| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: [Win 8.1] Festplatte C: verliert freien SpeicherplatzWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.03.2014, 21:43
| #1 |
| | ![[Win 8.1] Festplatte C: verliert freien Speicherplatz - Standard](images/icons/icon1.gif){kind=icon} [Win 8.1] Festplatte C: verliert freien Speicherplatz Hallo, Mir ist heute aufgefallen, dass meine C: - Platte kontinuierlich Speicherplatz verliert und wieder dazugewinnt. Angefangen hat es mit ~2GB Restspeicher, der hat sich dann auf bis zu 600MB verringert bis die Platte dann voll lief. Dann wurde sie wieder 'leerer' und füllte sich wieder - ohne, dass ich etwas getan habe. Mei (bezahltes) Kaspersky Internet Security hat nichts gefunden. Anbei poste ich die Logfiles, die ich laut eurer Anleitung gemacht habe: Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:14 on 15/03/2014 (marDin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by marDin (administrator) on MARDINS_MACHINE on 15-03-2014 21:15:24
Running from C:\Users\marDin\Desktop
Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Realtek) C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtWlan.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CMedia) C:\Program Files\ASUS Xonar DGX Audio\Customapp\ASUSAUDIOCENTER.EXE
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Flux Software LLC) C:\Users\marDin\AppData\Local\FluxSoftware\Flux\flux.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Dropbox, Inc.) C:\Users\marDin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Corsair Components Inc) C:\Program Files (x86)\Corsair\Corsair Headset Software\HeadsetControlPanel.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) E:\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\WINDOWS\system32\wwahost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Cmaudio8788] - C:\WINDOWS\Syswow64\cmicnfgp.dll [12935168 2012-11-20] (C-Media Corporation)
HKLM\...\Run: [Cmaudio8788GX] - C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] - C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Corsair Headset Software] - C:\Program Files (x86)\Corsair\Corsair Headset Software\HeadsetControlPanel.exe [3161088 2013-08-16] (Corsair Components Inc)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - E:\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-2736238369-3271077903-3660546878-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1823424 2014-03-11] (Valve Corporation)
HKU\S-1-5-21-2736238369-3271077903-3660546878-1001\...\Run: [uTorrent] - C:\Users\marDin\AppData\Roaming\uTorrent\uTorrent.exe [802136 2013-06-07] (BitTorrent Inc.)
HKU\S-1-5-21-2736238369-3271077903-3660546878-1001\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-2736238369-3271077903-3660546878-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2736238369-3271077903-3660546878-1001\...\Run: [f.lux] - C:\Users\marDin\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2736238369-3271077903-3660546878-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2736238369-3271077903-3660546878-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2736238369-3271077903-3660546878-1001\...\MountPoints2: {48d8c1b2-e289-11e2-bec6-806e6f6e6963} - "G:\MMMTest.EXE"
Startup: C:\Users\marDin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\marDin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\marDin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Steam.lnk
ShortcutTarget: Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Startup: C:\Users\marDin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamSpeak 3 Client.lnk
ShortcutTarget: TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x597162A80334CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT,de;q=0.8,en-US;q=0.5,en;q=0.3
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
FireFox:
========
FF ProfilePath: C:\Users\marDin\AppData\Roaming\Mozilla\Firefox\C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-2736238369-3271077903-3660546878-1001\FireFox
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\marDin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-09-14]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-09-14]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-09-14]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-09-14]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-09-14]
==================== Services (Whitelisted) =================
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-02] (Kaspersky Lab ZAO)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 Realtek11nSU; C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtlService.exe [36864 2010-04-16] (Realtek)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-Media Inc)
R3 CorsairAudioFilter; C:\Windows\system32\DRIVERS\corsveng2kamd64.sys [101376 2013-07-30] (Corsair)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-07] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2013-12-20] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-02-18] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [624224 2014-02-18] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-02] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [64608 2013-05-07] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2013-12-20] (Kaspersky Lab ZAO)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-31] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PCASp50; C:\Windows\System32\Drivers\PCASp50.sys [45752 2009-10-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\marDin\AppData\Local\Temp\ALSysIO64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-15 21:15 - 2014-03-15 21:15 - 00023318 _____ () C:\Users\marDin\Desktop\FRST.txt
2014-03-15 21:15 - 2014-03-15 21:15 - 00000000 ____D () C:\FRST
2014-03-15 21:14 - 2014-03-15 21:14 - 02157056 _____ (Farbar) C:\Users\marDin\Desktop\FRST64.exe
2014-03-15 21:14 - 2014-03-15 21:14 - 00380416 _____ () C:\Users\marDin\Desktop\Gmer-19357.exe
2014-03-15 21:14 - 2014-03-15 21:14 - 00000474 _____ () C:\Users\marDin\Desktop\defogger_disable.log
2014-03-15 21:14 - 2014-03-15 21:14 - 00000000 _____ () C:\Users\marDin\defogger_reenable
2014-03-15 21:13 - 2014-03-15 21:13 - 00050477 _____ () C:\Users\marDin\Desktop\Defogger.exe
2014-03-15 16:19 - 2014-03-15 16:19 - 00000000 __RDO () C:\Users\marDin\SkyDrive
2014-03-15 15:50 - 2014-03-15 15:50 - 00000000 _____ () C:\WINDOWS\SysWOW64\ꧣ鲁뷦꞉뗦ꒅ藦鲭跧낕跧ꮥ냦ꆉ藦뚁郣꺀胣鲑釧ꆱ뷦꒕闦뎽맦뚕釧꾉맢ꒅ
2014-03-15 15:41 - 2014-03-15 15:47 - 01540096 _____ () C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
2014-03-13 10:25 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-13 10:25 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-13 10:25 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-13 10:25 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-13 10:25 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-13 10:25 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-13 10:25 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-13 10:25 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-13 10:25 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-13 10:25 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-13 10:24 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-13 10:24 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-13 10:24 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-13 10:24 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-13 10:24 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-13 10:24 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-13 10:24 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-13 10:24 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-13 10:24 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-13 10:24 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-13 10:24 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-13 10:24 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-13 10:24 - 2014-01-31 17:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-13 10:24 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-13 10:24 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-13 10:24 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-13 10:24 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-13 10:24 - 2014-01-29 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-13 10:24 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-13 10:24 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-13 10:24 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-13 10:24 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-13 10:24 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-13 10:24 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-13 10:24 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-13 10:24 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-13 10:24 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-13 10:24 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-13 10:24 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-13 10:24 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-13 10:24 - 2014-01-27 19:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-13 10:24 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-13 10:24 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-13 10:24 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-13 10:24 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-13 10:24 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-13 10:24 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-13 10:24 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-13 10:24 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-13 10:24 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-13 10:24 - 2014-01-27 12:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-13 10:24 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-13 10:24 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-13 10:24 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-13 10:24 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-13 10:24 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-13 10:24 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-13 10:24 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-12 22:40 - 2014-03-12 22:40 - 07526118 _____ () C:\Users\marDin\Downloads\CubeWars.7z
2014-03-12 22:40 - 2014-03-12 22:40 - 00000000 ____D () C:\Users\marDin\Downloads\CubeWars
2014-03-08 18:21 - 2014-03-08 18:21 - 00000000 ____D () C:\Users\marDin\Documents\ANNO 2070
2014-03-08 18:16 - 2014-03-08 18:16 - 00000000 ____D () C:\ProgramData\Solidshield
2014-03-08 18:15 - 2014-03-08 18:15 - 00000000 ____D () C:\Users\marDin\AppData\Roaming\Ubisoft
2014-03-06 21:02 - 2014-03-06 21:02 - 00519502 _____ () C:\Users\marDin\Desktop\2014-03-06.MVP
2014-03-03 16:12 - 2014-03-03 16:12 - 00263276 _____ () C:\Users\marDin\Desktop\bbgsetup.exe
2014-03-03 16:12 - 2014-03-03 16:12 - 00000805 _____ () C:\Users\marDin\Desktop\Bridge Building Game.lnk
2014-03-03 16:12 - 2014-03-03 16:12 - 00000805 _____ () C:\Users\Administrator\Desktop\Bridge Building Game.lnk
2014-03-03 16:12 - 2014-03-03 16:12 - 00000000 ____D () C:\Users\marDin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bridge Building Game
2014-02-28 18:02 - 2014-02-28 18:02 - 00000000 ____D () C:\Users\marDin\Desktop\Gothic_fullscreen_border
2014-02-28 18:02 - 2014-02-28 18:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Compatibility Toolkit
2014-02-28 18:01 - 2014-02-28 18:01 - 12812600 _____ (Microsoft Corporation) C:\Users\marDin\Desktop\ApplicationCompatibilityToolkitSetup.exe
2014-02-28 18:00 - 2014-02-28 18:00 - 00001842 _____ () C:\Users\marDin\Desktop\Gothic_fullscreen_border.zip
2014-02-28 17:12 - 2014-02-28 17:12 - 00001458 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-28 17:12 - 2014-02-28 17:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-28 17:12 - 2014-02-28 17:12 - 00000000 ____D () C:\Program Files\iTunes
2014-02-28 17:12 - 2014-02-28 17:12 - 00000000 ____D () C:\Program Files\iPod
2014-02-28 17:11 - 2014-02-28 17:11 - 00001857 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-02-28 17:11 - 2014-02-28 17:11 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-28 16:57 - 2014-02-28 16:57 - 00008192 _____ () C:\WINDOWS\d3dx.dat
2014-02-25 21:53 - 2014-02-25 21:53 - 00000000 ____D () C:\Users\marDin\AppData\Local\My Games
2014-02-24 00:15 - 2014-02-24 00:15 - 00094899 _____ () C:\Users\marDin\Desktop\SpeedAutoClicker.zip
2014-02-24 00:15 - 2014-02-24 00:15 - 00000000 ____D () C:\Users\marDin\Desktop\SpeedAutoClicker
2014-02-23 12:49 - 2014-02-23 12:49 - 00327232 _____ () C:\WINDOWS\Minidump\022314-9203-01.dmp
2014-02-22 17:23 - 2014-02-22 17:23 - 00000000 ____D () C:\Users\marDin\Intel
2014-02-22 17:10 - 2014-02-22 17:10 - 00000983 _____ () C:\Users\Public\Desktop\DriverEasy.lnk
2014-02-22 14:57 - 2014-03-10 19:13 - 00032256 _____ () C:\Users\marDin\Desktop\FINANZEN.XLS
2014-02-21 22:31 - 2014-02-21 22:31 - 00000000 _____ () C:\Users\marDin\Desktop\Neues Textdokument (2).txt
2014-02-21 20:06 - 2014-02-21 20:06 - 00000000 ____D () C:\Users\marDin\Documents\Benutzerdefinierte Office-Vorlagen
2014-02-21 18:48 - 2014-02-21 18:48 - 00000000 ____D () C:\Users\Public\Documents\Ghost Master
2014-02-21 10:56 - 2014-02-21 10:56 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-02-21 10:53 - 2014-02-21 10:53 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-21 10:51 - 2014-02-21 10:51 - 00803520 _____ (Microsoft Corporation) C:\Users\marDin\Desktop\Setup.X64.de-de_O365ProPlusRetail_573eaa72-bc7c-48fb-a24c-d06fdbab8c45_TX_PR_.exe
2014-02-21 10:51 - 2014-02-21 10:51 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-02-21 09:48 - 2014-02-21 13:22 - 00061575 _____ () C:\Users\marDin\Desktop\Gamescom 2014.xlsx
2014-02-21 08:39 - 2014-02-21 08:39 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-02-20 16:37 - 2014-02-20 16:37 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-02-19 02:34 - 2014-02-19 02:35 - 00000000 ____D () C:\Users\marDin\AppData\Roaming\steamvr
2014-02-18 22:26 - 2014-02-18 22:26 - 00002153 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-02-18 22:26 - 2014-02-08 17:18 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-02-18 22:23 - 2014-02-08 19:34 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 23683360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 12324640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-02-18 22:23 - 2014-02-08 19:34 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 03142432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 02956576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 02782496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 02410784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00892192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00875296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00863520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00844576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00832424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00483104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00408352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00378656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00333600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00174296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-02-18 22:23 - 2014-02-08 19:34 - 00148528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-02-18 21:20 - 2014-02-18 21:20 - 02121554 _____ () C:\Users\marDin\Desktop\launcher^FTB_Launcher.exe
2014-02-18 18:18 - 2014-02-18 18:19 - 287999360 _____ () C:\Users\marDin\Desktop\civv_ost_mp3_1390441491.zip
2014-02-18 18:18 - 2014-02-18 18:18 - 10920012 _____ () C:\Users\marDin\Desktop\babayetu_mp3_1392077471.zip
2014-02-16 12:38 - 2014-02-22 15:32 - 00061420 _____ () C:\Users\marDin\Downloads\Gamescom 2014.xlsx
2014-02-15 22:34 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-15 22:34 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-15 22:34 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-15 22:34 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-15 22:34 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-15 22:34 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-15 22:34 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-15 22:34 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-15 22:34 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-15 22:34 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-15 22:34 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-15 22:34 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-15 22:34 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-15 22:34 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-15 22:34 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-15 22:34 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-15 22:34 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-15 22:34 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-15 22:34 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-15 22:34 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-15 22:34 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-15 22:34 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-15 22:34 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-15 22:34 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-15 22:34 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-15 22:34 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-15 22:34 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-15 22:34 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-15 22:34 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-15 22:34 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-15 22:34 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-15 22:34 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-15 22:34 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-15 22:34 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-15 22:34 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-15 22:34 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-15 22:34 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-15 22:34 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-15 22:34 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-15 22:34 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-15 22:34 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-15 22:34 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-15 22:34 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-15 22:34 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-15 22:34 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-15 22:34 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-15 17:37 - 2014-02-16 23:02 - 00000000 ____D () C:\Users\marDin\AppData\Roaming\ftblauncher
2014-02-15 13:46 - 2014-02-15 13:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 23:47 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 23:47 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 23:47 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 23:47 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 23:47 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 23:47 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 23:46 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 23:46 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 23:46 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 23:46 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 23:46 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 23:46 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 23:46 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 23:46 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 23:46 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 23:46 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 23:46 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 23:46 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 23:46 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 23:46 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 23:46 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 23:46 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 23:46 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 23:46 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 23:46 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 23:46 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 23:46 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 23:46 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 23:46 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 23:46 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 23:46 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 23:46 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 23:46 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 23:46 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 23:46 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 23:46 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 23:46 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 23:46 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 23:46 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 23:46 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 23:46 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-13 23:46 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 23:46 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-13 23:46 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 23:46 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 23:45 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 23:45 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-13 23:45 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 23:45 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 23:45 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 23:45 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 23:45 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-13 23:45 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-13 23:45 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
==================== One Month Modified Files and Folders =======
2014-03-15 21:15 - 2014-03-15 21:15 - 00023318 _____ () C:\Users\marDin\Desktop\FRST.txt
2014-03-15 21:15 - 2014-03-15 21:15 - 00000000 ____D () C:\FRST
2014-03-15 21:14 - 2014-03-15 21:14 - 02157056 _____ (Farbar) C:\Users\marDin\Desktop\FRST64.exe
2014-03-15 21:14 - 2014-03-15 21:14 - 00380416 _____ () C:\Users\marDin\Desktop\Gmer-19357.exe
2014-03-15 21:14 - 2014-03-15 21:14 - 00000474 _____ () C:\Users\marDin\Desktop\defogger_disable.log
2014-03-15 21:14 - 2014-03-15 21:14 - 00000000 _____ () C:\Users\marDin\defogger_reenable
2014-03-15 21:14 - 2013-10-24 14:01 - 00000000 ____D () C:\Users\marDin
2014-03-15 21:13 - 2014-03-15 21:13 - 00050477 _____ () C:\Users\marDin\Desktop\Defogger.exe
2014-03-15 21:07 - 2013-09-14 08:40 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-15 21:04 - 2013-03-03 03:43 - 00000000 ____D () C:\Users\marDin\AppData\Roaming\Dropbox
2014-03-15 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-15 20:59 - 2013-03-03 07:30 - 00000000 ____D () C:\Users\marDin\AppData\Roaming\TS3Client
2014-03-15 20:23 - 2013-09-02 21:21 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-15 19:29 - 2013-10-24 13:58 - 01679314 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-15 17:35 - 2013-10-24 13:59 - 00083700 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-03-15 17:23 - 2013-03-04 15:29 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-03-15 16:25 - 2013-09-30 05:14 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-15 16:25 - 2013-09-30 04:56 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-15 16:25 - 2013-09-30 04:56 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-15 16:19 - 2014-03-15 16:19 - 00000000 __RDO () C:\Users\marDin\SkyDrive
2014-03-15 16:19 - 2013-11-06 06:43 - 00000000 __RDO () C:\Users\marDin\SkyDrive (2).old
2014-03-15 16:19 - 2013-03-03 01:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-15 16:18 - 2013-10-28 16:45 - 00009802 _____ () C:\WINDOWS\setupact.log
2014-03-15 16:18 - 2013-10-24 13:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-15 16:18 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-15 15:50 - 2014-03-15 15:50 - 00000000 _____ () C:\WINDOWS\SysWOW64\ꧣ鲁뷦꞉뗦ꒅ藦鲭跧낕跧ꮥ냦ꆉ藦뚁郣꺀胣鲑釧ꆱ뷦꒕闦뎽맦뚕釧꾉맢ꒅ
2014-03-15 15:47 - 2014-03-15 15:41 - 01540096 _____ () C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
2014-03-15 15:35 - 2013-12-16 19:44 - 00000000 ____D () C:\Users\marDin\AppData\Local\Battle.net
2014-03-15 15:05 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-14 18:47 - 2013-03-09 18:38 - 00000000 ____D () C:\Users\marDin\AppData\Local\Paint.NET
2014-03-14 18:13 - 2013-10-17 19:06 - 00702464 ___SH () C:\Users\marDin\Desktop\Thumbs.db
2014-03-14 16:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-14 15:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-14 15:44 - 2013-03-03 05:36 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2736238369-3271077903-3660546878-1001
2014-03-14 13:38 - 2013-03-03 07:30 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-14 13:32 - 2013-08-22 15:44 - 00647600 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-14 13:32 - 2013-03-12 19:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 13:32 - 2013-03-12 19:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 20:23 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 20:23 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 20:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-13 20:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-12 22:42 - 2013-10-19 21:59 - 00225280 ___SH () C:\Users\marDin\Downloads\Thumbs.db
2014-03-12 22:40 - 2014-03-12 22:40 - 07526118 _____ () C:\Users\marDin\Downloads\CubeWars.7z
2014-03-12 22:40 - 2014-03-12 22:40 - 00000000 ____D () C:\Users\marDin\Downloads\CubeWars
2014-03-11 19:23 - 2013-09-02 21:21 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-10 19:13 - 2014-02-22 14:57 - 00032256 _____ () C:\Users\marDin\Desktop\FINANZEN.XLS
2014-03-08 18:21 - 2014-03-08 18:21 - 00000000 ____D () C:\Users\marDin\Documents\ANNO 2070
2014-03-08 18:16 - 2014-03-08 18:16 - 00000000 ____D () C:\ProgramData\Solidshield
2014-03-08 18:15 - 2014-03-08 18:15 - 00000000 ____D () C:\Users\marDin\AppData\Roaming\Ubisoft
2014-03-08 18:15 - 2013-10-21 22:27 - 00343790 _____ () C:\WINDOWS\Directx.log
2014-03-06 21:02 - 2014-03-06 21:02 - 00519502 _____ () C:\Users\marDin\Desktop\2014-03-06.MVP
2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-03 16:12 - 2014-03-03 16:12 - 00263276 _____ () C:\Users\marDin\Desktop\bbgsetup.exe
2014-03-03 16:12 - 2014-03-03 16:12 - 00000805 _____ () C:\Users\marDin\Desktop\Bridge Building Game.lnk
2014-03-03 16:12 - 2014-03-03 16:12 - 00000805 _____ () C:\Users\Administrator\Desktop\Bridge Building Game.lnk
2014-03-03 16:12 - 2014-03-03 16:12 - 00000000 ____D () C:\Users\marDin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bridge Building Game
2014-03-03 16:12 - 2013-03-03 07:40 - 00000000 ____D () C:\Spiele
2014-03-01 07:05 - 2014-03-13 10:25 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 05:58 - 2014-03-13 10:25 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 05:30 - 2014-03-13 10:25 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-01 05:17 - 2014-03-13 10:25 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 04:54 - 2014-03-13 10:24 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 04:47 - 2014-03-13 10:25 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-01 04:42 - 2014-03-13 10:24 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 04:18 - 2014-03-13 10:25 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 04:14 - 2014-03-13 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 10:24 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-01 03:57 - 2014-03-13 10:25 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 10:24 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 10:24 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 10:24 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 10:24 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 10:24 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-28 18:02 - 2014-02-28 18:02 - 00000000 ____D () C:\Users\marDin\Desktop\Gothic_fullscreen_border
2014-02-28 18:02 - 2014-02-28 18:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Compatibility Toolkit
2014-02-28 18:01 - 2014-02-28 18:01 - 12812600 _____ (Microsoft Corporation) C:\Users\marDin\Desktop\ApplicationCompatibilityToolkitSetup.exe
2014-02-28 18:00 - 2014-02-28 18:00 - 00001842 _____ () C:\Users\marDin\Desktop\Gothic_fullscreen_border.zip
2014-02-28 17:12 - 2014-02-28 17:12 - 00001458 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-28 17:12 - 2014-02-28 17:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-28 17:12 - 2014-02-28 17:12 - 00000000 ____D () C:\Program Files\iTunes
2014-02-28 17:12 - 2014-02-28 17:12 - 00000000 ____D () C:\Program Files\iPod
2014-02-28 17:11 - 2014-02-28 17:11 - 00001857 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-02-28 17:11 - 2014-02-28 17:11 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-28 16:57 - 2014-02-28 16:57 - 00008192 _____ () C:\WINDOWS\d3dx.dat
2014-02-28 16:56 - 2013-03-03 05:31 - 00000000 ____D () C:\Users\marDin\AppData\Local\VirtualStore
2014-02-25 21:53 - 2014-02-25 21:53 - 00000000 ____D () C:\Users\marDin\AppData\Local\My Games
2014-02-25 21:53 - 2013-03-03 21:29 - 00000000 ____D () C:\Users\marDin\Documents\My Games
2014-02-25 16:06 - 2013-11-14 16:36 - 00000995 _____ () C:\Users\marDin\Desktop\YNAB 4.lnk
2014-02-25 16:06 - 2013-03-03 03:42 - 00000000 ____D () C:\Program Files (x86)\YNAB 4
2014-02-24 00:15 - 2014-02-24 00:15 - 00094899 _____ () C:\Users\marDin\Desktop\SpeedAutoClicker.zip
2014-02-24 00:15 - 2014-02-24 00:15 - 00000000 ____D () C:\Users\marDin\Desktop\SpeedAutoClicker
2014-02-23 22:21 - 2013-12-04 14:47 - 00000485 _____ () C:\Users\marDin\Desktop\Klanggarten-Bankdaten.txt
2014-02-23 12:49 - 2014-02-23 12:49 - 00327232 _____ () C:\WINDOWS\Minidump\022314-9203-01.dmp
2014-02-23 12:49 - 2013-12-16 21:25 - 00000440 _____ () C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
2014-02-23 12:49 - 2013-10-29 00:42 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-23 12:49 - 2013-09-29 20:04 - 00010160 _____ () C:\WINDOWS\PFRO.log
2014-02-23 12:49 - 2013-03-03 06:18 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-22 22:18 - 2013-03-03 05:31 - 00000000 ____D () C:\Users\marDin\AppData\Local\Packages
2014-02-22 17:24 - 2013-03-03 06:23 - 00000000 ____D () C:\ProgramData\Intel
2014-02-22 17:24 - 2013-03-03 06:23 - 00000000 ____D () C:\Program Files\Intel
2014-02-22 17:23 - 2014-02-22 17:23 - 00000000 ____D () C:\Users\marDin\Intel
2014-02-22 17:10 - 2014-02-22 17:10 - 00000983 _____ () C:\Users\Public\Desktop\DriverEasy.lnk
2014-02-22 17:10 - 2013-12-16 21:25 - 00003828 _____ () C:\WINDOWS\System32\Tasks\DriverEasy Scheduled Scan
2014-02-22 15:32 - 2014-02-16 12:38 - 00061420 _____ () C:\Users\marDin\Downloads\Gamescom 2014.xlsx
2014-02-21 23:08 - 2013-03-19 19:45 - 00000000 ____D () C:\Users\marDin\AppData\Local\Microsoft Help
2014-02-21 22:31 - 2014-02-21 22:31 - 00000000 _____ () C:\Users\marDin\Desktop\Neues Textdokument (2).txt
2014-02-21 20:06 - 2014-02-21 20:06 - 00000000 ____D () C:\Users\marDin\Documents\Benutzerdefinierte Office-Vorlagen
2014-02-21 18:48 - 2014-02-21 18:48 - 00000000 ____D () C:\Users\Public\Documents\Ghost Master
2014-02-21 13:22 - 2014-02-21 09:48 - 00061575 _____ () C:\Users\marDin\Desktop\Gamescom 2014.xlsx
2014-02-21 10:56 - 2014-02-21 10:56 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-02-21 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-21 10:53 - 2014-02-21 10:53 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-21 10:51 - 2014-02-21 10:51 - 00803520 _____ (Microsoft Corporation) C:\Users\marDin\Desktop\Setup.X64.de-de_O365ProPlusRetail_573eaa72-bc7c-48fb-a24c-d06fdbab8c45_TX_PR_.exe
2014-02-21 10:51 - 2014-02-21 10:51 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-02-21 10:50 - 2013-09-30 04:59 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-02-21 10:50 - 2013-03-19 19:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-21 10:50 - 2013-03-03 05:31 - 00000000 ___RD () C:\Users\marDin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-21 08:39 - 2014-02-21 08:39 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-02-20 16:37 - 2014-02-20 16:37 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-02-19 02:35 - 2014-02-19 02:34 - 00000000 ____D () C:\Users\marDin\AppData\Roaming\steamvr
2014-02-19 01:47 - 2013-05-09 09:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-02-19 01:46 - 2013-03-03 05:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-19 01:44 - 2013-05-09 09:29 - 00000000 ____D () C:\ProgramData\Origin
2014-02-19 01:44 - 2013-05-09 09:29 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-18 22:26 - 2014-02-18 22:26 - 00002153 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-02-18 22:26 - 2013-10-24 13:58 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-18 21:20 - 2014-02-18 21:20 - 02121554 _____ () C:\Users\marDin\Desktop\launcher^FTB_Launcher.exe
2014-02-18 18:19 - 2014-02-18 18:18 - 287999360 _____ () C:\Users\marDin\Desktop\civv_ost_mp3_1390441491.zip
2014-02-18 18:18 - 2014-02-18 18:18 - 10920012 _____ () C:\Users\marDin\Desktop\babayetu_mp3_1392077471.zip
2014-02-18 13:55 - 2013-03-31 19:15 - 175703040 _____ () C:\Users\marDin\Downloads\Supreme Commander Essential Pack.rar
2014-02-18 12:51 - 2013-09-14 08:40 - 00624224 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2014-02-18 12:51 - 2013-09-14 08:40 - 00115296 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2014-02-18 12:51 - 2013-05-05 21:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klkbdflt.sys
2014-02-18 12:42 - 2013-06-23 13:53 - 00000000 ____D () C:\Users\marDin\Desktop\Sonstiges
2014-02-16 23:02 - 2014-02-15 17:37 - 00000000 ____D () C:\Users\marDin\AppData\Roaming\ftblauncher
2014-02-16 11:49 - 2013-03-03 07:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 11:49 - 2013-03-03 05:31 - 00000000 ___RD () C:\Users\marDin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-15 23:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-15 23:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-15 23:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-15 23:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-15 23:02 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-15 23:02 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-15 22:54 - 2013-08-18 09:08 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-15 22:53 - 2013-03-03 02:12 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-15 13:46 - 2014-02-15 13:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 02:14 - 2014-02-11 22:16 - 00000145 _____ () C:\Users\marDin\Desktop\Neues Textdokument.txt
Some content of TEMP:
====================
C:\Users\marDin\AppData\Local\Temp\7z920.exe
C:\Users\marDin\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\marDin\AppData\Local\Temp\MoviesToolbarSetup_Somoto_9_10_2013.exe
C:\Users\marDin\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\marDin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\marDin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\marDin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\marDin\AppData\Local\Temp\nvStInst.exe
C:\Users\marDin\AppData\Local\Temp\oct23A2.tmp.exe
C:\Users\marDin\AppData\Local\Temp\oct7BF8.tmp.exe
C:\Users\marDin\AppData\Local\Temp\OfficeSetup.exe
C:\Users\marDin\AppData\Local\Temp\swt-win32-3349.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-13 10:24] - [2014-01-31 17:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-03-11 18:45
==================== End Of Log ============================
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by marDin at 2014-03-15 21:20:42
Running from C:\Users\marDin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29342 - BitTorrent Inc.)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Alien Nations (HKLM-x32\...\Alien Nations_is1) (Version: - GOG.com)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS USB-N13 WLAN Card Utilities & Driver (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.0.0.5 - )
ASUS Xonar DGX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version: - )
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bridge Building Game (HKLM-x32\...\Bridge Building Game) (Version: - )
Broken Age (HKLM-x32\...\Steam App 232790) (Version: - Double Fine Productions)
Catan - Die erste Insel (HKLM-x32\...\Catan) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Chime (HKLM-x32\...\Steam App 62100) (Version: - Zoe Mode)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version: - Colossal Order Ltd.)
Cook, Serve, Delicious! (HKLM-x32\...\Steam App 247020) (Version: - Vertigo Gaming)
Corsair Headset Software (HKLM-x32\...\{AE350DBF-6501-4DB2-B121-5DAF0E9747B7}) (Version: 2.0.16 - Corsair)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defense Grid: The Awakening (HKLM-x32\...\Steam App 18500) (Version: - Hidden Path Entertainment)
Democracy 3 (HKLM-x32\...\Steam App 245470) (Version: - Positech Games)
Die Gilde Gold Update v. 2.06 (HKLM-x32\...\Die Gilde Gold Update v. 2.06 ) (Version: - )
Die Gilde Gold-Edition (HKLM-x32\...\Die Gilde Gold-Edition) (Version: 2.06 - JoWooD Productions Software AG)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - )
DriverEasy 4.6.5 (HKLM\...\DriverEasy_is1) (Version: 4.6.5.0 - Easeware)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Dungeon Keeper 2 (HKLM-x32\...\Dungeon Keeper II) (Version: - )
Dwarfs!? (HKLM-x32\...\Steam App 35480) (Version: - Power of Two)
Element4l (HKLM-x32\...\Steam App 235820) (Version: - I-Illusions)
Eufloria (HKLM-x32\...\Steam App 41210) (Version: - )
f.lux (HKCU\...\Flux) (Version: - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fractal: Make Blooms Not War (HKLM-x32\...\Steam App 61310) (Version: - Cipher Prime Studios)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.11.827 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.12.827 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.12.827 - DVDVideoSoft Ltd.)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Ghost Master (HKLM-x32\...\Steam App 6200) (Version: - Sick Puppies)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Warlords Battlecry 2 (HKLM\...\{8e61291e-d39f-454a-98f8-73048ae04780}.sdb) (Version: - )
GothicW8 (HKLM\...\{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb) (Version: - )
GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Half Minute Hero: Super Mega Neo Climax Ultimate Boy (HKLM-x32\...\Steam App 214830) (Version: - )
Harvest: Massive Encounter (HKLM-x32\...\Steam App 15400) (Version: - Oxeye Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hexcells (HKLM-x32\...\Steam App 265890) (Version: - Matthew Brown)
Hexcells Plus (HKLM-x32\...\Steam App 271900) (Version: - Matthew Brown)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Icy Tower v1.5 (HKLM-x32\...\Icy Tower v1.5_is1) (Version: - Free Lunch Design)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.10.1550 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.0.1.2 (HKLM-x32\...\{604B2A5C-B1CE-45B2-ADCC-6B7C721AC3AC}) (Version: 4.0.1.2 - The Document Foundation)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version: - Tomorrow Corporation)
Luxor Evolved (HKLM-x32\...\Steam App 205830) (Version: - MumboJumbo)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version: - Paradox North)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Demosongs) (HKLM-x32\...\MAGIX_{6FF613B4-CE7A-46A1-B34F-535842B5561F}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Demosongs) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (HKLM-x32\...\MAGIX_{8040CA6C-16F1-47B5-BB2E-E63F32B7E67F}) (Version: 19.0.1.36 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Introductory videos) (HKLM-x32\...\MAGIX_{559F7863-5DE9-41AB-AB08-47B030042722}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Introductory videos) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (Synthesizer und Effekte) (HKLM-x32\...\MAGIX_{24ECE0D9-4579-4A8C-A332-BF5C945C6302}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Synthesizer und Effekte) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (Version: 19.0.1.36 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (Visuals) (HKLM-x32\...\MAGIX_{069CE3B1-FBC3-49CB-88C4-6FF1332E672D}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Visuals) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{92852E20-128F-44C3-92EB-3A7506F9DB2C}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{47ABA255-94C2-420E-82A8-B6A5A6074F32}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video Pro X5 (HKLM-x32\...\MAGIX_{35A66C65-B5F8-4B97-83F0-D6DC7C9A3055}) (Version: 12.0.10.28 - MAGIX AG)
MAGIX Video Pro X5 (Version: 12.0.10.28 - MAGIX AG) Hidden
MAGIX Vita Solo Instruments (Century Keys) for MAGIX Music Maker 2013 Premium (x32 Version: 1.1.0.0 - MAGIX AG) Hidden
MAGIX Vita Solo Instruments (Jazz Drums) for MAGIX Music Maker 2013 Premium (x32 Version: 1.1.0.0 - MAGIX AG) Hidden
MAGIX Vita Solo Instruments (Saxophonia) for MAGIX Music Maker 2013 Premium (x32 Version: 1.1.0.0 - MAGIX AG) Hidden
MAGIX Vita Solo Instruments (Space Pad) for MAGIX Music Maker 2013 Premium (x32 Version: 1.1.0.0 - MAGIX AG) Hidden
MAGIX Vita Solo Instruments (Upright Bass) for MAGIX Music Maker 2013 Premium (x32 Version: 1.1.0.0 - MAGIX AG) Hidden
MAGIX Vita Solo Instruments (Vibraphone) for MAGIX Music Maker 2013 Premium (x32 Version: 1.1.0.0 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-0d7239a9-c9b3-4dd1-98c2-9b1cabd9f812) (Version: - Epic Games, Inc.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.44.11 - Black Tree Gaming)
Nimbus (HKLM-x32\...\Steam App 50000) (Version: - Noumenon Games)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA CUDA Documentation 5.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocumentation_5.5) (Version: 5.5 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenTTD 1.3.2 (HKLM-x32\...\OpenTTD) (Version: 1.3.2 - OpenTTD)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Peggle Deluxe (HKLM-x32\...\Peggle Deluxe) (Version: - PopCap Games)
Perspective 1.0 (HKLM-x32\...\Perspective) (Version: 1.0 - Widdershins)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version: - PopCap)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
psynetic® Gif-X 3.00 (HKLM-x32\...\psynetic® Gif-X) (Version: 3.00 - Robert Mundt)
Puddle (HKLM-x32\...\Puddle_is1) (Version: - GOG.com)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.45 - Piriform)
Reus (HKLM-x32\...\Steam App 222730) (Version: - Abbey Games)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
RPG Maker VX Ace (HKLM-x32\...\Steam App 220700) (Version: - )
Settlers 2 GOLD (HKLM-x32\...\GOGPACKSETTLERS2GOLD_is1) (Version: 2.0.0.14 - GOG.com)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version: - Firaxis Games)
Sid Meier's Civilization IV: Beyond the Sword (HKLM-x32\...\Steam App 8800) (Version: - Firaxis Games)
Sid Meier's Civilization IV: Colonization (HKLM-x32\...\Steam App 16810) (Version: - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
SpaceChem (HKLM-x32\...\Steam App 92800) (Version: - )
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version: - Terry Cavanagh)
Supreme Commander - Forged Alliance (HKCU\...\{31D95937-B237-405D-920C-A3EF4E482395}) (Version: 1.00.0000 - Gas Powered Games)
Supreme Commander (HKCU\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
Supreme Commander: Forged Alliance (HKLM-x32\...\Steam App 9420) (Version: - )
Swords and Soldiers HD (HKLM-x32\...\Steam App 63500) (Version: - Ronimo Games)
Symphony (HKLM-x32\...\Symphony_is1) (Version: - GOG.com)
Synthesia (HKLM-x32\...\Synthesia) (Version: 8.6 - Synthesia LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
Terrafirma (HKLM-x32\...\{72E80496-C446-4389-B4F2-CC46DF704A7F}) (Version: 1.9.8 - Sean Kasun)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - )
The Mighty Quest For Epic Loot Version 1.213647 (HKLM-x32\...\The Mighty Quest For Epic Loot_is1) (Version: 1.213647 - )
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
The Wonderful End of the World (HKLM-x32\...\Steam App 15500) (Version: - Dejobaan Games)
Tiny and Big - Grandpa's Leftovers (HKLM-x32\...\GOGPACKTINYANDBIG_is1) (Version: 2.0.0.8 - GOG.com)
Tower Wars (HKLM-x32\...\Steam App 214360) (Version: - SuperVillain Studios)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Vampires Dawn II: Ancient Blood (MP3) (HKLM-x32\...\{04D24793-D317-4E13-95B3-1EDBEA068241}_is1) (Version: Vampires Dawn 2 - Version 1.23 (MP3) - Brianum/Dawnatic)
Vampires Dawn: Reign of Blood (HKLM-x32\...\{CF55095E-07AA-432E-8376-CEF71D70746A}_is1) (Version: Vampires Dawn: Reign of Blood 1.31 - Brianum)
Vita 2 (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita 2 Zusatzcontent (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Bass Machine (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Century Guitar (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Concert Guitar (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Drum Engine (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Electric Bass (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Lead Synth (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Rock Drums (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Soundtrack Percussion (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita String Ensemble (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita World Percussion (Version: 1.0.0.0 - MAGIX AG) Hidden
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version: - Terry Cavanagh)
Warlords Battlecry 2 (HKLM-x32\...\GOGPACKWARLORDSBATTLECRY2_is1) (Version: 2.0.0.4 - GOG.com)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Goo (HKLM-x32\...\Steam App 22000) (Version: - 2D BOY )
XMedia Recode Version 3.1.4.8 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.4.8 - XMedia Recode)
YNAB 4 version 4.3.450 (HKLM-x32\...\com.ynab.YNAB4.LiveCaptive_is1) (Version: 4.3.450 - YouNeedABudget.com)
==================== Restore Points =========================
13-03-2014 18:43:57 Windows Update
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {01FDE12B-FB2D-4A1E-81E8-8EC804AAB4A7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {03D6AD94-BDAB-4130-A1BC-021134ACACBE} - System32\Tasks\Baidu PC Faster Update => $szInstallingDir\Updater.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {141E2CF9-91FF-4709-A2A0-AB21056628A5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-02-21] (Microsoft Corporation)
Task: {1A7F215E-3ECB-4515-94F6-CAD2235BB691} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {33D4C0CE-C4C6-4150-8F8D-D657DBE8BCF9} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3FF70E24-4F98-43D3-BE72-4AB123FD7750} - \Express FilesUpdate No Task File
Task: {40B6B023-1B53-4CA7-83F2-0802FCF54991} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {4192CFF8-D915-4FF8-81DD-D9BDF7B8E094} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4BD5A38B-60BF-4C72-A86D-F8F9510CA4BF} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {62DC6882-42E7-4B9E-AAF1-16FFC14780D6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-02-21] (Microsoft Corporation)
Task: {68D95423-0896-454D-9E32-FACEDFE8DCBF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-02-21] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7EFBB993-E262-4728-A6F6-5E69629964E6} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2014-01-23] (Easeware)
Task: {8391AFB2-F2A2-4DFD-AF5C-89388F187363} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-15] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C67E9E8F-963C-4A12-BB1F-4372D7AF366A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D59C99F8-58C6-490C-9123-0E2ECCE0351A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E4ADCC2C-9175-47B8-9C12-34C8185E6B18} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EDE8CE21-4E12-407A-8E65-AC8F4693035B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Loaded Modules (whitelisted) =============
2013-12-16 21:38 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-02-21 10:51 - 2013-08-23 14:45 - 00386216 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2014-02-21 10:51 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2014-02-21 10:51 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-02-27 12:13 - 2014-02-27 12:13 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\ErrorReporting.dll
2013-03-03 02:42 - 2008-07-11 14:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2013-03-03 02:42 - 2008-07-11 14:03 - 00282112 _____ () C:\Windows\System\HsMgr64.exe
2014-03-14 13:38 - 2014-03-14 13:38 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-14 13:38 - 2014-03-14 13:38 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-14 13:38 - 2014-03-14 13:38 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2012-10-29 11:08 - 2014-03-14 13:38 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2012-10-29 11:08 - 2014-03-14 13:38 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-14 13:38 - 2014-03-14 13:38 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-14 13:38 - 2014-03-14 13:38 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2012-10-29 11:08 - 2014-03-14 13:38 - 00134088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2012-10-29 11:08 - 2014-03-14 13:38 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-10 07:28 - 2014-03-14 13:38 - 00577480 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 13:52 - 2013-05-08 13:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-03-03 07:15 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\EnumDevLib.dll
2013-10-20 10:17 - 2012-06-06 08:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DGX Audio\Customapp\VmixP8.dll
2014-01-08 11:12 - 2014-03-03 20:15 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-03-04 13:33 - 2014-03-03 20:15 - 00470016 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2013-03-12 17:10 - 2014-03-11 05:42 - 00754176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-02-25 07:39 - 2014-03-11 05:42 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-02-19 11:48 - 2014-03-03 20:15 - 20626624 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 09:51 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 09:51 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 09:51 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\marDin\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-15 13:46 - 2014-02-15 13:46 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-16 22:41 - 2013-05-31 13:30 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\marDin\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\marDin\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\marDin\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\marDin\Desktop\FINANZEN.XLS:com.dropbox.attributes
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/15/2014 08:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1588) SRUJet: Versuch, in Datei "C:\WINDOWS\system32\SRU\SRUres00002.jrs" bei Offset 0 (0x0000000000000000) für 65536 (0x00010000) Bytes zu schreiben, ist nach svchost0 Sekunden mit Systemfehler 112 (0x00000070): "Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. " fehlgeschlagen. Fehler -1808 (0xfffff8f0) bei Schreiboperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (03/15/2014 08:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1588) SRUJet: Das Datenbankmodul kann keine Aktualisierungen akzeptieren, weil die Festplatte, auf der sich die Protokolldatei der Datenbank befindet, über zu wenig freien Speicherplatz verfügt .
Error: (03/15/2014 07:01:00 PM) (Source: ESENT) (User: )
Description: svchost (1588) SRUJet: Versuch, in Datei "C:\WINDOWS\system32\SRU\SRUres00002.jrs" bei Offset 0 (0x0000000000000000) für 65536 (0x00010000) Bytes zu schreiben, ist nach svchost0 Sekunden mit Systemfehler 112 (0x00000070): "Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. " fehlgeschlagen. Fehler -1808 (0xfffff8f0) bei Schreiboperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (03/15/2014 07:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1588) SRUJet: Das Datenbankmodul kann keine Aktualisierungen akzeptieren, weil die Festplatte, auf der sich die Protokolldatei der Datenbank befindet, über zu wenig freien Speicherplatz verfügt .
Error: (03/15/2014 07:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1588) SRUJet: Versuch, in Datei "C:\WINDOWS\system32\SRU\SRUtmp.log" bei Offset 0 (0x0000000000000000) für 65536 (0x00010000) Bytes zu schreiben, ist nach svchost0 Sekunden mit Systemfehler 112 (0x00000070): "Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. " fehlgeschlagen. Fehler -1808 (0xfffff8f0) bei Schreiboperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (03/15/2014 04:19:19 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/15/2014 04:15:49 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/15/2014 04:13:44 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 1.0.0.4973, Zeitstempel: 0x530d0186
Name des fehlerhaften Moduls: mono.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52093c87
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000f7b52
ID des fehlerhaften Prozesses: 0x126c
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3
Vollständiger Name des fehlerhaften Pakets: Hearthstone.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Hearthstone.exe5
Error: (03/15/2014 04:11:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HeadsetControlPanel.exe, Version: 2.0.16.0, Zeitstempel: 0x520e2b3e
Name des fehlerhaften Moduls: CorsairDevice.dll, Version: 2.0.16.0, Zeitstempel: 0x520e2b21
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001c36
ID des fehlerhaften Prozesses: 0x1a00
Startzeit der fehlerhaften Anwendung: 0xHeadsetControlPanel.exe0
Pfad der fehlerhaften Anwendung: HeadsetControlPanel.exe1
Pfad des fehlerhaften Moduls: HeadsetControlPanel.exe2
Berichtskennung: HeadsetControlPanel.exe3
Vollständiger Name des fehlerhaften Pakets: HeadsetControlPanel.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HeadsetControlPanel.exe5
Error: (03/15/2014 04:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1560) SRUJet: Das Datenbankmodul kann keine Aktualisierungen akzeptieren, weil die Festplatte, auf der sich die Protokolldatei der Datenbank befindet, über zu wenig freien Speicherplatz verfügt .
System errors:
=============
Error: (03/15/2014 09:21:04 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.
Error: (03/15/2014 09:20:42 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.
Error: (03/15/2014 09:20:21 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.
Error: (03/15/2014 09:20:01 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.
Error: (03/15/2014 09:19:23 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.
Error: (03/15/2014 09:19:02 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.
Error: (03/15/2014 09:18:41 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.
Error: (03/15/2014 09:18:19 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.
Error: (03/15/2014 09:17:57 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.
Error: (03/15/2014 09:17:36 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.
Microsoft Office Sessions:
=========================
Error: (03/15/2014 08:00:00 PM) (Source: ESENT)(User: )
Description: svchost1588SRUJet: C:\WINDOWS\system32\SRU\SRUres00002.jrs0 (0x0000000000000000)65536 (0x00010000)-1808 (0xfffff8f0)112 (0x00000070)Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. 0.000
Error: (03/15/2014 08:00:00 PM) (Source: ESENT)(User: )
Description: svchost1588SRUJet:
Error: (03/15/2014 07:01:00 PM) (Source: ESENT)(User: )
Description: svchost1588SRUJet: C:\WINDOWS\system32\SRU\SRUres00002.jrs0 (0x0000000000000000)65536 (0x00010000)-1808 (0xfffff8f0)112 (0x00000070)Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. 0.000
Error: (03/15/2014 07:00:00 PM) (Source: ESENT)(User: )
Description: svchost1588SRUJet:
Error: (03/15/2014 07:00:00 PM) (Source: ESENT)(User: )
Description: svchost1588SRUJet: C:\WINDOWS\system32\SRU\SRUtmp.log0 (0x0000000000000000)65536 (0x00010000)-1808 (0xfffff8f0)112 (0x00000070)Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. 0.000
Error: (03/15/2014 04:19:19 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/15/2014 04:15:49 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/15/2014 04:13:44 PM) (Source: Application Error)(User: )
Description: Hearthstone.exe1.0.0.4973530d0186mono.dll_unloaded0.0.0.052093c87c0000005000f7b52126c01cf405f042e0f1bC:\Spiele\Hearthstone\Hearthstone.exemono.dll658ecbbd-ac54-11e3-bfbc-08606e5543ed
Error: (03/15/2014 04:11:17 PM) (Source: Application Error)(User: )
Description: HeadsetControlPanel.exe2.0.16.0520e2b3eCorsairDevice.dll2.0.16.0520e2b21c000000500001c361a0001cf4057b16f71dbC:\Program Files (x86)\Corsair\Corsair Headset Software\HeadsetControlPanel.exeC:\Program Files (x86)\Corsair\Corsair Headset Software\CorsairDevice.dll0e35db09-ac54-11e3-bfbc-08606e5543ed
Error: (03/15/2014 04:00:00 PM) (Source: ESENT)(User: )
Description: svchost1560SRUJet:
==================== Memory info ===========================
Percentage of memory in use: 44%
Total physical RAM: 8141.94 MB
Available physical RAM: 4513.48 MB
Total Pagefile: 16333.94 MB
Available Pagefile: 12136.56 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.37 GB) (Free:0.62 GB) NTFS
Drive d: () (Fixed) (Total:298.09 GB) (Free:45.73 GB) NTFS
Drive e: (Media-Data) (Fixed) (Total:298.09 GB) (Free:38.41 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:335.35 GB) (Free:168.66 GB) NTFS
Drive g: (MMM Test) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS
Drive h: (STORE'N'GO) (Removable) (Total:0.95 GB) (Free:0.95 GB) FAT32
Drive i: (STORE N GO) (Removable) (Total:7.45 GB) (Free:4.75 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 298 GB) (Disk ID: 6D6F6B20)
No partition Table on disk 1.
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 335 GB) (Disk ID: 370CDAA5)
Partition 1: (Not Active) - (Size=335 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: D27AC928)
Partition: GPT Partition Type.
========================================================
Disk: 4 (Size: 7 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 5 (Size: 979 MB) (Disk ID: 6C50AF17)
Partition 1: (Active) - (Size=979 MB) - (Type=0B)
==================== End Of Log ============================
Nach dem Start von GMER bekam ich folgende Fehlermeldung: C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Danach fror das Programm komplett ein, musste via Task-Manager beendet werden. (Ich hab das Internet abgesteckt, Kaspersky deaktiviert und alle Programme geschlossen). Auch ein Neustart löste das Problem nicht. Liebe Grüße, Martin |
|
16.03.2014, 16:50
| #2 |
| /// the machine /// TB-Ausbilder    | [Win 8.1] Festplatte C: verliert freien Speicherplatz__________________
__________________ |
|
| Themen zu [Win 8.1] Festplatte C: verliert freien Speicherplatz |
| baidu, beschädigung, bonjour, browser, diagnostics, downloader, dvdvideosoft ltd., ebanking, failed, festplatte, firefox, flash player, installation, internet, kaspersky, minidump, mozilla, mp3, nicht genug speicherplatz, office 365, problem, programm, realtek, refresh, registry, scan, security, sekunden, software, soundtrack, speicherplatz, svchost.exe, system, teamspeak, tower, vista, windowsapps |
![[Win 8.1] Festplatte C: verliert freien Speicherplatz](iconimages/plagegeister-aller-art-deren-bekaempfung/win-8-1-festplatte-c-verliert-freien-speicherplatz_ltr.gif)
Linear-Darstellung
