| Darkshadow77 | 03.03.2013 21:21 |
- mit OTL Laptop gescannt
1. Logfile: Code:
OTL logfile created on: 03.03.2013 14:04:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Draco\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 5,01 Gb Available Physical Memory | 62,73% Memory free
15,96 Gb Paging File | 12,57 Gb Available in Paging File | 78,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 688,86 Gb Total Space | 216,99 Gb Free Space | 31,50% Space Free | Partition Type: NTFS
Computer Name: DRACO-PC | User Name: Draco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.03.03 14:02:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Draco\Desktop\OTL.exe
PRC - [2013.02.22 15:30:32 | 003,818,776 | ---- | M] () -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
PRC - [2013.02.21 16:32:15 | 004,484,504 | ---- | M] (Spotify Ltd) -- C:\Users\Draco\AppData\Roaming\Spotify\spotify.exe
PRC - [2013.02.21 16:32:15 | 001,103,768 | ---- | M] (Spotify Ltd) -- C:\Users\Draco\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013.02.09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.01.31 16:42:54 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
PRC - [2013.01.26 20:48:45 | 000,743,424 | ---- | M] () -- C:\ProgramData\BOINC\projects\climateprediction.net\hadcm3n_6.07_windows_intelx86.exe
PRC - [2013.01.19 03:51:31 | 001,129,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.01.19 03:50:09 | 002,070,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.01.19 03:50:07 | 001,071,392 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013.01.10 10:02:16 | 000,844,144 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.02 16:58:00 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.06.15 16:14:40 | 000,014,192 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
PRC - [2012.06.15 16:12:40 | 000,071,024 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
PRC - [2012.06.15 16:10:58 | 000,016,240 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
PRC - [2012.06.04 13:07:58 | 000,224,096 | ---- | M] () -- C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
PRC - [2012.03.10 10:18:15 | 000,406,016 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
PRC - [2011.09.22 17:21:38 | 000,315,712 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
PRC - [2011.09.22 17:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
PRC - [2011.09.22 17:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\AlienRespawn\SftService.exe
PRC - [2011.09.21 17:22:02 | 003,964,928 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\AlienRespawn\Toaster.exe
PRC - [2011.09.02 18:24:28 | 001,636,208 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
PRC - [2011.03.25 13:20:59 | 004,757,504 | ---- | M] () -- C:\ProgramData\BOINC\projects\climateprediction.net\hadcm3n_um_6.07_windows_intelx86.exe
PRC - [2011.03.14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010.11.17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010.09.14 01:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.14 01:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
========== Modules (No Company Name) ==========
MOD - [2013.02.21 16:32:15 | 021,938,072 | ---- | M] () -- C:\Users\Draco\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2013.02.14 20:33:04 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll
MOD - [2013.02.14 20:22:55 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.14 20:22:46 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.02.14 20:09:19 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e963e9f51746f8e23837be7760e187c6\System.Windows.Forms.ni.dll
MOD - [2013.01.31 15:31:29 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\5d5b1b0c6e8a714de39a06e3b61f35fe\System.Management.ni.dll
MOD - [2013.01.31 15:30:35 | 000,134,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\f47057832c213ae1ab6ecc1329ea4745\System.Data.DataSetExtensions.ni.dll
MOD - [2013.01.31 15:30:17 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\07753c0a8ed7f9bc61b0ee718f3c779d\System.Runtime.Remoting.ni.dll
MOD - [2013.01.31 15:28:15 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2013.01.31 15:27:33 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll
MOD - [2013.01.31 15:27:30 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll
MOD - [2013.01.31 15:25:32 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\c24dc5c1953c9617b9529172e61ba202\IAStorCommon.ni.dll
MOD - [2013.01.31 15:25:31 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\01d0ecf3e47d2559aa403d296ad5320a\IAStorUtil.ni.dll
MOD - [2013.01.31 15:25:00 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013.01.31 14:51:08 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll
MOD - [2013.01.31 14:50:52 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
MOD - [2013.01.31 14:50:46 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll
MOD - [2013.01.31 14:50:45 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll
MOD - [2013.01.31 14:50:33 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.01.31 14:50:15 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.31 14:49:54 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013.01.31 14:49:40 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.31 14:49:35 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013.01.31 14:49:27 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.31 14:49:22 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.31 14:49:19 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.31 14:49:18 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.31 14:49:15 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013.01.31 14:06:31 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll
MOD - [2013.01.31 14:06:22 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll
MOD - [2013.01.31 14:06:20 | 006,841,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\564f737274f47efdfa212f8da43286e7\System.Data.ni.dll
MOD - [2013.01.31 14:06:16 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll
MOD - [2013.01.31 14:06:14 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013.01.31 14:06:13 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll
MOD - [2013.01.31 14:06:13 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll
MOD - [2013.01.31 14:06:12 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll
MOD - [2013.01.31 14:06:10 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013.01.31 14:06:07 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\221d903193177a76f68965e8ffb8cbb4\System.Numerics.ni.dll
MOD - [2013.01.31 14:06:06 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2012.08.17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
MOD - [2012.03.16 19:07:33 | 000,029,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Diagnostics.ServiceModelSink\3.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Diagnostics.ServiceModelSink.dll
MOD - [2012.02.28 17:44:55 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.09.22 17:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
MOD - [2011.09.02 18:24:28 | 001,636,208 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
MOD - [2010.11.24 22:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010.11.21 07:49:35 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2010.11.21 07:49:27 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Configuration.resources.dll
MOD - [2010.11.21 07:49:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.11.21 07:49:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009.12.18 11:07:06 | 000,577,536 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.06.15 16:10:58 | 000,014,704 | ---- | M] (Alienware) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:64bit: - [2012.05.15 15:01:54 | 001,194,672 | ---- | M] (Space Sciences Laboratory) [Auto | Running] -- C:\Program Files\BOINC\boinc.exe -- (BOINC)
SRV:64bit: - [2011.11.21 15:10:10 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011.03.17 03:14:56 | 000,297,984 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011.01.05 20:41:38 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011.01.05 20:28:50 | 000,340,240 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011.01.05 20:26:56 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.03.03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013.03.01 16:47:46 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.22 15:30:32 | 003,818,776 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe -- (Radio.fx)
SRV - [2013.02.09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.01.31 16:42:54 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)
SRV - [2013.01.19 03:50:09 | 002,070,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.13 20:55:34 | 000,541,168 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.12.02 16:58:00 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.11.30 15:40:53 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2012.10.20 18:24:00 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.04 13:07:58 | 000,224,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe -- (Internet Manager. RunOuc)
SRV - [2012.03.08 18:59:06 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2011.11.21 15:12:56 | 001,403,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.11.21 15:10:04 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.09.22 17:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\AlienRespawn\SftService.exe -- (SftService)
SRV - [2011.08.12 01:04:58 | 000,248,304 | ---- | M] (CyberLink) [On_Demand | Stopped] -- c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2011.08.01 17:24:00 | 003,889,424 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011.03.14 16:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010.11.25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010.11.25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010.09.14 01:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.02.24 15:17:10 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2013.02.24 15:17:10 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2013.02.10 04:25:27 | 000,448,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2013.01.31 17:12:49 | 000,054,104 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2013.01.31 17:12:48 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2013.01.31 17:12:47 | 000,613,720 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013.01.31 17:12:47 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2013.01.31 06:08:40 | 000,467,184 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.12.19 06:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.11.28 11:04:16 | 000,047,240 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2012.11.28 11:04:11 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV:64bit: - [2012.11.28 11:04:11 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCap)
DRV:64bit: - [2012.09.20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.09.20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.08.23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.13 16:49:40 | 000,178,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2012.08.02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2012.06.19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2012.06.04 13:07:58 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2012.06.04 13:07:58 | 000,222,464 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2012.06.04 13:07:58 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2012.06.04 13:07:58 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2012.06.04 13:07:58 | 000,039,552 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tcpipBM.sys -- (tcpipBM)
DRV:64bit: - [2012.06.04 13:07:58 | 000,016,512 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BMLoad.sys -- (BMLoad)
DRV:64bit: - [2012.06.04 13:07:58 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2012.03.06 19:08:32 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.28 17:45:14 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.02.28 17:45:14 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.12.08 05:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.12.08 05:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.12.08 05:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.09.22 21:01:54 | 000,311,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0105.sys -- (RsFx0105)
DRV:64bit: - [2011.05.04 01:35:08 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.03.17 03:14:56 | 000,521,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011.03.04 01:42:38 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.03.04 01:18:22 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.03.04 01:18:22 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.01.20 18:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010.11.30 14:48:38 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.11.21 04:23:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc60.sys -- (netvsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusVideoM.sys -- (SynthVid)
DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.09.14 01:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.09.07 14:41:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010.08.20 11:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010.08.17 14:17:46 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.08.17 14:17:46 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.08.17 14:17:46 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.03.19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.02.27 02:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2009.12.30 12:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.26 22:43:42 | 000,016,752 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EMSC.sys -- (EMSC)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006.11.01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2013.01.23 07:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2011.06.04 22:51:52 | 000,009,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Games\ArtMoney\am73964.sys -- (am7pro)
DRV - [2009.10.14 08:24:44 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.06.26 22:43:42 | 000,013,680 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\EMSC.sys -- (EMSC)
DRV - [2005.01.01 10:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.de/alienware
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119828&babsrc=HP_ss&mntrId=2a6fe892000000000000247703491961
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119828&babsrc=SP_ss&mntrId=2a6fe892000000000000247703491961
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\..\SearchScopes\{9B4A834C-9A9A-425B-845E-484412CF9332}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=4081b162-03e1-44b8-b9b3-12b96dd7ec4b&apn_sauid=D55E0BAF-4CCA-4B19-A307-7611279EBCE9
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1019\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.de/alienware
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1019\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1019\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1019\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1019\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1019\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1020\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.de/alienware
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1020\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1020\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1020\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1020\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1503614190-581956262-4018303520-1020\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "InnoGames Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.delta-search.com/?affID=119828&babsrc=HP_ss&mntrId=2a6fe892000000000000247703491961"
FF - prefs.js..extensions.enabledAddons: nasanightlaunch@example.com:0.6.20121115
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.01.31 17:12:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.01.31 17:12:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.01.31 17:12:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.01.31 17:12:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.01.31 17:12:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.20 18:24:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.20 18:24:00 | 000,000,000 | ---D | M]
[2012.03.12 15:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Draco\AppData\Roaming\Mozilla\Extensions
[2013.03.03 12:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions
[2013.02.23 19:59:46 | 000,000,000 | ---D | M] (XfireXO Community Toolbar) -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2013.02.23 19:59:44 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.02.23 20:00:02 | 000,000,000 | ---D | M] (InnoGames Community Toolbar) -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}
[2013.02.23 19:59:14 | 000,000,000 | ---D | M] ("Default Theme Engine - Personas Interactive") -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions\btpersonas@brandthunder.com
[2013.02.26 18:46:29 | 000,000,000 | ---D | M] ("SearchGBY") -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions\plugin@searchgby.com
[2013.01.19 21:08:59 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions\toolbar@ask.com
[2012.07.05 16:56:13 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions\elemhidehelper@adblockplus.org.xpi
[2012.11.18 10:38:21 | 002,307,149 | ---- | M] () (No name found) -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions\nasanightlaunch@example.com.xpi
[2013.01.19 21:08:55 | 000,538,938 | ---- | M] () (No name found) -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions\toolbar@web.de.xpi
[2013.02.23 19:59:49 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.03 12:43:40 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013.02.23 20:00:04 | 000,685,671 | ---- | M] () (No name found) -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
[2013.03.02 17:04:57 | 000,000,766 | ---- | M] () -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\searchplugins\11-suche.xml
[2013.02.27 18:57:07 | 000,002,834 | ---- | M] () -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\searchplugins\askcom.xml
[2013.02.27 18:57:07 | 000,001,127 | ---- | M] () -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\searchplugins\conduit.xml
[2013.02.27 18:59:10 | 000,001,294 | ---- | M] () -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\searchplugins\delta.xml
[2013.03.02 17:04:57 | 000,002,111 | ---- | M] () -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\searchplugins\englische-ergebnisse.xml
[2013.03.02 17:04:57 | 000,010,420 | ---- | M] () -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\searchplugins\gmx-suche.xml
[2013.03.02 17:04:57 | 000,002,392 | ---- | M] () -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\searchplugins\lastminute.xml
[2013.03.02 17:04:57 | 000,005,400 | ---- | M] () -- C:\Users\Draco\AppData\Roaming\Mozilla\Firefox\Profiles\abt6zpny.default\searchplugins\webde-suche.xml
[2012.10.20 18:23:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.10.20 18:23:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2012.10.20 18:23:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
[2012.10.20 18:23:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.10.20 18:24:00 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.02 17:04:57 | 000,001,400 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.02 17:04:57 | 000,001,679 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.03.02 17:04:57 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.02 17:04:57 | 000,006,818 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.27 18:57:07 | 000,001,278 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.02 17:04:57 | 000,000,903 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Bing ()
CHR - default_search_provider: search_url = hxxp://www.bing.com/search?setmkt=de-DE&q={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://api.bing.com/osjson.aspx?query={searchTerms}&language={language}
CHR - homepage: hxxp://www.google.de/
CHR - Extension: SearchGBY = C:\Users\Draco\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmijdhkcgeclpfjmibnginbbkfcbpep\0.9.55_0\
O1 HOSTS File: ([2012.03.08 20:54:16 | 000,441,475 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15172 more lines...
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll (Conduit Ltd.)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [Command Center Controllers] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe (Alienware)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AlienwareOn-ScreenDisplay] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe ()
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Integrated Webcam Live! Central] C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1000..\Run: [Spotify] C:\Users\Draco\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1000..\Run: [Spotify Web Helper] C:\Users\Draco\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1019..\Run: [Akamai NetSession Interface] C:\Users\Draco\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1019..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EA Link\Core.exe -silent File not found
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1019..\Run: [Internet Manager] C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe ()
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1019..\Run: [rfxsrvtray] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1019..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1020..\Run: [Akamai NetSession Interface] C:\Users\Draco\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1020..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EA Link\Core.exe -silent File not found
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1020..\Run: [Internet Manager] C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe ()
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1020..\Run: [rfxsrvtray] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1020..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingA6911] command.com /c del "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" File not found
O4 - HKLM..\RunOnce: [SpybotDeletingC8369] cmd.exe /c del "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1000..\RunOnce: [SpybotDeletingB9880] command.com /c del "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" File not found
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1000..\RunOnce: [SpybotDeletingD9847] cmd.exe /c del "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" File not found
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1019..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1503614190-581956262-4018303520-1020..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1019\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1019\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1019\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1019\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1020\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1020\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1020\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1503614190-581956262-4018303520-1020\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FA38330-5782-44DE-B030-C763F3C82E97}: NameServer = 10.111.81.129 10.129.32.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{751CB4AC-2956-410B-B93C-68ED5ED03CBF}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FA4BB78-8895-4C48-99B5-0D9DAE3F15EE}: NameServer = 10.74.210.210 10.74.210.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A22F4455-0746-4345-91CE-6829482F76A1}: NameServer = 10.129.32.1 10.111.81.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D2763C48-FDE7-4683-8BB6-7D5C39768193}: NameServer = 10.129.32.1 10.111.81.129
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{984133bc-afa5-11e1-916a-9cb70d52820c}\Shell - "" = AutoRun
O33 - MountPoints2\{984133bc-afa5-11e1-916a-9cb70d52820c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c77b40a2-ae30-11e1-bb6d-9cb70d52820c}\Shell - "" = AutoRun
O33 - MountPoints2\{c77b40a2-ae30-11e1-bb6d-9cb70d52820c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c77b40d3-ae30-11e1-bb6d-9cb70d52820c}\Shell - "" = AutoRun
O33 - MountPoints2\{c77b40d3-ae30-11e1-bb6d-9cb70d52820c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c77b4104-ae30-11e1-bb6d-9cb70d52820c}\Shell - "" = AutoRun
O33 - MountPoints2\{c77b4104-ae30-11e1-bb6d-9cb70d52820c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c77b4119-ae30-11e1-bb6d-9cb70d52820c}\Shell - "" = AutoRun
O33 - MountPoints2\{c77b4119-ae30-11e1-bb6d-9cb70d52820c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c77b4126-ae30-11e1-bb6d-9cb70d52820c}\Shell - "" = AutoRun
O33 - MountPoints2\{c77b4126-ae30-11e1-bb6d-9cb70d52820c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c77b4179-ae30-11e1-bb6d-9cb70d52820c}\Shell - "" = AutoRun
O33 - MountPoints2\{c77b4179-ae30-11e1-bb6d-9cb70d52820c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c77b4192-ae30-11e1-bb6d-9cb70d52820c}\Shell - "" = AutoRun
O33 - MountPoints2\{c77b4192-ae30-11e1-bb6d-9cb70d52820c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f00001b4-abc6-11e1-a60b-9cb70d52820c}\Shell - "" = AutoRun
O33 - MountPoints2\{f00001b4-abc6-11e1-a60b-9cb70d52820c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f00001b9-abc6-11e1-a60b-9cb70d52820c}\Shell - "" = AutoRun
O33 - MountPoints2\{f00001b9-abc6-11e1-a60b-9cb70d52820c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f00001ca-abc6-11e1-a60b-9cb70d52820c}\Shell - "" = AutoRun
O33 - MountPoints2\{f00001ca-abc6-11e1-a60b-9cb70d52820c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f000028f-abc6-11e1-a60b-9cb70d52820c}\Shell - "" = AutoRun
O33 - MountPoints2\{f000028f-abc6-11e1-a60b-9cb70d52820c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.03 14:02:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Draco\Desktop\OTL.exe
[2013.03.03 14:00:43 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Draco\Desktop\mbam-setup-1.70.0.1100.exe
[2013.03.03 13:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2013.03.03 13:25:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2013.03.03 11:23:01 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Draco\Desktop\HijackThis.exe
[2013.03.02 18:23:30 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Roaming\Synaptics
[2013.03.01 20:34:40 | 006,393,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.03.01 20:34:40 | 003,472,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.03.01 20:34:40 | 002,555,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.03.01 20:34:40 | 000,237,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.03.01 20:34:40 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.03.01 20:33:51 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.03.01 20:32:30 | 026,947,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.03.01 20:32:30 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.03.01 20:32:30 | 015,275,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.03.01 20:32:30 | 012,862,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.03.01 20:32:30 | 007,569,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.03.01 20:32:30 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.03.01 20:32:30 | 001,510,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2013.03.01 20:32:30 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvir3dgenco6420162.dll
[2013.03.01 20:32:30 | 000,448,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvstusb.sys
[2013.03.01 20:32:30 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.03.01 20:32:30 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.03.01 20:32:29 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.03.01 20:32:29 | 017,987,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.03.01 20:32:29 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.03.01 20:32:29 | 015,038,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.03.01 20:32:29 | 009,422,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.03.01 20:32:29 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.03.01 20:32:29 | 002,911,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.03.01 20:32:29 | 002,854,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.03.01 20:32:29 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.03.01 20:32:29 | 002,528,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.03.01 20:32:29 | 002,350,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.03.01 20:32:29 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.03.01 20:32:29 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll
[2013.03.01 20:32:29 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll
[2013.03.01 17:43:21 | 000,652,288 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2013.03.01 17:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2013.02.27 20:16:11 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.27 20:16:11 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.27 20:16:11 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.27 20:16:11 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.27 20:16:08 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.27 20:16:08 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.27 20:16:05 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.27 20:16:05 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.27 20:16:05 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.27 20:16:05 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.27 20:16:05 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 20:16:05 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 20:16:05 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 20:16:05 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 20:16:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 20:16:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 20:16:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 20:16:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 20:16:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 20:16:05 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 20:16:05 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 20:16:04 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.27 20:16:04 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.27 20:16:04 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.27 20:16:04 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.27 20:16:04 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.27 20:16:04 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.27 20:16:04 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.27 20:16:04 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.27 20:16:04 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.27 20:16:04 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.27 20:16:04 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.27 20:16:04 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.27 20:16:04 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.02.27 20:16:04 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 20:16:04 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 20:16:04 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 20:16:04 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 20:16:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 20:16:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 20:16:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 19:00:18 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Roaming\JAM Software
[2013.02.27 18:57:07 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Roaming\Opera
[2013.02.27 18:56:59 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Roaming\OCS
[2013.02.26 17:09:49 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
[2013.02.26 17:09:32 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Local\Deployment
[2013.02.26 17:09:32 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Local\Apps
[2013.02.25 18:49:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alienware On-Screen Display
[2013.02.25 16:58:41 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Secrets of Da Vinci
[2013.02.25 16:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secrets of Da Vinci
[2013.02.25 16:53:53 | 000,000,000 | ---D | C] -- C:\Windows\Secrets of Da Vinci
[2013.02.25 16:53:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secrets of Da Vinci
[2013.02.24 21:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2013.02.24 21:50:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SureThing Shared
[2013.02.24 21:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoShow Shared Assets
[2013.02.24 21:49:56 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2013.02.24 21:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter
[2013.02.24 21:46:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013.02.24 21:46:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2013.02.24 21:45:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2013.02.24 21:31:05 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Roaming\Roxio Log Files
[2013.02.24 15:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages
[2013.02.24 15:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peter Games
[2013.02.24 15:10:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Peter Games
[2013.02.24 11:30:18 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Local\capcom
[2013.02.24 10:22:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM
[2013.02.23 18:40:33 | 000,000,000 | ---D | C] -- C:\Users\Draco\Desktop\Neuer Ordner (3)
[2013.02.23 12:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5
[2013.02.23 12:48:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Kombustor 2.5
[2013.02.23 12:47:00 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2013.02.23 12:46:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2013.02.23 12:20:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.02.23 12:20:08 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Roaming\BrowserCompanion
[2013.02.21 18:24:56 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Local\NVIDIA
[2013.02.14 20:01:58 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.14 20:01:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.14 20:01:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.14 20:01:57 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.14 20:01:57 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.14 20:01:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.14 20:01:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.14 20:01:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.14 20:01:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.14 20:01:56 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.14 20:01:56 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.14 20:01:56 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.14 20:01:55 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.14 20:01:55 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.14 20:01:55 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.14 18:00:25 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.14 18:00:25 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.14 18:00:24 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.14 18:00:15 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.14 18:00:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.14 18:00:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.14 18:00:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.14 18:00:15 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.14 18:00:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.14 18:00:05 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.12 18:01:42 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Local\EA Games
[2013.02.09 18:43:52 | 000,555,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013.02.05 21:05:57 | 000,000,000 | ---D | C] -- C:\Users\Draco\Desktop\TheHunter2013
[2013.02.05 16:48:21 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Local\Nexway
[2013.02.02 14:25:50 | 000,000,000 | ---D | C] -- C:\Users\Draco\Documents\theHunter
[2013.02.02 14:23:46 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Local\theHunter
[2013.02.02 12:06:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.02.02 10:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Hunter
[2013.02.02 10:16:08 | 000,000,000 | ---D | C] -- C:\Users\Draco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\theHunter
[2013.02.02 10:15:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\theHunter
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.03.03 14:02:15 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Draco\Desktop\mbam-setup-1.70.0.1100.exe
[2013.03.03 14:02:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Draco\Desktop\OTL.exe
[2013.03.03 13:56:18 | 000,000,123 | ---- | M] () -- C:\Windows\wininit.ini
[2013.03.03 13:44:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.03 13:25:10 | 000,001,220 | ---- | M] () -- C:\Users\Draco\Desktop\Spybot - Search & Destroy.lnk
[2013.03.03 13:19:01 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.03 13:19:01 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.03 13:05:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.03 11:22:58 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Draco\Desktop\HijackThis.exe
[2013.03.02 18:49:19 | 000,833,296 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.02 18:49:19 | 000,829,274 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013.03.02 18:49:19 | 000,829,106 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2013.03.02 18:49:19 | 000,827,238 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2013.03.02 18:49:19 | 000,824,182 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2013.03.02 18:49:19 | 000,823,570 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013.03.02 18:49:19 | 000,767,758 | ---- | M] () -- C:\Windows\SysNative\perfh00E.dat
[2013.03.02 18:49:19 | 000,751,156 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.03.02 18:49:19 | 000,745,532 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.02 18:49:19 | 000,691,950 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat
[2013.03.02 18:49:19 | 000,591,980 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2013.03.02 18:49:19 | 000,576,832 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat
[2013.03.02 18:49:19 | 000,564,294 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2013.03.02 18:49:19 | 000,561,696 | ---- | M] () -- C:\Windows\SysNative\perfh001.dat
[2013.03.02 18:49:19 | 000,507,898 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2013.03.02 18:49:19 | 000,496,214 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2013.03.02 18:49:19 | 000,474,120 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2013.03.02 18:49:19 | 000,218,416 | ---- | M] () -- C:\Windows\SysNative\perfc00E.dat
[2013.03.02 18:49:19 | 000,205,272 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2013.03.02 18:49:19 | 000,202,488 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013.03.02 18:49:19 | 000,199,210 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2013.03.02 18:49:19 | 000,197,616 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.02 18:49:19 | 000,195,528 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013.03.02 18:49:19 | 000,193,210 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2013.03.02 18:49:19 | 000,187,422 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.03.02 18:49:19 | 000,167,940 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.02 18:49:19 | 000,167,594 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2013.03.02 18:49:19 | 000,165,882 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2013.03.02 18:49:19 | 000,158,082 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat
[2013.03.02 18:49:19 | 000,147,614 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2013.03.02 18:49:19 | 000,144,818 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2013.03.02 18:49:19 | 000,140,976 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat
[2013.03.02 18:49:19 | 000,140,190 | ---- | M] () -- C:\Windows\SysNative\perfc001.dat
[2013.03.02 18:49:19 | 000,130,300 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2013.03.02 18:49:19 | 000,113,638 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2013.03.02 18:49:19 | 000,113,400 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2013.03.02 18:49:19 | 000,112,952 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2013.03.02 18:49:19 | 000,111,348 | ---- | M] () -- C:\Windows\SysNative\perfh01F.dat
[2013.03.02 18:49:19 | 000,111,012 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2013.03.02 18:49:19 | 000,097,564 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2013.03.02 18:49:19 | 000,096,906 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2013.03.02 18:49:19 | 000,058,850 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2013.03.02 18:49:19 | 000,058,716 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2013.03.02 18:49:19 | 000,058,266 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2013.03.02 18:49:19 | 000,058,248 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2013.03.02 18:49:19 | 000,058,184 | ---- | M] () -- C:\Windows\SysNative\perfc01F.dat
[2013.03.02 18:49:19 | 000,056,532 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2013.03.02 18:49:19 | 000,056,532 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2013.03.02 18:49:19 | 000,007,996 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.02 18:37:57 | 000,001,803 | ---- | M] () -- C:\Users\Public\Desktop\Alienware Command Center.lnk
[2013.03.02 15:45:04 | 000,467,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.03.01 21:10:53 | 000,005,037 | ---- | M] () -- C:\Users\Draco\AppData\Roaming\EasyToolz.ini
[2013.03.01 16:47:46 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.01 16:47:46 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.26 19:10:18 | 000,066,155 | ---- | M] () -- C:\Users\Draco\Desktop\bluescreenview_147.zip
[2013.02.25 16:58:41 | 000,001,905 | ---- | M] () -- C:\Users\Draco\Desktop\The Secrets Of Da Vinci.lnk
[2013.02.24 21:49:38 | 000,002,124 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator Starter.lnk
[2013.02.24 15:17:10 | 000,088,480 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2013.02.24 15:17:10 | 000,046,400 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2013.02.24 15:12:47 | 000,002,305 | ---- | M] () -- C:\Users\Draco\Desktop\Nostradamus - Die letzte Prophezeiung.lnk
[2013.02.24 11:29:58 | 000,001,672 | ---- | M] () -- C:\Users\Draco\Desktop\LPCLauncher.exe.lnk
[2013.02.22 19:28:17 | 000,504,922 | ---- | M] () -- C:\Users\Draco\Desktop\Crysis 3 v1.0 +6 Trainer.rar
[2013.02.19 17:45:42 | 003,325,720 | ---- | M] (Tobit.Software) -- C:\Windows\RXSUnins.exe
[2013.02.19 17:45:42 | 003,325,720 | ---- | M] (Tobit.Software) -- C:\Windows\RXCUnins.exe
[2013.02.14 17:52:17 | 000,547,804 | ---- | M] () -- C:\Users\Draco\Desktop\DEAD SPACE 3 (+5 TRAINER).zip
[2013.02.13 01:26:34 | 000,042,880 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2013.02.13 01:26:34 | 000,028,544 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2013.02.11 18:52:37 | 000,000,049 | ---- | M] () -- C:\Users\Draco\AppData\Roaming\TheHunterSettings_live.cfg
[2013.02.10 21:56:26 | 000,628,127 | ---- | M] () -- C:\Users\Draco\Desktop\Dead Space Trainer +3 v1.0.0.222.zip
[2013.02.10 20:04:21 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[2013.02.10 19:34:26 | 000,007,598 | ---- | M] () -- C:\Users\Draco\AppData\Local\resmon.resmoncfg
[2013.02.10 04:25:27 | 026,947,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.02.10 04:25:27 | 025,256,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.02.10 04:25:27 | 020,534,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.02.10 04:25:27 | 017,987,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.02.10 04:25:27 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.02.10 04:25:27 | 015,275,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.02.10 04:25:27 | 015,038,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.02.10 04:25:27 | 012,862,400 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.02.10 04:25:27 | 009,422,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.02.10 04:25:27 | 007,964,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.02.10 04:25:27 | 007,569,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.02.10 04:25:27 | 006,267,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.02.10 04:25:27 | 002,911,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.02.10 04:25:27 | 002,854,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.02.10 04:25:27 | 002,726,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.02.10 04:25:27 | 002,528,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.02.10 04:25:27 | 002,350,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.02.10 04:25:27 | 001,990,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.02.10 04:25:27 | 001,807,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll
[2013.02.10 04:25:27 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvir3dgenco6420162.dll
[2013.02.10 04:25:27 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll
[2013.02.10 04:25:27 | 000,448,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvstusb.sys
[2013.02.10 04:25:27 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013.02.10 02:04:31 | 006,393,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.02.10 02:04:31 | 003,472,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.02.10 02:04:29 | 002,555,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.02.10 02:04:29 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.02.10 02:04:29 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.02.09 18:43:52 | 000,555,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013.02.07 16:34:50 | 000,101,548 | ---- | M] () -- C:\Users\Draco\Desktop\Drachenbaby.jpg
[2013.02.07 16:34:50 | 000,000,840 | ---- | M] () -- C:\Users\Draco\.recently-used.xbel
[2013.02.06 19:56:47 | 000,048,225 | ---- | M] () -- C:\Users\Draco\Desktop\Blackdragon.jpg
[2013.02.03 13:06:33 | 000,011,869 | ---- | M] () -- C:\Users\Draco\AppData\Roaming\TheHunterSettings_live.bin
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.03.03 13:56:18 | 000,000,123 | ---- | C] () -- C:\Windows\wininit.ini
[2013.03.03 13:25:10 | 000,001,220 | ---- | C] () -- C:\Users\Draco\Desktop\Spybot - Search & Destroy.lnk
[2013.03.02 18:37:57 | 000,001,803 | ---- | C] () -- C:\Users\Public\Desktop\Alienware Command Center.lnk
[2013.03.01 20:32:29 | 000,017,738 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013.02.26 19:10:21 | 000,066,155 | ---- | C] () -- C:\Users\Draco\Desktop\bluescreenview_147.zip
[2013.02.25 16:58:41 | 000,001,905 | ---- | C] () -- C:\Users\Draco\Desktop\The Secrets Of Da Vinci.lnk
[2013.02.24 21:49:38 | 000,002,124 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Creator Starter.lnk
[2013.02.24 15:12:47 | 000,002,305 | ---- | C] () -- C:\Users\Draco\Desktop\Nostradamus - Die letzte Prophezeiung.lnk
[2013.02.24 14:47:59 | 000,088,480 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2013.02.24 14:47:59 | 000,046,400 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2013.02.24 11:29:58 | 000,001,672 | ---- | C] () -- C:\Users\Draco\Desktop\LPCLauncher.exe.lnk
[2013.02.22 19:28:09 | 000,504,922 | ---- | C] () -- C:\Users\Draco\Desktop\Crysis 3 v1.0 +6 Trainer.rar
[2013.02.14 17:52:22 | 000,547,804 | ---- | C] () -- C:\Users\Draco\Desktop\DEAD SPACE 3 (+5 TRAINER).zip
[2013.02.13 01:26:34 | 000,042,880 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2013.02.13 01:26:34 | 000,028,544 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2013.02.10 21:55:54 | 000,628,127 | ---- | C] () -- C:\Users\Draco\Desktop\Dead Space Trainer +3 v1.0.0.222.zip
[2013.02.10 20:04:21 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2013.02.07 16:34:50 | 000,000,840 | ---- | C] () -- C:\Users\Draco\.recently-used.xbel
[2013.02.06 20:00:02 | 000,048,225 | ---- | C] () -- C:\Users\Draco\Desktop\Blackdragon.jpg
[2013.02.06 19:55:44 | 000,101,548 | ---- | C] () -- C:\Users\Draco\Desktop\Drachenbaby.jpg
[2013.02.02 14:26:27 | 000,011,869 | ---- | C] () -- C:\Users\Draco\AppData\Roaming\TheHunterSettings_live.bin
[2013.02.02 14:23:15 | 000,000,049 | ---- | C] () -- C:\Users\Draco\AppData\Roaming\TheHunterSettings_live.cfg
[2012.10.28 20:26:16 | 000,005,632 | ---- | C] () -- C:\Users\Draco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.28 17:59:09 | 000,007,598 | ---- | C] () -- C:\Users\Draco\AppData\Local\resmon.resmoncfg
[2012.09.28 20:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012.09.26 09:07:26 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012.06.19 13:02:17 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.06.16 17:14:50 | 000,184,320 | ---- | C] () -- C:\Windows\SysWow64\miccyhook.dll
[2012.06.15 16:13:58 | 000,022,384 | ---- | C] () -- C:\Windows\SysWow64\LightFX.dll
[2012.05.22 16:47:02 | 000,113,180 | ---- | C] () -- C:\Users\Draco\AppData\Roaming\icarus-dxdiag.xml
[2012.04.06 22:12:01 | 000,000,000 | ---- | C] () -- C:\Users\Draco\hsqlprefs.dat
[2012.03.10 14:01:45 | 002,648,064 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
[2012.03.10 11:48:36 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.03.10 11:48:36 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.03.09 14:54:54 | 000,005,037 | ---- | C] () -- C:\Users\Draco\AppData\Roaming\EasyToolz.ini
[2012.03.08 22:21:48 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2012.02.14 13:20:40 | 000,002,093 | ---- | C] () -- C:\ProgramData\ENGPOL.2012-02.pl.nicolasgames_4F1DC181-E82E-4492-94DF-511B0A5FD4C0.swidtag
[2012.01.31 17:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 17:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.01.31 17:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.01.31 17:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.01.31 17:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.06.27 09:07:14 | 000,098,232 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.01 10:45:27 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Acreon
[2012.04.04 18:51:13 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Bioshock
[2012.10.05 20:50:33 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\BitTorrent
[2012.04.04 16:37:18 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\bizarre creations
[2013.03.02 17:25:19 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\BrowserCompanion
[2012.08.31 09:48:54 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2012.03.16 22:39:04 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Dev-Cpp
[2012.08.03 18:28:40 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\EoN
[2012.03.08 20:59:45 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\fltk.org
[2012.11.09 13:48:05 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Galaxy on Fire 2 Full HD
[2012.09.11 15:23:08 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\GetRightToGo
[2012.04.20 17:57:16 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\gnupg
[2012.12.10 00:01:35 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\gtk-2.0
[2012.03.09 19:29:21 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\IDT
[2013.02.27 19:09:50 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\JAM Software
[2012.03.12 15:43:21 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Media Finder
[2012.09.05 17:13:32 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\NCH Swift Sound
[2012.10.05 20:31:09 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Need for Speed World
[2013.03.02 17:05:30 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\OCS
[2013.02.27 18:57:07 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Opera
[2012.11.17 20:43:02 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Origin
[2012.03.10 18:44:37 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\PCDr
[2012.11.04 09:23:04 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\PlayFirst
[2012.11.08 19:04:37 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\ProtectDISC
[2012.04.01 19:27:37 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Samsung
[2012.10.26 10:35:25 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\six-updater
[2012.10.26 10:33:15 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\six-zsync
[2012.06.26 18:08:45 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Sports Interactive
[2013.03.03 14:16:31 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Spotify
[2013.03.02 18:23:30 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Synaptics
[2012.03.08 22:38:57 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\System
[2012.06.01 10:02:36 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\T-Mobile
[2012.06.09 11:40:27 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Temp
[2013.01.03 17:28:07 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\The Creative Assembly
[2012.03.20 21:07:19 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Tobit
[2012.10.26 12:40:44 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\ts3overlay
[2012.10.26 12:40:58 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\ts3overlay_hook_win64
[2012.03.08 17:46:12 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\TuneUp Software
[2012.10.31 17:44:24 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\Ubisoft
[2012.10.05 15:46:59 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\wargaming.net
[2012.08.18 20:17:21 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\WinBatch
[2012.03.08 22:40:03 | 000,000,000 | -HSD | M] -- C:\Users\Draco\AppData\Roaming\wyUpdate AU
[2012.05.13 10:49:37 | 000,000,000 | ---D | M] -- C:\Users\Draco\AppData\Roaming\XRay Engine
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:05EE1EEF
< End of report >
--- --- --- |
