE
  360. O33 - MountPoints2\{61d5fb45-e311-11e1-bdce-00e07dde376b}\Shell - "" = AutoRun
  361. O33 - MountPoints2\{61d5fb45-e311-11e1-bdce-00e07dde376b}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.hta
  362. O33 - MountPoints2\{c6ac156f-b3f2-11e2-b9e2-00e07dde376b}\Shell - "" = AutoRun
  363. O33 - MountPoints2\{c6ac156f-b3f2-11e2-b9e2-00e07dde376b}\Shell\AutoRun\command - "" = G:\Autorun.exe
  364. O33 - MountPoints2\{e943a824-b56d-11e2-974c-00e07dde376b}\Shell - "" = AutoRun
  365. O33 - MountPoints2\{e943a824-b56d-11e2-974c-00e07dde376b}\Shell\AutoRun\command - "" = G:\.\Setup.exe AUTORUN=1
  366. O34 - HKLM BootExecute: (autocheck autochk *)
  367. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  368. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  369. O35 - HKLM\..comfile [open] -- "%1" %*
  370. O35 - HKLM\..exefile [open] -- "%1" %*
  371. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  372. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  373. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  374. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  375. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  376. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  377. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  378.  
  379. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  380.  
  381. [2015.01.20 16:54:04 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
  382. [2015.01.20 16:53:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
  383. [2015.01.20 16:53:48 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
  384. [2015.01.20 16:53:48 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
  385. [2015.01.20 16:53:48 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
  386. [2015.01.20 16:53:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
  387. [2015.01.20 13:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
  388. [2015.01.20 13:49:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate
  389. [2015.01.19 16:04:02 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\MAXON
  390. [2015.01.19 16:03:40 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\CINEBENCH_R15
  391. [2015.01.19 15:54:46 | 000,000,000 | ---D | C] -- C:\Users\Max\Documents\3DMark 11
  392. [2015.01.19 15:54:45 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\IsolatedStorage
  393. [2015.01.18 04:13:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
  394. [2015.01.18 04:13:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
  395. [2015.01.18 04:13:04 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
  396. [2015.01.18 02:08:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
  397. [2015.01.18 02:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
  398. [2015.01.18 02:04:47 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\3DMark11-v1-0-132
  399. [2015.01.18 01:51:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark
  400. [2015.01.18 01:51:39 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskMark
  401. [2015.01.17 22:42:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
  402. [2015.01.17 22:02:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
  403. [2015.01.17 21:56:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
  404. [2015.01.17 21:05:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
  405. [2015.01.17 21:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
  406. [2015.01.15 17:51:19 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\FTB
  407. [2015.01.15 17:50:03 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\ftblauncher
  408. [2015.01.15 17:23:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
  409. [2015.01.14 21:38:58 | 000,393,478 | ---- | C] (http://magiclauncher.com) -- C:\Users\Max\Desktop\MagicLauncher_1.2.6.exe
  410. [2015.01.05 20:39:52 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
  411. [2015.01.04 21:45:37 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\Musik
  412. [2015.01.04 21:45:25 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\Textdokumente
  413. [2015.01.04 20:56:36 | 000,701,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
  414. [2015.01.04 20:56:36 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
  415. [2015.01.04 04:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser
  416. [2015.01.02 18:07:10 | 000,764,416 | -HS- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll
  417. [2015.01.02 18:07:09 | 000,415,744 | -HS- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll
  418. [2015.01.02 18:07:08 | 000,070,656 | -HS- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
  419. [2015.01.02 18:07:07 | 000,070,656 | -HS- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
  420. [2015.01.02 18:01:54 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\WebTest
  421. [2015.01.02 18:00:30 | 000,000,000 | ---D | C] -- C:\Users\Max\Documents\eRightSoft
  422. [2015.01.02 17:59:59 | 003,109,520 | RHS- | C] (FFmpeg Project) -- C:\Windows\SysWow64\avcodec-lav-55.dll
  423. [2015.01.02 17:59:59 | 000,550,032 | RHS- | C] (FFmpeg Project) -- C:\Windows\SysWow64\avformat-lav-55.dll
  424. [2015.01.02 17:59:59 | 000,327,749 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drvc.dll
  425. [2015.01.02 17:59:59 | 000,313,520 | RHS- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\HLvideo.dll
  426. [2015.01.02 17:59:59 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
  427. [2015.01.02 17:59:59 | 000,203,408 | RHS- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\HLsplit.dll
  428. [2015.01.02 17:59:59 | 000,181,392 | RHS- | C] (FFmpeg Project) -- C:\Windows\SysWow64\avutil-lav-52.dll
  429. [2015.01.02 17:59:59 | 000,166,544 | RHS- | C] (Intel Corp.) -- C:\Windows\SysWow64\IntelQuickSyncDecoder.dll
  430. [2015.01.02 17:59:59 | 000,122,512 | RHS- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\HLaudio.dll
  431. [2015.01.02 17:59:59 | 000,118,416 | RHS- | C] (FFmpeg Project) -- C:\Windows\SysWow64\swscale-lav-2.dll
  432. [2015.01.02 17:59:59 | 000,098,960 | RHS- | C] (FFmpeg Project) -- C:\Windows\SysWow64\avfilter-lav-4.dll
  433. [2015.01.02 17:59:59 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Olepau32.ax
  434. [2015.01.02 17:59:59 | 000,059,536 | RHS- | C] (FFmpeg Project) -- C:\Windows\SysWow64\avresample-lav-1.dll
  435. [2015.01.02 17:59:59 | 000,017,408 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLOFRDec.ax
  436. [2015.01.02 17:59:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
  437. [2015.01.02 17:59:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
  438. [2015.01.02 17:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\IkkPxiJt
  439. [2015.01.02 17:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Codec Pack
  440. [2014.12.30 03:47:48 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\JAM Software
  441. [2014.12.30 00:00:00 | 000,000,000 | ---D | C] -- C:\Users\Max\Documents\TrackMania
  442. [2014.12.26 02:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
  443. [2014.12.24 23:13:01 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Temp203f4bc78dd2b1a429e22baa7cee0c4b
  444. [2014.12.24 23:12:07 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Temp0cd9581da339950ccd914b418df4fff3
  445. [2014.12.24 23:12:07 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Temp07c118093d295ccd0600d98d2be85402
  446. [2014.12.23 23:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
  447. [2014.12.23 23:32:04 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\library_dir
  448. [2014.12.23 23:31:57 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Raptr
  449. [2014.12.23 23:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr
  450. [2014.12.23 21:03:55 | 000,182,304 | ---- | C] (EasyAntiCheat Ltd) -- C:\Windows\SysWow64\EasyAntiCheat.exe
  451. [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
  452. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  453.  
  454. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  455.  
  456. [2015.01.20 17:48:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  457. [2015.01.20 17:48:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  458. [2015.01.20 17:00:00 | 000,231,898 | ---- | M] () -- C:\Users\Max\Network_Meter_Data.js
  459. [2015.01.20 16:54:18 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
  460. [2015.01.20 16:53:54 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  461. [2015.01.20 14:21:38 | 001,762,928 | ---- | M] () -- C:\Users\Max\Desktop\Screenshot_2015-01-20-14-21-38.png
  462. [2015.01.20 13:52:10 | 000,001,240 | ---- | M] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
  463. [2015.01.20 13:35:10 | 000,044,426 | ---- | M] () -- C:\Users\Max\IP_Log_Data.js
  464. [2015.01.20 13:32:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  465. [2015.01.20 13:31:45 | 2144,276,479 | -HS- | M] () -- C:\hiberfil.sys
  466. [2015.01.19 22:41:18 | 000,000,012 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Network Meter_Usage.ini
  467. [2015.01.19 16:10:28 | 000,001,840 | ---- | M] () -- C:\Users\Max\Desktop\CrystalDiskMark.lnk
  468. [2015.01.19 15:55:44 | 000,000,022 | ---- | M] () -- C:\Windows\GPU-Z.INI
  469. [2015.01.18 15:01:42 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
  470. [2015.01.18 15:01:42 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
  471. [2015.01.18 04:13:18 | 000,024,666 | ---- | M] () -- C:\Users\Max\Desktop\ss+(2015-01-18+at+04.12.59).png
  472. [2015.01.18 04:13:05 | 000,002,699 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
  473. [2015.01.18 02:00:02 | 271,860,249 | ---- | M] () -- C:\Users\Max\Desktop\3DMark11-v1-0-132.zip
  474. [2015.01.17 22:27:43 | 000,001,220 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
  475. [2015.01.15 17:23:14 | 000,002,213 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  476. [2015.01.14 21:39:01 | 000,393,478 | ---- | M] (http://magiclauncher.com) -- C:\Users\Max\Desktop\MagicLauncher_1.2.6.exe
  477. [2015.01.11 13:36:18 | 000,509,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  478. [2015.01.05 15:59:37 | 000,215,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
  479. [2015.01.05 15:42:44 | 000,295,720 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
  480. [2015.01.05 15:42:44 | 000,295,720 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
  481. [2015.01.02 17:59:59 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\SUPER ©.lnk
  482. [2015.01.01 01:49:02 | 000,001,549 | ---- | M] () -- C:\Users\Max\Desktop\Warcraft III - The Frozen Throne.lnk
  483. [2014.12.30 22:48:24 | 000,007,606 | ---- | M] () -- C:\Users\Max\AppData\Local\Resmon.ResmonCfg
  484. [2014.12.26 02:20:35 | 000,001,131 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
  485. [2014.12.25 16:18:11 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\Gameforge Live.lnk
  486. [2014.12.23 18:51:31 | 000,182,304 | ---- | M] (EasyAntiCheat Ltd) -- C:\Windows\SysWow64\EasyAntiCheat.exe
  487. [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
  488. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  489.  
  490. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  491.  
  492. [2015.01.20 16:53:54 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  493. [2015.01.20 14:22:26 | 001,762,928 | ---- | C] () -- C:\Users\Max\Desktop\Screenshot_2015-01-20-14-21-38.png
  494. [2015.01.20 13:52:10 | 000,001,240 | ---- | C] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
  495. [2015.01.18 04:13:17 | 000,024,666 | ---- | C] () -- C:\Users\Max\Desktop\ss+(2015-01-18+at+04.12.59).png
  496. [2015.01.18 01:54:25 | 271,860,249 | ---- | C] () -- C:\Users\Max\Desktop\3DMark11-v1-0-132.zip
  497. [2015.01.18 01:51:39 | 000,001,840 | ---- | C] () -- C:\Users\Max\Desktop\CrystalDiskMark.lnk
  498. [2015.01.17 21:11:31 | 000,001,220 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
  499. [2015.01.15 17:23:14 | 000,002,213 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  500. [2015.01.02 18:07:09 | 000,032,256 | -HS- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
  501. [2015.01.02 17:59:59 | 000,352,768 | RHS- | C] () -- C:\Windows\SysWow64\ac3DX.ax
  502. [2015.01.02 17:59:59 | 000,188,416 | RHS- | C] () -- C:\Windows\SysWow64\winDCE32.dll
  503. [2015.01.02 17:59:59 | 000,121,344 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.ax
  504. [2015.01.02 17:59:59 | 000,112,128 | RHS- | C] () -- C:\Windows\SysWow64\OptimFROG.dll
  505. [2015.01.02 17:59:59 | 000,109,712 | RHS- | C] () -- C:\Windows\SysWow64\libbluray.dll
  506. [2015.01.02 17:59:59 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
  507. [2015.01.02 17:59:59 | 000,081,920 | RHS- | C] () -- C:\Windows\SysWow64\aac_parser.ax
  508. [2015.01.02 17:59:59 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\SUPER ©.lnk
  509. [2014.12.26 02:20:35 | 000,001,131 | ---- | C] () -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
  510. [2014.12.24 23:13:01 | 000,002,699 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
  511. [2014.11.21 16:44:54 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
  512. [2014.11.20 21:35:00 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
  513. [2014.09.17 17:39:01 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
  514. [2014.06.19 19:41:33 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
  515. [2014.06.19 19:41:33 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
  516. [2014.02.21 23:49:43 | 000,001,648 | ---- | C] () -- C:\Users\Max\AppData\Roaming\Network Meter_Settings.ini
  517. [2014.02.02 06:28:50 | 000,000,012 | ---- | C] () -- C:\Users\Max\AppData\Roaming\Network Meter_Usage.ini
  518. [2014.02.01 23:00:00 | 000,231,898 | ---- | C] () -- C:\Users\Max\Network_Meter_Data.js
  519. [2014.02.01 22:08:16 | 000,044,426 | ---- | C] () -- C:\Users\Max\IP_Log_Data.js
  520. [2014.01.03 04:17:41 | 000,218,200 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
  521. [2013.12.06 16:39:37 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
  522. [2013.11.12 18:36:19 | 000,001,491 | ---- | C] () -- C:\Users\Max\AppData\Local\recently-used.xbel
  523. [2013.11.09 19:52:10 | 000,000,000 | ---- | C] () -- C:\Windows\Bench32.INI
  524. [2013.11.09 15:50:01 | 000,000,003 | ---- | C] () -- C:\Users\Max\AppData\Local\user_data.ini
  525. [2013.11.03 14:34:31 | 000,000,142 | ---- | C] () -- C:\Windows\Lexstat.ini
  526. [2013.10.30 12:06:54 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
  527. [2013.10.30 12:06:54 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
  528. [2013.10.30 12:06:54 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
  529. [2013.10.30 12:06:54 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
  530. [2013.05.08 18:09:56 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
  531. [2013.03.29 03:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
  532. [2013.03.29 03:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
  533. [2013.02.05 18:15:01 | 000,703,117 | ---- | C] () -- C:\Users\Max\AppData\Roaming\technic-launcher.jar
  534. [2012.10.14 19:43:31 | 000,000,299 | ---- | C] () -- C:\Users\Max\AppData\Roaming\GPU MeterV2_Settings.ini
  535. [2012.08.12 18:30:17 | 000,005,632 | ---- | C] () -- C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  536. [2012.08.10 23:38:54 | 000,007,606 | ---- | C] () -- C:\Users\Max\AppData\Local\Resmon.ResmonCfg
  537.  
  538. [color=#E56717]========== ZeroAccess Check ==========[/color]
  539.  
  540. [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  541.  
  542. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  543.  
  544. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  545.  
  546. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  547.  
  548. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  549.  
  550. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  551. "" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
  552. "ThreadingModel" = Apartment
  553.  
  554. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  555. "" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
  556. "ThreadingModel" = Apartment
  557.  
  558. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  559. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  560. "ThreadingModel" = Free
  561.  
  562. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  563. "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
  564. "ThreadingModel" = Free
  565.  
  566. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  567. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  568. "ThreadingModel" = Both
  569.  
  570. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  571.  
  572. [color=#E56717]========== Alternate Data Streams ==========[/color]
  573.  
  574. @Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
  575. @Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
  576.  
  577. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!