OTL Logfile: Code:
OTL logfile created on: 15.11.2014 20:11:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Veli\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,98 Gb Total Physical Memory | 4,35 Gb Available Physical Memory | 62,28% Memory free
13,96 Gb Paging File | 10,99 Gb Available in Paging File | 78,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 353,61 Gb Free Space | 75,94% Space Free | Partition Type: NTFS
Computer Name: VELI-PC | User Name: Veli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Veli\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\GammaGUIMBR\GammaGUIMBR.exe ()
PRC - C:\Users\Veli\AppData\Local\GammaRootStart\GammaRootStart.exe ()
PRC - C:\Users\Veli\AppData\Local\GammaRootStart\DebuggerProgramRuntime.exe ()
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe (Advanced Micro Devices, Inc.)
PRC - C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\AudioCS\CTAudCS.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
PRC - C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe (Creative Technology Ltd.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\Veli\AppData\Local\GammaRootStart\DebuggerProgramRuntime.exe ()
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()
MOD - C:\Windows\SysWOW64\CmdRtr.DLL ()
========== Services (SafeList) ==========
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (GammaGUIMBR) -- C:\Windows\SysWOW64\GammaGUIMBR\GammaGUIMBR.exe ()
SRV - (GammaRootStart.exe) -- C:\Users\Veli\AppData\Local\GammaRootStart\GammaRootStart.exe ()
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (BlueSoleilCS) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT Corporation)
SRV - (BsHelpCS) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (IVT Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Windows (R) Win 7 DDK provider)
SRV - (ZAtheros Bt and Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (RtkAudioService) -- C:\Programme\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (RSP2STOR) -- C:\Windows\SysNative\drivers\RtsP2Stor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (splitcam_hd_driver) -- C:\Windows\SysNative\drivers\splitcam_hd_driver.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (BthL2caScoIfSrv) -- C:\Windows\SysNative\drivers\BtL2caScoIf.sys (Ralink Corporation)
DRV:64bit: - (scvad_simple) -- C:\Windows\SysNative\drivers\SplitCamAudio.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ksaud) -- C:\Windows\SysNative\drivers\ksaud.sys (Creative Technology Ltd.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (BtAudioBusSrv) -- C:\Windows\SysNative\drivers\BtAudioBus.sys (IVT Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 71 5B 65 EC 98 D9 CF 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*origin.com;*ea.com;*akamaihd.net
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:37649
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@speakychat.ch/SpeakyChatLB: C:\Users\Veli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SpeakyChatLB\NPspeakychatlb.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.11.10 16:25:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.11.10 16:25:08 | 000,000,000 | ---D | M]
[2014.10.26 23:25:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Veli\AppData\Roaming\mozilla\Extensions
[2014.11.14 18:44:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Veli\AppData\Roaming\mozilla\Firefox\Profiles\6ihd2zg5.default-1415984810115\extensions
[2014.11.14 18:08:34 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\Veli\AppData\Roaming\mozilla\firefox\profiles\6ihd2zg5.default-1415984810115\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.11.10 16:25:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.11.10 16:25:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.02.12 07:53:30 | 000,543,328 | ---- | M] (SpeakyChat LB) -- C:\Program Files (x86)\mozilla firefox\plugins\NPspeakychatlb.dll
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Veli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Veli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Veli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Veli\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Veli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Veli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Veli\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Veli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpalbmbgpoekgolgbahfhobfgfcdbofl\187\
CHR - Extension: No name found = C:\Users\Veli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Veli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjaghjbmjeoiefdghgolhhdpaaljbame\2.0\
CHR - Extension: No name found = C:\Users\Veli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O4:64bit: - HKLM..\Run: [Creative SB Monitoring Utility] C:\Windows\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NUSB3MON] c:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe (Advanced Micro Devices, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4813817F-D24A-41A7-83FF-10203872C5FD}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.11.13 01:38:15 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014.11.15 09:04:42 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Roaming\NCH Software
[2014.11.15 09:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2014.11.15 09:04:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Software
[2014.11.14 18:06:54 | 000,000,000 | ---D | C] -- C:\Users\Veli\Desktop\Alte Firefox-Daten
[2014.11.14 15:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2014.11.14 15:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2014.11.14 15:29:28 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Local\CheckCode
[2014.11.14 15:17:36 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.11.13 02:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2014.11.13 01:37:38 | 000,000,000 | ---D | C] -- C:\Users\Veli\Start Menu
[2014.11.12 13:09:27 | 000,000,000 | -HSD | C] -- C:\Users\Veli\AppData\Local\EmieBrowserModeList
[2014.11.12 12:28:55 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Roaming\AdvancedSystemProtector
[2014.11.12 12:14:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\GammaGUIMBR
[2014.11.12 12:14:33 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Local\GammaRootStart
[2014.11.12 12:07:37 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Roaming\Dorrible
[2014.11.12 10:35:25 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.11.12 10:35:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.11.12 10:35:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.11.12 10:35:25 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.11.12 10:35:25 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.11.12 10:35:24 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.11.12 10:35:24 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.11.12 10:35:23 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.11.12 10:35:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.11.12 10:35:20 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.11.12 10:35:20 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.11.12 10:35:19 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.11.12 10:35:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.11.12 10:35:17 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.11.12 10:35:17 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.11.12 10:35:17 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.11.12 10:35:16 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.11.12 10:35:16 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.11.12 10:35:16 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.11.12 10:35:14 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.11.12 10:35:14 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.11.12 10:35:13 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.11.12 10:35:11 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.11.12 10:35:10 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.11.12 10:35:09 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.11.12 10:35:09 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.11.12 10:35:08 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.11.12 10:35:08 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.11.12 10:35:06 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.11.12 10:35:06 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.11.12 10:35:05 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.11.12 10:35:05 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.11.12 10:35:04 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.11.12 10:35:03 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.11.12 10:35:03 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.11.12 10:09:43 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014.11.12 10:09:43 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014.11.12 10:09:42 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014.11.12 10:09:42 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2014.11.12 10:09:42 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2014.11.12 10:04:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.11.12 10:04:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.11.12 10:04:24 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2014.11.12 10:04:24 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2014.11.12 10:04:22 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014.11.12 10:04:22 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014.11.12 10:04:22 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014.11.12 10:04:21 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014.11.12 10:04:21 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014.11.12 10:03:33 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014.11.12 10:03:11 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014.11.12 10:03:11 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014.11.12 10:03:07 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014.11.12 10:03:01 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014.11.10 16:25:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.11.04 20:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
[2014.11.04 20:47:50 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
[2014.11.04 20:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
[2014.11.02 23:32:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014.10.27 16:26:18 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Local\Bump Technologies, Inc
[2014.10.27 16:26:09 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Roaming\Bump Technologies, Inc
[2014.10.27 16:26:05 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2014.10.27 16:26:05 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2014.10.27 16:26:04 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2014.10.27 16:26:04 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2014.10.27 16:26:03 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014.10.27 16:26:03 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014.10.27 16:26:02 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014.10.27 16:26:02 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014.10.27 16:26:01 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014.10.27 16:26:01 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2014.10.27 16:26:01 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014.10.27 16:26:01 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2014.10.27 16:26:00 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2014.10.27 16:26:00 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014.10.27 16:25:59 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014.10.27 16:25:59 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2014.10.27 16:25:57 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014.10.27 16:25:57 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2014.10.27 16:25:56 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2014.10.27 16:25:56 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014.10.27 16:25:55 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014.10.27 16:25:55 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2014.10.27 16:25:54 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014.10.27 16:25:54 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2014.10.27 16:25:52 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014.10.27 16:25:52 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014.10.27 16:25:51 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014.10.27 16:25:51 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2014.10.27 16:25:51 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014.10.27 16:25:51 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2014.10.27 16:25:49 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2014.10.27 16:25:49 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2014.10.27 16:25:48 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2014.10.27 16:25:48 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2014.10.27 16:25:48 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014.10.27 16:25:48 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2014.10.27 16:25:47 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2014.10.27 16:25:47 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2014.10.27 16:25:46 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2014.10.27 16:25:46 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2014.10.27 16:25:45 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2014.10.27 16:25:45 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2014.10.27 16:25:45 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2014.10.27 16:25:45 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2014.10.27 16:25:43 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2014.10.27 16:25:43 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2014.10.27 16:25:42 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014.10.27 16:25:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2014.10.27 16:25:42 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014.10.27 16:25:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2014.10.27 16:25:41 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2014.10.27 16:25:41 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014.10.27 16:25:40 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014.10.27 16:25:40 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2014.10.27 16:25:39 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014.10.27 16:25:39 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2014.10.27 16:25:39 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014.10.27 16:25:39 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2014.10.27 16:25:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2014.10.27 16:25:38 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014.10.27 16:25:37 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2014.10.27 16:25:37 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2014.10.27 16:25:37 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2014.10.27 16:25:37 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2014.10.27 16:25:35 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2014.10.27 16:25:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2014.10.27 16:25:34 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2014.10.27 16:25:34 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2014.10.27 16:25:34 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2014.10.27 16:25:34 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2014.10.27 16:25:32 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2014.10.27 16:25:32 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2014.10.27 16:25:32 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2014.10.27 16:25:32 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2014.10.27 16:25:30 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2014.10.27 16:25:30 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2014.10.27 16:25:30 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2014.10.27 16:25:30 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2014.10.27 16:25:29 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2014.10.27 16:25:29 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2014.10.27 16:25:28 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2014.10.27 16:25:28 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2014.10.27 16:25:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2014.10.27 16:25:27 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2014.10.27 16:25:26 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2014.10.27 16:25:26 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2014.10.27 16:25:25 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2014.10.27 16:25:25 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2014.10.27 16:25:25 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2014.10.27 16:25:25 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2014.10.27 16:25:24 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2014.10.27 16:25:24 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2014.10.27 16:25:22 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014.10.27 16:25:22 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014.10.27 16:25:20 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014.10.27 16:25:20 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014.10.27 16:25:20 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014.10.27 16:25:20 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014.10.27 16:25:19 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014.10.27 16:25:19 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014.10.27 16:25:17 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014.10.27 16:25:17 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014.10.27 16:25:16 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014.10.27 16:25:16 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014.10.27 16:25:16 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014.10.27 16:25:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014.10.27 16:25:14 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014.10.27 16:25:14 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014.10.27 16:25:13 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014.10.27 16:25:13 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014.10.27 16:25:13 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014.10.27 16:25:13 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014.10.27 16:25:12 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014.10.27 16:25:12 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014.10.27 16:25:12 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014.10.27 16:25:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014.10.27 16:25:10 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014.10.27 16:25:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014.10.27 16:25:10 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014.10.27 16:25:10 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2014.10.27 16:25:08 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014.10.27 16:25:08 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014.10.27 16:25:07 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014.10.27 16:25:07 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014.10.27 16:25:07 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014.10.27 16:25:07 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014.10.27 16:25:05 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014.10.27 16:25:05 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014.10.27 16:25:04 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014.10.27 16:25:04 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014.10.27 16:25:03 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014.10.27 16:25:03 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014.10.27 16:25:02 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014.10.27 16:25:02 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014.10.27 16:25:00 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014.10.27 16:25:00 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014.10.27 16:25:00 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014.10.27 16:25:00 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014.10.27 16:24:59 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014.10.27 16:24:59 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014.10.27 16:24:58 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014.10.27 16:24:58 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014.10.27 16:24:57 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014.10.27 16:24:57 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014.10.27 16:24:56 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014.10.27 16:24:56 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014.10.27 16:24:55 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014.10.27 16:24:55 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014.10.27 16:24:54 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014.10.27 16:24:54 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014.10.27 16:24:51 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014.10.27 16:24:51 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014.10.27 16:24:49 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014.10.27 16:24:49 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014.10.27 16:24:49 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014.10.27 16:24:49 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014.10.27 16:24:48 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014.10.27 16:24:48 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014.10.27 16:24:45 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014.10.27 16:24:45 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014.10.27 16:24:44 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014.10.27 16:24:44 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014.10.27 16:24:42 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014.10.27 16:24:42 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014.10.27 16:24:41 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014.10.27 16:24:41 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014.10.27 16:24:40 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014.10.27 16:24:40 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014.10.27 16:22:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2014.10.27 15:25:50 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Related Programs
[2014.10.27 15:25:50 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
[2014.10.27 05:14:20 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014.10.26 23:26:39 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Local\Macromedia
[2014.10.26 23:25:47 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Local\Mozilla
[2014.10.26 23:25:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014.10.26 23:25:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014.10.26 23:15:37 | 000,000,000 | R--D | C] -- C:\Users\Veli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014.10.26 23:08:46 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Local\com
[2014.10.20 18:29:03 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Local\Deployment
[2014.10.20 18:29:03 | 000,000,000 | ---D | C] -- C:\Users\Veli\AppData\Local\Apps
========== Files - Modified Within 30 Days ==========
[2014.11.15 19:31:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.11.15 19:08:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.11.15 18:20:23 | 003,310,291 | ---- | M] () -- C:\Users\Veli\Desktop\Veli Yildiz - Ankaranin Baglari.wmv
[2014.11.15 18:19:04 | 000,008,704 | ---- | M] () -- C:\Users\Veli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.11.15 18:18:33 | 004,419,132 | ---- | M] () -- C:\Users\Veli\Desktop\My Video - 0152.avi
[2014.11.15 18:13:00 | 000,001,332 | ---- | M] () -- C:\Windows\tasks\HDONV.job
[2014.11.15 17:13:26 | 005,525,731 | ---- | M] () -- C:\Users\Veli\Desktop\Veli Yildiz - Misiri Kuruttun mi .mp3
[2014.11.15 16:28:11 | 000,001,330 | ---- | M] () -- C:\Windows\tasks\OOMF.job
[2014.11.15 14:58:35 | 005,782,825 | ---- | M] () -- C:\Users\Veli\Desktop\Veli Yildiz - Beyaz Giyme.wmv
[2014.11.15 14:41:00 | 000,001,330 | ---- | M] () -- C:\Windows\tasks\NFFE.job
[2014.11.15 12:12:01 | 000,001,332 | ---- | M] () -- C:\Windows\tasks\WKBYW.job
[2014.11.15 12:12:00 | 000,001,680 | ---- | M] () -- C:\Windows\tasks\MDDQNRB.job
[2014.11.15 10:04:06 | 018,518,704 | ---- | M] () -- C:\Users\Veli\Desktop\My Video - 0143.mp4
[2014.11.15 09:25:00 | 000,001,682 | ---- | M] () -- C:\Windows\tasks\MOAERKIO.job
[2014.11.15 09:04:41 | 000,001,290 | ---- | M] () -- C:\Users\Public\Desktop\NCH Suite.lnk
[2014.11.15 09:04:41 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\VideoPad Video Editor.lnk
[2014.11.15 04:52:29 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\spu_storage.bin
[2014.11.14 15:34:31 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.11.14 15:34:31 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.11.14 15:31:52 | 001,619,284 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.11.14 15:31:52 | 000,699,342 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.11.14 15:31:52 | 000,654,140 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.11.14 15:31:52 | 000,149,450 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.11.14 15:31:52 | 000,122,012 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.11.14 15:25:50 | 000,001,042 | ---- | M] () -- C:\Windows\SysWow64\bscs.ini
[2014.11.14 15:25:33 | 1328,304,127 | -HS- | M] () -- C:\hiberfil.sys
[2014.11.13 18:01:37 | 000,341,015 | ---- | M] () -- C:\Users\Veli\Desktop\FRST64.exe
[2014.11.13 15:01:44 | 000,276,326 | ---- | M] () -- C:\Users\Veli\Desktop\mt.jpg
[2014.11.13 01:38:15 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014.11.12 13:01:55 | 000,268,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.11.12 12:12:44 | 001,565,104 | ---- | M] () -- C:\Users\Veli\AppData\Roaming\WKBYW.exe
[2014.11.12 12:12:24 | 002,053,552 | ---- | M] () -- C:\Users\Veli\AppData\Roaming\MDDQNRB.exe
[2014.11.12 00:31:48 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.11.12 00:31:48 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.11.11 16:26:41 | 009,244,180 | ---- | M] () -- C:\Users\Veli\Desktop\ENCA - A PO TPELQEN (Official Video).mp3
[2014.11.07 15:05:35 | 053,612,300 | ---- | M] () -- C:\Users\Veli\Desktop\Veli Yildiz - Kurban Oldugum.avi
[2014.11.06 22:52:06 | 157,145,820 | ---- | M] () -- C:\Users\Veli\Documents\clip0054.avi
[2014.11.06 22:39:59 | 197,695,424 | ---- | M] () -- C:\Users\Veli\Documents\clip0053.avi
[2014.11.06 21:55:57 | 438,352,362 | ---- | M] () -- C:\Users\Veli\Documents\clip0052.avi
[2014.11.06 21:06:37 | 069,303,668 | ---- | M] () -- C:\Users\Veli\Desktop\Ölümsüz.avi
[2014.11.06 20:42:00 | 006,794,083 | ---- | M] () -- C:\Users\Veli\Desktop\My Video - 0127.mp3
[2014.11.06 20:13:39 | 005,185,891 | ---- | M] () -- C:\Users\Veli\Desktop\My Video - 0126.mp3
[2014.11.06 20:07:57 | 017,380,731 | ---- | M] () -- C:\Users\Veli\Desktop\My Video - 012609.mp4
[2014.11.06 05:03:50 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.11.06 04:47:03 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.11.06 04:46:12 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.11.06 04:46:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.11.06 04:44:28 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.11.06 04:35:59 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.11.06 04:31:48 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.11.06 04:30:22 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.11.06 04:30:08 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.11.06 04:29:18 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.11.06 04:23:57 | 006,040,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.11.06 04:20:18 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.11.06 04:16:23 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.11.06 04:13:36 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.11.06 04:12:44 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.11.06 04:10:58 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.11.06 04:07:29 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.11.06 04:03:56 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.11.06 04:02:05 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.11.06 04:00:56 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.11.06 04:00:51 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.11.06 03:59:36 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.11.06 03:58:38 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.11.06 03:57:38 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.11.06 03:42:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.11.06 03:41:26 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.11.06 03:41:26 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.11.06 03:39:39 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.11.06 03:38:25 | 002,124,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.11.06 03:37:58 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.11.06 03:36:47 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.11.06 03:21:25 | 002,051,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.11.06 03:20:37 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.11.06 02:53:19 | 000,799,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.11.06 02:47:17 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.11.05 23:08:10 | 2312,964,928 | ---- | M] () -- C:\Users\Veli\Documents\clip0051.avi
[2014.11.04 09:26:05 | 007,847,424 | ---- | M] () -- C:\Users\Veli\Documents\AUD-20141104-WA0004.mp3
[2014.11.04 09:07:39 | 003,991,751 | ---- | M] () -- C:\Users\Veli\Documents\AUD-20141101-WA0010.mp3
[2014.11.01 23:43:57 | 008,631,449 | ---- | M] () -- C:\Users\Veli\Desktop\123.wmv
[2014.11.01 12:49:19 | 005,194,531 | ---- | M] () -- C:\Users\Veli\Desktop\Veli Yildiz - Zarife.mp3
[2014.11.01 12:16:37 | 002,741,923 | ---- | M] () -- C:\Users\Veli\Desktop\Veli Yildiz - Zeyno.mp3
[2014.10.27 16:05:31 | 000,000,486 | RHS- | M] () -- C:\Users\Veli\ntuser.pol
[2014.10.27 16:02:43 | 000,031,848 | ---- | M] () -- C:\ProgramData\energy-report.html
[2014.10.26 23:08:07 | 000,009,879 | ---- | M] () -- C:\Windows\patsearch.bin
[2014.10.26 23:08:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstrNew_01009.Wdf
[2014.10.25 02:57:59 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014.10.25 02:32:37 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014.10.21 17:58:17 | 296,241,830 | ---- | M] () -- C:\Users\Veli\Documents\clip0050.avi
[2014.10.20 23:32:20 | 117,440,512 | ---- | M] () -- C:\Users\Veli\Documents\clip0048.avi
[2014.10.20 23:32:14 | 000,849,784 | ---- | M] () -- C:\Users\Veli\Documents\clip0049.avi
[2014.10.20 23:30:32 | 000,780,000 | ---- | M] () -- C:\Users\Veli\Documents\clip0048.avi.bak
[2014.10.20 23:29:53 | 020,545,580 | ---- | M] () -- C:\Users\Veli\Documents\clip0047.avi
[2014.10.20 23:29:04 | 007,827,996 | ---- | M] () -- C:\Users\Veli\Documents\clip0046.avi
[2014.10.20 23:28:13 | 008,460,452 | ---- | M] () -- C:\Users\Veli\Documents\clip0045.avi
[2014.10.20 23:26:50 | 000,015,580 | ---- | M] () -- C:\Users\Veli\Documents\clip0044.avi
[2014.10.19 21:15:22 | 467,001,832 | ---- | M] () -- C:\Users\Veli\Documents\clip0043.avi
[2014.10.18 03:05:23 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
========== Files Created - No Company Name ==========
[2014.11.15 18:19:48 | 003,310,291 | ---- | C] () -- C:\Users\Veli\Desktop\Veli Yildiz - Ankaranin Baglari.wmv
[2014.11.15 18:17:58 | 004,419,132 | ---- | C] () -- C:\Users\Veli\Desktop\My Video - 0152.avi
[2014.11.15 17:12:28 | 005,525,731 | ---- | C] () -- C:\Users\Veli\Desktop\Veli Yildiz - Misiri Kuruttun mi .mp3
[2014.11.15 14:57:13 | 005,782,825 | ---- | C] () -- C:\Users\Veli\Desktop\Veli Yildiz - Beyaz Giyme.wmv
[2014.11.15 10:00:15 | 018,518,704 | ---- | C] () -- C:\Users\Veli\Desktop\My Video - 0143.mp4
[2014.11.15 09:04:41 | 000,001,290 | ---- | C] () -- C:\Users\Public\Desktop\NCH Suite.lnk
[2014.11.15 09:04:41 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\VideoPad Video Editor.lnk
[2014.11.13 18:01:34 | 000,341,015 | ---- | C] () -- C:\Users\Veli\Desktop\FRST64.exe
[2014.11.13 15:01:44 | 000,276,326 | ---- | C] () -- C:\Users\Veli\Desktop\mt.jpg
[2014.11.13 01:38:15 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014.11.12 12:12:46 | 000,001,332 | ---- | C] () -- C:\Windows\tasks\WKBYW.job
[2014.11.12 12:12:44 | 001,565,104 | ---- | C] () -- C:\Users\Veli\AppData\Roaming\WKBYW.exe
[2014.11.12 12:12:25 | 000,001,680 | ---- | C] () -- C:\Windows\tasks\MDDQNRB.job
[2014.11.12 12:12:24 | 002,053,552 | ---- | C] () -- C:\Users\Veli\AppData\Roaming\MDDQNRB.exe
[2014.11.11 16:25:59 | 009,244,180 | ---- | C] () -- C:\Users\Veli\Desktop\ENCA - A PO TPELQEN (Official Video).mp3
[2014.11.07 15:03:10 | 053,612,300 | ---- | C] () -- C:\Users\Veli\Desktop\Veli Yildiz - Kurban Oldugum.avi
[2014.11.06 22:46:55 | 157,145,820 | ---- | C] () -- C:\Users\Veli\Documents\clip0054.avi
[2014.11.06 22:32:52 | 197,695,424 | ---- | C] () -- C:\Users\Veli\Documents\clip0053.avi
[2014.11.06 21:47:08 | 438,352,362 | ---- | C] () -- C:\Users\Veli\Documents\clip0052.avi
[2014.11.06 21:04:51 | 069,303,668 | ---- | C] () -- C:\Users\Veli\Desktop\Ölümsüz.avi
[2014.11.06 20:40:48 | 006,794,083 | ---- | C] () -- C:\Users\Veli\Desktop\My Video - 0127.mp3
[2014.11.06 20:12:41 | 005,185,891 | ---- | C] () -- C:\Users\Veli\Desktop\My Video - 0126.mp3
[2014.11.06 20:04:21 | 017,380,731 | ---- | C] () -- C:\Users\Veli\Desktop\My Video - 012609.mp4
[2014.11.05 21:40:09 | 2312,964,928 | ---- | C] () -- C:\Users\Veli\Documents\clip0051.avi
[2014.11.04 09:25:17 | 007,847,424 | ---- | C] () -- C:\Users\Veli\Documents\AUD-20141104-WA0004.mp3
[2014.11.04 09:07:15 | 003,991,751 | ---- | C] () -- C:\Users\Veli\Documents\AUD-20141101-WA0010.mp3
[2014.11.01 23:42:25 | 008,631,449 | ---- | C] () -- C:\Users\Veli\Desktop\123.wmv
[2014.11.01 12:48:17 | 005,194,531 | ---- | C] () -- C:\Users\Veli\Desktop\Veli Yildiz - Zarife.mp3
[2014.11.01 12:15:50 | 002,741,923 | ---- | C] () -- C:\Users\Veli\Desktop\Veli Yildiz - Zeyno.mp3
[2014.10.27 16:05:31 | 000,000,486 | RHS- | C] () -- C:\Users\Veli\ntuser.pol
[2014.10.27 16:02:43 | 000,031,848 | ---- | C] () -- C:\ProgramData\energy-report.html
[2014.10.27 05:14:21 | 000,001,425 | ---- | C] () -- C:\Users\Veli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014.10.26 23:25:41 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014.10.26 23:08:07 | 000,009,879 | ---- | C] () -- C:\Windows\patsearch.bin
[2014.10.26 23:08:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstrNew_01009.Wdf
[2014.10.21 17:49:35 | 296,241,830 | ---- | C] () -- C:\Users\Veli\Documents\clip0050.avi
[2014.10.20 23:32:13 | 000,849,784 | ---- | C] () -- C:\Users\Veli\Documents\clip0049.avi
[2014.10.20 23:30:32 | 117,440,512 | ---- | C] () -- C:\Users\Veli\Documents\clip0048.avi
[2014.10.20 23:30:32 | 000,780,000 | ---- | C] () -- C:\Users\Veli\Documents\clip0048.avi.bak
[2014.10.20 23:29:25 | 020,545,580 | ---- | C] () -- C:\Users\Veli\Documents\clip0047.avi
[2014.10.20 23:28:54 | 007,827,996 | ---- | C] () -- C:\Users\Veli\Documents\clip0046.avi
[2014.10.20 23:27:58 | 008,460,452 | ---- | C] () -- C:\Users\Veli\Documents\clip0045.avi
[2014.10.20 23:26:20 | 000,015,580 | ---- | C] () -- C:\Users\Veli\Documents\clip0044.avi
[2014.10.20 18:26:20 | 000,008,704 | ---- | C] () -- C:\Users\Veli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.10.19 20:52:01 | 467,001,832 | ---- | C] () -- C:\Users\Veli\Documents\clip0043.avi
[2014.10.13 03:29:00 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.INI
[2014.10.03 04:57:46 | 000,001,570 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2014.09.26 19:27:18 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2014.09.26 19:27:18 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2014.09.26 19:27:18 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2014.09.26 16:18:17 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2014.09.26 16:18:17 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2014.09.26 16:17:34 | 000,001,772 | ---- | C] () -- C:\ProgramData\cfSB1095A.ini
[2014.09.26 16:17:34 | 000,001,772 | ---- | C] () -- C:\ProgramData\cfSB1095.ini
[2014.09.26 14:36:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014.09.26 14:30:59 | 001,593,564 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.12.27 17:06:04 | 000,001,042 | ---- | C] () -- C:\Windows\SysWow64\bscs.ini
[2013.12.16 14:44:24 | 000,056,152 | ---- | C] () -- C:\Windows\SysWow64\BSSkypeAgent.dll
[2013.12.16 14:44:20 | 000,070,904 | ---- | C] () -- C:\Windows\SysWow64\BsProfileFunc.dll
[2013.12.16 14:44:06 | 000,360,184 | ---- | C] () -- C:\Windows\SysWow64\BsExtendFunc.dll
[2013.12.16 14:44:06 | 000,031,480 | ---- | C] () -- C:\Windows\SysWow64\BsHelpCSps.dll
[2013.12.16 14:44:02 | 000,641,784 | ---- | C] () -- C:\Windows\SysWow64\BlueSoleilCSps.dll
[2013.12.16 10:24:14 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\BsVistaCommon.dll
[2013.12.16 10:24:14 | 000,073,820 | ---- | C] () -- C:\Windows\SysWow64\BSVoIPComm.dll
[2013.12.16 10:24:14 | 000,049,664 | ---- | C] () -- C:\Windows\SysWow64\BSWMPPlugin.dll
[2013.12.16 10:24:14 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\SCChangeMonitor.dll
[2013.11.20 10:40:46 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.11.20 10:40:46 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.11.20 09:47:14 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.11.20 09:47:14 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.11.19 21:46:24 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >
--- --- ---
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 15.11.2014 20:11:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Veli\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,98 Gb Total Physical Memory | 4,35 Gb Available Physical Memory | 62,28% Memory free
13,96 Gb Paging File | 10,99 Gb Available in Paging File | 78,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 353,61 Gb Free Space | 75,94% Space Free | Partition Type: NTFS
Computer Name: VELI-PC | User Name: Veli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{005AC174-86CE-47D3-8DB1-E7A02A66500B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{083A2A27-97AB-4856-8CEE-83A0E19367B7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{098D6E2D-35A5-4FEB-9A59-D3D550A765DF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3026B551-D46F-40F6-9A35-1AD72AEC27CB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3361797D-C347-4F06-BD1B-C195539BF23A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{37CB8DFA-0988-4B93-BEE2-55D414797647}" = rport=137 | protocol=17 | dir=out | app=system |
"{427FFA52-9EF0-4DB4-BF8A-A7F462E24EBC}" = lport=445 | protocol=6 | dir=in | app=system |
"{53702A63-1AA2-469E-A6DA-53E17045520B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5F810BBE-9775-420C-9A43-104EA42B945A}" = rport=139 | protocol=6 | dir=out | app=system |
"{6FDEDB86-EB93-4947-ACF2-87084E601BAC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{73618648-F4AC-4669-8729-9998A31E686F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{91BF24FE-68C6-4610-9A46-6DCBDE754A17}" = lport=139 | protocol=6 | dir=in | app=system |
"{9B143125-F060-40D4-80E1-67552A31EC15}" = lport=137 | protocol=17 | dir=in | app=system |
"{A74B45E4-D1B4-4DCC-BFC8-F3CBA63125A3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A7DF8BB2-ECF8-4A57-A8F9-348B0EDA22E7}" = lport=138 | protocol=17 | dir=in | app=system |
"{B5B67B75-8861-4EE3-B1FE-9DBCCF5CD898}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BC309E0F-37F2-4412-B22F-C7F54A740276}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C3A871F7-9184-4288-8D23-2034BC96AFD8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D3F7A5EF-7661-4346-9CDF-98E19879C318}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE5AE493-CCC8-4FA6-9AFA-11FAABAAB4E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EFBBE00E-52DC-49C6-B6A3-15D77B2880D9}" = rport=138 | protocol=17 | dir=out | app=system |
"{F6319AD5-2787-45FD-ACB9-23162BBEAB7D}" = rport=445 | protocol=6 | dir=out | app=system |
"{F7BCFB3A-C604-4F35-A719-B9FB700C7155}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A60068B-C9DA-4DA2-B8C3-EE5B7169E8FA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{2AA40FDD-E44B-4A24-B477-00749AB8AA09}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2FD5E0C5-EB60-4582-932A-AD914CC37A61}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4BB70842-85F7-485D-9FCD-E1494F3D3E86}" = protocol=6 | dir=out | app=system |
"{5CF52012-9AC8-40BD-BE93-483D60144296}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6B924506-9A34-4B3B-BA95-533A8C0BC703}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7D013FCD-E593-4810-8E5F-F24B766D2A4F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7D619549-BC4F-423D-A3E1-34C030A0CBCB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8374BDBE-0237-4D17-A85B-D24C9F1D0AA6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83F08D1A-1D54-46F4-A43F-073A3D94B022}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{96EDE6FC-169A-43A8-906E-A60FBA7A97F4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9ED20B4E-AD04-48E0-B341-42383D4E42D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A39E670C-EF4E-4208-AF93-0D5AD3CF02F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A76B200A-7A93-47E4-82F4-316200C08E53}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{AB530C45-7CCA-43C5-9606-6D8C8BACD6CA}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{AB865C7F-CF06-4AB9-85BA-2ECF7F53D7C3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{AB9ACF50-46D1-4A42-9CB6-C29CFC884344}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B49FF2CB-6EC3-49C2-9F3C-C1E5AC7579BC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B52D4EC6-2F27-40BB-8304-2ECEFD95BE8F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B5D52AF8-0DF4-4BEB-964D-F4492C18CEAF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C16DD605-1CA5-4055-860F-CD26D7A9A62C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{C5A6578A-1B48-4A4F-9067-4D770F5EE4E0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D24608BA-9367-4BDD-997D-E3F41AA14BBA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D2DA4147-7794-4D45-B191-487321E306EC}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{DA9B1FA1-05FD-454F-8048-10DBE90F25EE}" = dir=in | app=c:\users\veli\appdata\local\microsoft\skydrive\skydrive.exe |
"{E19CA684-543F-4602-9884-88D17EEF76E3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ED2360A9-E2FD-488C-B12B-406CD4760CB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F5042514-31CE-4857-8763-7AA343C5887D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{5F78EEAE-4D0C-46E1-8CD6-73C2EFD15B85}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{BA265FF5-13D0-4F2A-8490-EED0D583A908}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0968D474-0C7D-6840-B457-8D430DBC28D1}" = AMD Media Foundation Decoders
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{25058321-C33E-496B-8915-6FD64D362CAF}" = Windows Live MIME IFilter
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{37ED2328-4288-6720-9D34-ECD5709B4F21}" = AMD Catalyst Install Manager
"{59C73558-1C0F-0804-850C-89E987372448}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{723AEA0A-E9CF-44F7-AFE4-0617E8D4755A}" = AMD Steady Video Plug-In
"{75B629B2-E7D8-4B4B-87F8-97F8C8031A61}" = AMD USB 3.0 Device Detector
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{81F51D39-A2CE-CBB9-C4DF-978216C059C3}" = AMD Fuel
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{B346BD6C-AE56-7DD3-175C-2374C7113BCB}" = Ralink Bluetooth Stack
"{B77B5570-E543-C5FF-A71E-2039212B0481}" = AMD Accelerated Video Transcoding
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{CB3CA48C-95CB-412B-B7AE-6F2EA8F89907}" = Windows Live Family Safety
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}" = WinZip 18.5
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{0244B1B8-DAC5-CDBC-69CE-72D114560358}" = CCC Help German
"{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}" = Windows Live Writer
"{05EEA334-430E-60D3-882E-DA15FC16D92D}" = CCC Help Chinese Traditional
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{09CE4A96-6B06-37E7-70CD-E7B06C4E5CA2}" = CCC Help Finnish
"{0A9DA353-D0CD-4922-A54B-2F5F4EC90986}" = Sound Blaster X-Fi Surround 5.1 Pro
"{0AFB35F6-7D55-45DE-AFD7-7819CD332EC2}" = Windows Live Family Safety
"{0BE9E708-5DC0-4963-9CFD-0AA519090E79}" = Junk Mail filter update
"{0CAD435C-ADF4-494A-98EA-9035DB6C0021}" = Windows Live Mail
"{10267977-5258-48A2-A458-D379CB624E28}" = Windows Live Temel Parçalar
"{13F09B7A-9E14-A91B-FFF5-C9A5795D586E}" = Catalyst Control Center InstallProxy
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{168F4C3E-1353-9D9F-62C9-83A1FDA10BCF}" = CCC Help Spanish
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.21
"{264DF1E7-8292-D6A1-7A46-C351F9942FB0}" = CCC Help Norwegian
"{296B992A-D3F5-4BD5-9B4F-D02718242742}" = Photo Common
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{3B550291-6E59-0428-6A26-2137460D2CAF}" = Catalyst Control Center Graphics Previews Common
"{3CB8F8BC-6E96-7D8D-4EAE-93B5CC8E21B0}" = CCC Help Polish
"{41BF4A3B-D60A-4E92-883F-C88C8C157261}" = Fotogalerie
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{4BE2B6FA-F7C5-43FC-8DFA-89DE665E8331}" = Windows Live Writer Resources
"{4CFCE4EB-6D55-D60B-FDC4-922470E12E5C}" = CCC Help Czech
"{4D961BA7-561E-23D5-2232-40805145BD51}" = CCC Help Portuguese
"{56258879-08A1-EE67-2F7C-4330A1D8F3B2}" = Catalyst Control Center Localization All
"{564AFAEB-3112-9667-9BB0-CA9EB111BDAE}" = AMD Catalyst Control Center
"{5B3D4718-9146-45CB-8989-C4E87B239B3A}" = Movie Maker
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{66233218-CA57-4AB2-BA43-A97AA4635960}" = Windows Live Essentials
"{672D5258-85EC-43D1-CEDA-54A6028BC78C}" = CCC Help Dutch
"{6CA01B12-D075-7FC1-9239-13866DCA29C9}" = CCC Help Turkish
"{70C91B91-61E8-4D06-86D6-A9DCC291983A}" = Movie Maker
"{714E162E-CD4F-4F1B-8302-7F5179409C25}" = Windows Live Writer
"{87DABDEA-47A4-4182-AA7C-2C90DAAE3117}" = Photo Common
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F46BFB2-11A5-4878-806A-87E5CA3C267A}_is1" = SpeakyChat LB version 2,0,13,2
"{91501232-DF01-4BE6-7304-D8809C4931B3}" = CCC Help French
"{955E4722-1480-4198-A144-65FA5F4446DA}" = Windows Live Writer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E2C9451-2781-46F1-5835-3A2F5E5060E9}" = CCC Help Hungarian
"{A2A44677-81A7-4AAF-BCF2-B8A6F2F2DE9B}" = Windows Live Writer
"{A64E2AC8-01EB-4991-092E-CF51158EE056}" = CCC Help Swedish
"{A951D5DA-4759-4C3B-9C36-C6BF30082A2F}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Deutsch
"{AE89E8D3-3356-D02C-7E8E-F5C391381565}" = CCC Help Danish
"{B23EE11C-66FA-4395-AB02-5F7103DC485C}" = Windows Live Messenger
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B2EBC3B0-4BF4-1331-21B3-F755FA96EF2E}" = CCC Help Korean
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}" = Fotoğraf Galerisi
"{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}" = Windows Live Mail
"{B8F42F14-57DE-4429-9D76-81945CCF7370}" = Windows Live UX Platform Language Pack
"{C4A0A4AA-753D-8386-6D84-1CDABC79EB9F}" = CCC Help Chinese Standard
"{C576844D-B47A-2B8C-A9C9-E16ADE59DADB}" = CCC Help Japanese
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{CF8FE430-E0A3-45A7-978A-FC615B812B1B}" = Windows Live Messenger
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D3C49D06-7FA6-CE04-A17A-2074E314DBB6}" = Catalyst Control Center - Branding
"{DCF65E37-4D77-33EC-8A10-79AFC53486F0}" = CCC Help Italian
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{DE3725FB-396F-442F-9100-CD3921374A6A}" = Windows Live Family Safety
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E6357AC0-7890-94F4-9BDC-06B0AF36A43A}" = CCC Help Thai
"{E703613B-BDAB-433E-A66A-DE0263E3D35D}" = Windows Live Messenger
"{E94CE863-3CB4-55B2-B4A3-653108DF2AA8}" = CCC Help Greek
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F36CB2DB-6953-1136-F27E-53F9FBBA13CD}" = CCC Help English
"{F613E36D-147D-6520-79E1-07D0BC258F29}" = CCC Help Russian
"{F7232FE1-BC35-4229-8D76-D49941FE9929}" = Windows Live Mail
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FC071B45-4A5F-408F-92F8-4D9D693E866F}" = Windows Live UX Platform Language Pack
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Creative_ASIO(USB)" = Creative ASIO (USB)
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"Free YouTube Download_is1" = Free YouTube Download version 3.2.44.922
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.44.922
"Freemake Video Converter_is1" = Freemake Video Converter Version 4.1.5
"HyperCam 2" = HyperCam 2
"Mozilla Firefox 33.1 (x86 de)" = Mozilla Firefox 33.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PhotoScape" = PhotoScape
"SopCast" = SopCast 3.8.3
"SpeakyChat" = SpeakyChat-VoiceChat
"SysInfo" = Creative Systeminformationen
"TeamViewer 9" = TeamViewer 9
"VideoPad" = VideoPad Video Editor
"WaveStudio 7" = Creative WaveStudio 7
"WinLiveSuite" = Windows Live Temel Parçalar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.11.2014 09:05:10 | Computer Name = Veli-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Veli\Downloads\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 12.11.2014 09:05:15 | Computer Name = Veli-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Veli\Downloads\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 13.11.2014 10:32:32 | Computer Name = Veli-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Ralink Corporation\Ralink Bluetooth Stack\BsSMSEditor.exe". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 13.11.2014 10:33:22 | Computer Name = Veli-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 14.11.2014 13:28:46 | Computer Name = Veli-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Ralink Corporation\Ralink Bluetooth Stack\BsSMSEditor.exe". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 14.11.2014 13:29:37 | Computer Name = Veli-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 14.11.2014 17:51:28 | Computer Name = Veli-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Ralink Corporation\Ralink Bluetooth Stack\BsSMSEditor.exe". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 14.11.2014 17:51:41 | Computer Name = Veli-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 15.11.2014 06:51:27 | Computer Name = Veli-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Ralink Corporation\Ralink Bluetooth Stack\BsSMSEditor.exe". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 15.11.2014 07:04:56 | Computer Name = Veli-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
[ System Events ]
Error - 14.11.2014 10:24:45 | Computer Name = Veli-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "GammaRootStart.exe" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 14.11.2014 10:24:45 | Computer Name = Veli-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet.
Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000
Millisekunden durchgeführt: Neustart des Diensts.
Error - 14.11.2014 10:24:45 | Computer Name = Veli-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "ZAtheros Bt and Wlan Coex Agent" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 14.11.2014 10:24:45 | Computer Name = Veli-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "BsHelpCS" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.
Error - 14.11.2014 10:24:45 | Computer Name = Veli-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 14.11.2014 10:24:45 | Computer Name = Veli-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet
beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden
in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error - 14.11.2014 10:24:45 | Computer Name = Veli-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "GammaGUIMBR" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 14.11.2014 10:27:18 | Computer Name = Veli-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "GammaRootStart.exe" wurde nicht richtig gestartet.
Error - 15.11.2014 11:38:28 | Computer Name = Veli-PC | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.187.2193.0 Aktualisierungsquelle:
%%859 Aktualisierungsphase: %%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp:
%%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion:
Vorherige Modulversion: 1.1.11104.0 Fehlercode: 0x80072f8f Fehlerbeschreibung: Es
ist ein Sicherheitsfehler aufgetreten.
Error - 15.11.2014 11:38:28 | Computer Name = Veli-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 70. Der interne Fehlerstatus
lautet: 105.
< End of report >
--- --- --- |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
