Plagegeister aller Art und deren Bekämpfung: Spybot - Search and Destroy läßt sich nicht vollständig entfernen
Spybot - Search and Destroy läßt sich nicht vollständig entfernen

Hallo,

ich hoffe ich bin hier richtig bezüglich meines Anliegens, ansonsten würde ich gern darum bitten diesen Thread an die richtige Stelle zu verschieben.

Ich habe mir kürzlich einige alte Spiele für einen Emulator runtergeladen und hatte bei diesen auch keine Probleme. Irgendwann kam dann, wie es hätte kommen sollen, eine Meldung von Avira mit der Nachricht "adware/installcore.gen7 gefunden". Daraufhin habe ich die Datei in die Quarantäne verschoben und entfernen lassen. Mein Avira hatte nach einem weiteren Scan nichts mehr angezeigt, allerdings wollte ich auf Nummer sicher gehen und hab mich da etwas schlau gemacht.

Ich wollte zuerst den AdwCleaner runterladen, jedoch habe ich von meinem Informatik-Lehrer den Tipp bekommen "Spybot - Search und Destroy" runterzuladen und damit den PC mal scannen zu lassen. Gesagt, getan. Es hat 'ne Sekunde gescannt, war fertig, zeigte an, dass es was gefunden hätte, wollte aber nicht zeigen was. Da es da 2 Arten von Scans gab habe ich den anderen Scan auch durchgeführt, bei dem wurden mir allerdings nur einige Cookies angezeigt.

Daraufhin hab ich das Programm wieder deinstalliert, den Ordner gelöscht und den PC neu gestartet. Nun habe ich aber das Problem, dass immernoch Restdateien von Spybot vorhanden sind, die sich nicht löschen lassen (Fehler:0x80004002). Ich habe diesbezüglich meinen guten Freund Google gefragt, der mir mit der Antwort CCleaner angeschossen kam. (Erst wollte ich eine Systemwiederherstellung machen, allerdings hatte ich in dem Moment, wieso auch immer, keine vorhandenen Wiederherstellungspunkte mehr.)

Naja, CCleaner runtergeladen, Cleaner und Registry gesäubert, PC neugestartet, nochmal gesäubert. Dateien immer noch da.

Die Dateien, die sich über die Suchfunktion immer wieder finden lassen sind 1-3 Ordner "Spybot - Search & Destroy" (Original+Verknüpfungen), 1-3 .evtx Logdateien/Ereignisprotokolle und ab und an eine Internet-Explorer-Datei? (Weißes Blatt mit IE-Symbol - IE hab ich vom System "gelöscht"). Ich schreibe deshalb 1-3, da es beim ersten Suchvorgang jeweils nur eine Datei gab und bei wiederholten Vorgängen sich die Anzahl ständig geändert hat. Momentaner Stand sind 3 Ordner und 1 .evtx-Datei.

Die Ordner lassen sich zwar löschen, sind aber nach einem Neustart wieder vorhanden. Die .evtx-Dateien lassen sich mit Doppelklick öffnen und in dem Fenster "Ereignisanzeige" ebenfalls löschen, sind aber nach einem erneuten Suchvorgang ebenfalls wieder auffindbar - eine normale Löschung über einen Rechtsklick läßt sich nicht durchführen, wie bereits oben Beschrieben (Fehler: 0x80004002).

Ich denke zwar, dass die Dateien nicht wirklich schädlich sind, aber wenn man über jeden kleinen Stein hinwegsieht hat man bald einen Berg, den man nicht mehr wegbekommt. Deshalb würde es mich sehr freuen, wenn mir jemand helfen könnte und mir zudem noch hilft zu überprüfen, ob die Adware-Dateien weg sind.

Mit freundlichen Grüßen
Clavat93
Spybot - Search and Destroy läßt sich nicht vollständig entfernen

hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: ![]() (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Spybot - Search and Destroy läßt sich nicht vollständig entfernen

Hallo schrauber,
ich bedanke mich schonmal für deine Hilfe.

FRST.txt:

Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Eddy (administrator) on EIN-PC on 26-03-2014 01:28:28 Running from C:\Users\Eddy\Downloads Windows 8.1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe (Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.) HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation) HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-05-23] (cyberlink) HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1777003106-357198834-614928924-1002\...\MountPoints2: {53f18c57-420a-11e3-be7e-84a6c8b8839a} - "F:\LaunchU3.exe" -a HKU\S-1-5-21-1777003106-357198834-614928924-1002\...\MountPoints2: {f94d0699-76d0-11e3-bebc-84a6c8b8839a} - "G:\CMADownloader.exe" AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-23] (NVIDIA Corporation) AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-10-23] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\xdpqjcll.default FF user.js: detected! => C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\xdpqjcll.default\user.js FF SearchEngineOrder.1: Mysearchdial FF Homepage: https://www.google.de/ FF NetworkProxy: "backup.ftp", "" FF NetworkProxy: "backup.ftp_port", 0 FF NetworkProxy: "backup.socks", "" FF NetworkProxy: "backup.socks_port", 0 FF NetworkProxy: "backup.ssl", "" FF NetworkProxy: "backup.ssl_port", 0 FF NetworkProxy: "ftp", "" FF NetworkProxy: "ftp_port", 80 FF NetworkProxy: "http", "" FF NetworkProxy: "http_port", 80 FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "" FF NetworkProxy: "socks_port", 80 FF NetworkProxy: "ssl", "" FF NetworkProxy: "ssl_port", 80 FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\xdpqjcll.default\searchplugins\Mysearchdial.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\xdpqjcll.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-18] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG) R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] () R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [211456 2014-01-25] () R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-18] (Avira Operations GmbH & Co. KG) S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2014-01-25] () S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation) S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-26 01:28 - 2014-03-26 01:28 - 00017341 _____ () C:\Users\Eddy\Downloads\FRST.txt 2014-03-26 01:28 - 2014-03-26 01:28 - 00000000 ____D () C:\FRST 2014-03-26 01:27 - 2014-03-26 01:27 - 02157056 _____ (Farbar) C:\Users\Eddy\Downloads\FRST64.exe 2014-03-24 20:17 - 2014-03-24 20:19 - 04517659 _____ () C:\Users\Eddy\Downloads\Animal Crossing.7z 2014-03-24 19:11 - 2014-03-24 19:29 - 1178382899 _____ () C:\Users\Eddy\Downloads\Eternal Darkness - Sanity's Requiem.7z 2014-03-24 17:05 - 2014-03-24 17:05 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-03-24 17:05 - 2014-03-24 17:05 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-03-24 17:04 - 2014-03-26 01:20 - 00327497 _____ () C:\WINDOWS\WindowsUpdate.log 2014-03-24 16:59 - 2014-03-24 16:59 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2014-03-24 16:59 - 2014-03-24 16:59 - 00000836 _____ () C:\Users\Eddy\Desktop\CCleaner.lnk 2014-03-24 16:59 - 2014-03-24 16:59 - 00000000 ____D () C:\Users\Eddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-03-24 16:59 - 2014-03-24 16:59 - 00000000 ____D () C:\Program Files\CCleaner 2014-03-24 16:56 - 2014-03-24 16:58 - 03690256 _____ (Piriform Ltd) C:\Users\Eddy\Downloads\ccsetup411_slim.exe 2014-03-24 16:36 - 2014-03-24 16:36 - 00000085 _____ () C:\WINDOWS\wininit.ini 2014-03-24 16:31 - 2014-03-24 16:43 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-03-24 16:31 - 2014-03-24 16:31 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking 2014-03-24 16:27 - 2014-03-24 16:28 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Eddy\Downloads\spybot-2.2.25.exe 2014-03-23 22:54 - 2014-03-23 22:54 - 01950720 _____ () C:\Users\Eddy\Downloads\adwcleaner.exe 2014-03-23 17:39 - 2014-03-23 17:41 - 00000000 ____D () C:\Users\Eddy\Documents\Dolphin Emulator 2014-03-23 14:53 - 2014-03-23 14:53 - 00003030 _____ () C:\WINDOWS\System32\Tasks\{CA6D7452-9EB5-45FF-92CA-6565A19A5FA4} 2014-03-23 14:46 - 2014-03-23 14:46 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp 2014-03-21 20:56 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2014-03-21 20:56 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2014-03-21 16:21 - 2014-03-21 20:09 - 00000000 ____D () C:\Users\Eddy\Desktop\Emulatoren 2014-03-21 15:08 - 2014-02-22 13:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2014-03-21 15:08 - 2014-02-22 12:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2014-03-19 23:05 - 2014-03-19 23:05 - 00000000 ____D () C:\Users\Eddy\Desktop\Fahrkarte 2014-03-19 13:14 - 2014-01-08 02:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2014-03-19 13:14 - 2014-01-08 02:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-03-19 13:14 - 2014-01-08 02:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2014-03-19 13:14 - 2014-01-04 16:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll 2014-03-19 13:14 - 2014-01-04 16:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll 2014-03-19 13:14 - 2014-01-04 15:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2014-03-19 13:14 - 2014-01-04 14:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll 2014-03-19 13:14 - 2014-01-03 00:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll 2014-03-19 13:14 - 2014-01-03 00:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-03-19 13:14 - 2014-01-01 02:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-03-19 13:14 - 2014-01-01 02:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2014-03-19 13:14 - 2014-01-01 01:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-03-19 13:14 - 2014-01-01 01:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2014-03-19 13:14 - 2014-01-01 00:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-03-19 13:14 - 2014-01-01 00:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2014-03-19 13:14 - 2014-01-01 00:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-03-19 13:14 - 2013-12-31 00:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll 2014-03-19 13:14 - 2013-12-31 00:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2014-03-19 13:14 - 2013-12-31 00:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll 2014-03-19 13:14 - 2013-12-31 00:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-03-19 13:14 - 2013-12-31 00:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2014-03-19 13:14 - 2013-12-27 16:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2014-03-19 13:14 - 2013-12-27 10:21 - 13192704 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-03-19 13:14 - 2013-12-27 09:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2014-03-19 13:14 - 2013-12-27 09:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2014-03-19 13:14 - 2013-12-27 09:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2014-03-19 13:14 - 2013-12-27 08:27 - 11688448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-03-19 13:14 - 2013-12-27 08:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2014-03-19 13:14 - 2013-12-27 08:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-03-19 13:14 - 2013-12-27 07:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-03-19 13:14 - 2013-12-21 08:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll 2014-03-19 13:14 - 2013-12-17 08:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2014-03-19 13:14 - 2013-12-14 07:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-03-19 13:14 - 2013-12-14 07:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-03-19 13:14 - 2013-12-13 11:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2014-03-19 13:14 - 2013-12-13 07:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2014-03-19 13:14 - 2013-12-13 06:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2014-03-19 13:14 - 2013-12-09 09:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-03-19 13:14 - 2013-12-09 05:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-03-19 13:14 - 2013-12-09 00:43 - 01104896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-03-19 13:14 - 2013-12-09 00:25 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-03-15 00:12 - 2014-03-15 00:12 - 00401408 _____ () C:\Users\Eddy\Desktop\Adressen-Praktikum.mdb 2014-03-14 22:48 - 2014-03-14 22:48 - 00000919 _____ () C:\Users\Public\Desktop\Battlefield 1942.lnk 2014-03-14 22:48 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll 2014-03-14 22:48 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll 2014-03-14 22:48 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll 2014-03-14 22:48 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll 2014-03-14 22:48 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll 2014-03-14 22:48 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll 2014-03-14 22:48 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2014-03-14 22:48 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll 2014-03-14 22:48 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll 2014-03-14 22:48 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll 2014-03-14 22:48 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll 2014-03-14 22:48 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll 2014-03-14 22:48 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll 2014-03-14 22:48 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll 2014-03-14 22:48 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll 2014-03-14 22:48 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll 2014-03-14 22:48 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll 2014-03-14 22:48 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll 2014-03-14 22:48 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll 2014-03-14 22:48 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll 2014-03-14 22:48 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll 2014-03-14 22:48 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll 2014-03-14 22:48 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll 2014-03-14 22:48 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll 2014-03-14 22:48 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll 2014-03-14 22:47 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll 2014-03-14 22:47 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll 2014-03-14 22:47 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll 2014-03-14 22:47 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll 2014-03-14 22:47 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll 2014-03-14 22:47 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll 2014-03-14 22:47 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll 2014-03-14 22:47 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll 2014-03-14 22:47 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll 2014-03-14 22:47 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll 2014-03-14 22:47 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll 2014-03-14 22:47 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll 2014-03-14 22:47 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll 2014-03-14 22:47 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll 2014-03-14 22:47 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll 2014-03-14 22:47 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll 2014-03-14 22:47 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll 2014-03-14 22:47 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll 2014-03-14 22:47 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll 2014-03-14 22:47 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2014-03-14 22:47 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll 2014-03-14 22:47 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll 2014-03-14 22:47 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll 2014-03-14 22:47 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll 2014-03-14 22:47 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll 2014-03-14 22:47 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll 2014-03-14 22:47 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll 2014-03-14 22:47 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll 2014-03-14 22:47 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll 2014-03-14 22:47 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll 2014-03-14 22:47 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll 2014-03-14 22:47 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll 2014-03-14 22:47 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll 2014-03-14 22:47 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll 2014-03-14 22:47 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll 2014-03-14 22:47 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll 2014-03-14 22:47 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll 2014-03-14 22:47 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll 2014-03-14 22:47 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll 2014-03-14 22:47 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll 2014-03-14 22:47 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll 2014-03-14 22:47 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll 2014-03-14 22:47 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll 2014-03-14 22:47 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll 2014-03-14 22:47 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll 2014-03-14 22:47 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll 2014-03-14 22:47 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll 2014-03-14 22:47 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll 2014-03-14 22:47 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll 2014-03-14 22:47 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll 2014-03-14 22:47 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll 2014-03-14 22:47 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll 2014-03-14 22:47 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll 2014-03-14 22:47 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll 2014-03-14 22:47 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll 2014-03-14 22:47 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll 2014-03-14 22:47 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll 2014-03-14 22:47 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll 2014-03-14 22:47 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll 2014-03-14 22:47 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll 2014-03-14 22:47 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll 2014-03-14 22:47 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll 2014-03-14 22:47 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll 2014-03-14 22:47 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll 2014-03-14 22:47 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll 2014-03-14 22:47 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll 2014-03-14 22:47 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll 2014-03-14 22:47 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll 2014-03-14 22:47 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll 2014-03-14 22:47 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll 2014-03-14 22:47 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll 2014-03-14 22:47 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll 2014-03-14 22:47 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll 2014-03-14 22:47 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll 2014-03-14 22:47 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll 2014-03-14 22:47 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll 2014-03-14 22:47 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll 2014-03-14 22:47 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll 2014-03-14 22:47 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll 2014-03-14 22:47 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll 2014-03-14 22:47 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll 2014-03-14 22:47 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll 2014-03-14 22:47 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll 2014-03-14 22:47 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll 2014-03-14 22:47 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll 2014-03-14 22:47 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll 2014-03-14 22:47 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll 2014-03-14 22:47 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll 2014-03-14 22:47 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll 2014-03-14 22:47 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll 2014-03-14 22:47 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll 2014-03-14 22:47 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll 2014-03-14 22:47 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll 2014-03-14 22:47 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll 2014-03-14 22:47 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll 2014-03-14 22:47 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll 2014-03-14 22:47 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll 2014-03-14 22:47 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll 2014-03-14 22:47 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll 2014-03-14 22:47 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll 2014-03-14 22:47 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll 2014-03-14 22:47 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll 2014-03-14 22:47 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll 2014-03-14 22:47 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll 2014-03-14 22:47 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll 2014-03-14 22:47 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll 2014-03-14 22:47 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll 2014-03-14 22:47 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll 2014-03-14 22:47 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll 2014-03-14 22:47 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll 2014-03-14 22:47 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll 2014-03-14 22:47 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll 2014-03-14 22:47 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll 2014-03-14 22:47 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll 2014-03-14 22:47 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll 2014-03-14 22:47 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll 2014-03-14 22:47 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll 2014-03-14 22:47 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll 2014-03-14 22:47 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll 2014-03-14 22:47 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll 2014-03-14 22:47 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll 2014-03-14 22:47 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll 2014-03-14 22:47 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll 2014-03-14 22:47 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll 2014-03-14 22:47 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll 2014-03-14 22:47 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll 2014-03-14 22:47 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll 2014-03-14 22:47 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll 2014-03-14 22:47 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll 2014-03-14 22:47 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll 2014-03-14 22:47 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll 2014-03-14 22:47 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll 2014-03-14 22:47 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll 2014-03-14 22:47 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll 2014-03-14 22:47 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll 2014-03-14 22:47 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll 2014-03-14 22:47 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll 2014-03-14 22:47 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll 2014-03-14 22:30 - 2014-03-15 19:48 - 00000000 ____D () C:\Users\Eddy\AppData\Roaming\Origin 2014-03-14 22:30 - 2014-03-14 22:33 - 00000000 ____D () C:\Users\Eddy\AppData\Local\Origin 2014-03-14 22:29 - 2014-03-15 19:49 - 00000000 ____D () C:\ProgramData\Origin 2014-03-14 22:29 - 2014-03-14 23:18 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-03-14 22:29 - 2014-03-14 22:29 - 00000536 _____ () C:\Users\Public\Desktop\Origin.lnk 2014-03-13 17:01 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-03-13 17:01 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-03-13 17:01 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-03-13 17:01 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-03-13 17:01 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-03-13 17:01 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-03-13 17:01 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-03-13 17:01 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-03-13 17:01 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-03-13 17:01 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-03-13 17:01 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-03-13 17:01 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-03-13 17:01 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-03-13 17:01 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-03-13 17:01 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-03-13 17:01 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-03-13 17:01 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-03-13 17:01 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-03-13 17:01 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2014-03-13 17:01 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2014-03-13 17:01 - 2014-01-31 17:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2014-03-13 17:01 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-03-13 17:01 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-03-13 17:01 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-03-13 17:01 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll 2014-03-13 17:01 - 2014-01-29 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2014-03-13 17:01 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2014-03-13 17:01 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2014-03-13 17:01 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2014-03-13 17:01 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-03-13 17:01 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2014-03-13 17:01 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2014-03-13 17:01 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2014-03-13 17:01 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2014-03-13 17:01 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2014-03-13 17:01 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2014-03-13 17:01 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2014-03-13 17:01 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2014-03-13 17:01 - 2014-01-27 19:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2014-03-13 17:01 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2014-03-13 17:01 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2014-03-13 17:01 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2014-03-13 17:01 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2014-03-13 17:01 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2014-03-13 17:01 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2014-03-13 17:01 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2014-03-13 17:01 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2014-03-13 17:01 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-03-13 17:01 - 2014-01-27 12:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-03-13 17:01 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2014-03-13 17:01 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-03-13 17:01 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2014-03-13 17:01 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll 2014-03-13 17:01 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2014-03-13 17:01 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2014-03-13 17:01 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2014-03-13 17:01 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2014-03-13 17:01 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-03-13 17:01 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-03-13 17:01 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-03-13 17:01 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-03-13 17:01 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-03-13 17:01 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-03-13 17:01 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-03-07 00:31 - 2014-03-07 00:31 - 00005149 _____ () C:\Users\Eddy\AppData\Local\recently-used.xbel 2014-03-01 14:53 - 2014-03-01 17:09 - 00000000 ____D () C:\Users\Eddy\AppData\Roaming\Awesomium 2014-03-01 14:03 - 2014-03-01 14:03 - 00000000 ____D () C:\Users\Eddy\Documents\Elder Scrolls Online 2014-03-01 14:03 - 2014-03-01 14:03 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online 2014-02-28 22:50 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll 2014-02-28 22:50 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll 2014-02-28 22:50 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll 2014-02-28 22:50 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll 2014-02-28 22:50 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll 2014-02-28 22:50 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2014-02-28 22:50 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll 2014-02-28 22:50 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll 2014-02-28 22:50 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2014-02-28 22:50 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll 2014-02-28 22:50 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll 2014-02-28 22:50 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll 2014-02-28 22:50 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2014-02-28 22:50 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll 2014-02-28 22:50 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll 2014-02-28 22:50 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll 2014-02-26 13:43 - 2014-03-24 17:00 - 00000000 ____D () C:\WINDOWS\Minidump 2014-02-24 18:05 - 2014-02-27 07:21 - 01689137 _____ () C:\Users\Eddy\Desktop\AMD-Vortrag.pptx 2014-02-24 16:58 - 2014-02-27 07:19 - 00000000 ____D () C:\Users\Eddy\Desktop\AMD CPU Bilder ==================== One Month Modified Files and Folders ======= 2014-03-26 01:28 - 2014-03-26 01:28 - 00017341 _____ () C:\Users\Eddy\Downloads\FRST.txt 2014-03-26 01:28 - 2014-03-26 01:28 - 00000000 ____D () C:\FRST 2014-03-26 01:27 - 2014-03-26 01:27 - 02157056 _____ (Farbar) C:\Users\Eddy\Downloads\FRST64.exe 2014-03-26 01:20 - 2014-03-24 17:04 - 00327497 _____ () C:\WINDOWS\WindowsUpdate.log 2014-03-26 01:06 - 2013-10-18 16:03 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-03-26 01:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-03-26 00:18 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-03-26 00:18 - 2013-09-30 04:56 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat 2014-03-26 00:18 - 2013-09-30 04:56 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat 2014-03-25 23:39 - 2013-10-12 00:50 - 00000401 _____ () C:\Users\Eddy\AppData\Roaming\sp_data.sys 2014-03-24 20:19 - 2014-03-24 20:17 - 04517659 _____ () C:\Users\Eddy\Downloads\Animal Crossing.7z 2014-03-24 19:29 - 2014-03-24 19:11 - 1178382899 _____ () C:\Users\Eddy\Downloads\Eternal Darkness - Sanity's Requiem.7z 2014-03-24 19:21 - 2013-10-12 00:56 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1777003106-357198834-614928924-1002 2014-03-24 17:05 - 2014-03-24 17:05 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-03-24 17:05 - 2014-03-24 17:05 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-03-24 17:03 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-03-24 17:03 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-03-24 17:00 - 2014-02-26 13:43 - 00000000 ____D () C:\WINDOWS\Minidump 2014-03-24 17:00 - 2013-10-29 17:16 - 00000000 ___DC () C:\WINDOWS\Panther 2014-03-24 16:59 - 2014-03-24 16:59 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2014-03-24 16:59 - 2014-03-24 16:59 - 00000836 _____ () C:\Users\Eddy\Desktop\CCleaner.lnk 2014-03-24 16:59 - 2014-03-24 16:59 - 00000000 ____D () C:\Users\Eddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-03-24 16:59 - 2014-03-24 16:59 - 00000000 ____D () C:\Program Files\CCleaner 2014-03-24 16:58 - 2014-03-24 16:56 - 03690256 _____ (Piriform Ltd) C:\Users\Eddy\Downloads\ccsetup411_slim.exe 2014-03-24 16:43 - 2014-03-24 16:31 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-03-24 16:36 - 2014-03-24 16:36 - 00000085 _____ () C:\WINDOWS\wininit.ini 2014-03-24 16:31 - 2014-03-24 16:31 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking 2014-03-24 16:28 - 2014-03-24 16:27 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Eddy\Downloads\spybot-2.2.25.exe 2014-03-23 22:54 - 2014-03-23 22:54 - 01950720 _____ () C:\Users\Eddy\Downloads\adwcleaner.exe 2014-03-23 17:41 - 2014-03-23 17:39 - 00000000 ____D () C:\Users\Eddy\Documents\Dolphin Emulator 2014-03-23 14:53 - 2014-03-23 14:53 - 00003030 _____ () C:\WINDOWS\System32\Tasks\{CA6D7452-9EB5-45FF-92CA-6565A19A5FA4} 2014-03-23 14:46 - 2014-03-23 14:46 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp 2014-03-21 21:18 - 2013-10-14 17:00 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-03-21 21:17 - 2013-10-14 17:00 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-03-21 21:17 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-03-21 20:43 - 2013-10-12 00:48 - 00000000 ____D () C:\Users\Eddy\AppData\Local\VirtualStore 2014-03-21 20:09 - 2014-03-21 16:21 - 00000000 ____D () C:\Users\Eddy\Desktop\Emulatoren 2014-03-20 16:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-03-19 23:05 - 2014-03-19 23:05 - 00000000 ____D () C:\Users\Eddy\Desktop\Fahrkarte 2014-03-19 14:44 - 2013-10-12 00:50 - 00000000 ___RD () C:\Users\Eddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-19 14:44 - 2013-10-12 00:50 - 00000000 ___RD () C:\Users\Eddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-03-19 14:14 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-03-19 13:31 - 2013-10-18 16:47 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-15 19:49 - 2014-03-14 22:29 - 00000000 ____D () C:\ProgramData\Origin 2014-03-15 19:48 - 2014-03-14 22:30 - 00000000 ____D () C:\Users\Eddy\AppData\Roaming\Origin 2014-03-15 00:12 - 2014-03-15 00:12 - 00401408 _____ () C:\Users\Eddy\Desktop\Adressen-Praktikum.mdb 2014-03-14 23:18 - 2014-03-14 22:29 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-03-14 22:48 - 2014-03-14 22:48 - 00000919 _____ () C:\Users\Public\Desktop\Battlefield 1942.lnk 2014-03-14 22:33 - 2014-03-14 22:30 - 00000000 ____D () C:\Users\Eddy\AppData\Local\Origin 2014-03-14 22:29 - 2014-03-14 22:29 - 00000536 _____ () C:\Users\Public\Desktop\Origin.lnk 2014-03-13 19:02 - 2013-08-22 15:44 - 00478192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-03-13 19:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-13 19:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-13 19:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-03-13 19:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-03-13 19:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-03-13 17:22 - 2012-07-26 06:26 - 00000199 _____ () C:\WINDOWS\win.ini 2014-03-11 19:06 - 2013-10-18 16:03 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-03-07 00:32 - 2013-10-29 16:50 - 00000000 ____D () C:\Users\Eddy\.gimp-2.8 2014-03-07 00:31 - 2014-03-07 00:31 - 00005149 _____ () C:\Users\Eddy\AppData\Local\recently-used.xbel 2014-03-07 00:31 - 2013-10-29 16:53 - 00000000 ____D () C:\Users\Eddy\AppData\Local\gtk-2.0 2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-01 17:09 - 2014-03-01 14:53 - 00000000 ____D () C:\Users\Eddy\AppData\Roaming\Awesomium 2014-03-01 14:03 - 2014-03-01 14:03 - 00000000 ____D () C:\Users\Eddy\Documents\Elder Scrolls Online 2014-03-01 14:03 - 2014-03-01 14:03 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online 2014-03-01 07:05 - 2014-03-13 17:01 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-03-01 05:58 - 2014-03-13 17:01 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-03-01 05:30 - 2014-03-13 17:01 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-03-01 05:17 - 2014-03-13 17:01 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-03-01 04:54 - 2014-03-13 17:01 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-03-01 04:47 - 2014-03-13 17:01 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-03-01 04:42 - 2014-03-13 17:01 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-03-01 04:18 - 2014-03-13 17:01 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-03-01 04:14 - 2014-03-13 17:01 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-03-01 04:10 - 2014-03-13 17:01 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-03-01 04:03 - 2014-03-13 17:01 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-03-01 03:57 - 2014-03-13 17:01 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-03-01 03:38 - 2014-03-13 17:01 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-03-01 03:32 - 2014-03-13 17:01 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-03-01 03:27 - 2014-03-13 17:01 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-03-01 03:25 - 2014-03-13 17:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-03-01 03:25 - 2014-03-13 17:01 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-02-27 07:22 - 2013-10-29 17:21 - 00000000 ____D () C:\Users\Eddy 2014-02-27 07:21 - 2014-02-24 18:05 - 01689137 _____ () C:\Users\Eddy\Desktop\AMD-Vortrag.pptx 2014-02-27 07:19 - 2014-02-24 16:58 - 00000000 ____D () C:\Users\Eddy\Desktop\AMD CPU Bilder Files to move or delete: ==================== C:\ProgramData\SetStretch.exe Some content of TEMP: ==================== C:\Users\Eddy\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys [2014-03-13 17:01] - Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014 Ran by Eddy at 2014-03-26 01:28:57 Running from C:\Users\Eddy\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: - Adobe Systems Incorporated) Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated) ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS) ASUS Product Demo Movie (HKLM-x32\...\{DC06C90B-C5BE-42F6-B74D-A9503170998C}) (Version: 1.0.3 - ASUS ) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0005 - ASUS) ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: - ASUS Cloud Corporation) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS) Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: - Avira) Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform) Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version: - Microsoft) Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team) Dungeons And Dragons Anthology - The Master Collection (HKLM-x32\...\{79612FB7-0B07-4E34-A346-79133691FF12}) (Version: 1.0.0 - Atari) Gameforge Live 1.10.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.10.0 - Gameforge) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) Inhaltsmanager-Assistent für PlayStation(R) (HKLM-x32\...\{32C46540-7693-49E1-A81E-121B09C8303B}) (Version: 3.00.7187.47 - Sony Computer Entertainment Inc.) Intel PROSet Wireless (Version: - ) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{5D871D59-6D4C-4619-AC2A-A63604E426B5}) (Version: 15.05.5000.1567 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden Kobo (HKLM-x32\...\Kobo) (Version: 3.5.0 - Kobo Inc.) Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version: - Gameforge 4D GmbH) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team) NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39029 - Realtek Semiconductor Corp.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{47F15B72-AB15-4B81-BDB8-28B204596EB7}) (Version: - Microsoft) Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version: - Microsoft) Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version: - Microsoft) Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{237834D6-FA98-44E1-8739-ABD56DDADC59}) (Version: - Microsoft) Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft) Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{8D84B988-2A7A-4DB6-A7A5-08DA7B3DE9EE}) (Version: - Microsoft) Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{79469196-F138-4CF0-8681-F1889D53B56B}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{526C9E5A-A734-4DC0-B829-ED1CDE793C6B}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{30C13416-B124-46AB-9E44-96CEFFA893F9}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{1A789784-5825-4B26-BB57-71FF7D3484CB}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B5E3E636-7913-4775-BC9B-E4B56F4ED73B}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUSR_{869B93B9-E75A-44DE-8AC5-A030A7A21FDD}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0A90C645-3F9A-4CF9-BF62-2609602E3DAB}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{34F51E79-0110-4B49-A245-81319F58453E}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version: - Microsoft) Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{05D8C7F6-9A93-4925-B2B3-7D6507AD2FC9}) (Version: - Microsoft) Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version: - Microsoft) Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version: - Microsoft) Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{DAEE93F9-D258-45E4-AFD3-12AC5ED04693}) (Version: - Microsoft) Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version: - Microsoft) Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CA014CB4-B26F-4D27-BF26-C994CC3428E5}) (Version: - Microsoft) Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6FF949A3-1C3F-41C2-9464-933E885ECB53}) (Version: - Microsoft) Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version: - Microsoft) Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E9172003-60C1-447B-9569-7AA9FADE26B0}) (Version: - Microsoft) Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version: - Microsoft) Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version: - Microsoft) Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version: - Microsoft) Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{AAB7E20E-E896-495E-AD19-1A0EF515DCED}) (Version: - Microsoft) Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{AAB7E20E-E896-495E-AD19-1A0EF515DCED}) (Version: - Microsoft) Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version: - Microsoft) Windows-Treiberpaket - ASUS (ATP) Mouse (10/29/2012 (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS) WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Restore Points ========================= 24-03-2014 18:48:54 Geplanter Prüfpunkt ==================== Hosts content: ========================== 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0298AF9B-3362-4F54-8230-B3C2D0F5F6A0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {175070F5-31F0-4379-BEDA-0238AD896839} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {22054B82-E3AC-4BCF-A123-95D4C3AA9020} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.) Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {31302E1D-30B4-4E4C-AF9A-2B5DE5A35261} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3DE5C0C5-6C4F-4725-881C-C889658C4145} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-21] (Microsoft Corporation) Task: {3F651FC6-F357-4BEC-A15A-5FE77D28DDB9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd) Task: {451F9E12-3E61-43F6-A103-DAE7BA4293E1} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek) Task: {4829DA3B-2898-4152-9DC2-74C61945F440} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {C8577F0B-4133-4AD5-A34A-9F8C19CFAD45} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA12296C-74BE-4C96-B644-FEE05B772121} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS) Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2008-09-08 10:19 - 2008-09-08 10:19 - 00022016 _____ () C:\WINDOWS\System32\cl31cl6.dll 2013-11-05 21:41 - 2010-04-05 20:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2013-10-22 17:27 - 2013-10-23 11:30 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2013-10-29 17:18 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-10-18 15:47 - 2013-07-18 07:02 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll 2012-11-15 07:37 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2014-02-15 21:06 - 2014-02-15 21:06 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-10-22 17:27 - 2013-10-23 11:30 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2012-09-11 15:01 - 2012-09-11 15:01 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: USB-IF xHCI USB Host Controller Description: USB-IF xHCI USB Host Controller Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee} Manufacturer: Intel Corporation Service: XHCIPort Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: USB 2.0 UVC HD Webcam Description: USB-Videogerät Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (03/24/2014 08:35:48 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (03/24/2014 05:04:39 PM) (Source: Windows Search Service) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1777003106-357198834-614928924-1002}/">. Error: (03/24/2014 05:04:28 PM) (Source: Windows Search Service) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1777003106-357198834-614928924-1002}/">. Error: (03/24/2014 05:03:03 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (03/24/2014 05:00:33 PM) (Source: Windows Search Service) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1777003106-357198834-614928924-1002}/">. Error: (03/24/2014 05:00:03 PM) (Source: Windows Search Service) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1777003106-357198834-614928924-1002}/">. Error: (03/24/2014 04:36:56 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (03/23/2014 07:51:56 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: Dolphin.exe, Version:, Zeitstempel: 0x52990370 Name des fehlerhaften Moduls: wpdshext.dll_unloaded, Version: 6.3.9600.16384, Zeitstempel: 0x52157fc7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0018a5e0 ID des fehlerhaften Prozesses: 0x6c0 Startzeit der fehlerhaften Anwendung: 0xDolphin.exe0 Pfad der fehlerhaften Anwendung: Dolphin.exe1 Pfad des fehlerhaften Moduls: Dolphin.exe2 Berichtskennung: Dolphin.exe3 Vollständiger Name des fehlerhaften Pakets: Dolphin.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Dolphin.exe5 Error: (03/21/2014 11:29:38 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (03/21/2014 10:34:38 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: Dolphin.exe, Version:, Zeitstempel: 0x52990370 Name des fehlerhaften Moduls: Dolphin.exe, Version:, Zeitstempel: 0x52990370 Ausnahmecode: 0xc0000005 Fehleroffset: 0x004d74ab ID des fehlerhaften Prozesses: 0x127c Startzeit der fehlerhaften Anwendung: 0xDolphin.exe0 Pfad der fehlerhaften Anwendung: Dolphin.exe1 Pfad des fehlerhaften Moduls: Dolphin.exe2 Berichtskennung: Dolphin.exe3 Vollständiger Name des fehlerhaften Pakets: Dolphin.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Dolphin.exe5 System errors: ============= Error: (03/25/2014 11:42:11 PM) (Source: DCOM) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (03/24/2014 07:22:17 PM) (Source: DCOM) (User: Ein-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (03/24/2014 07:21:41 PM) (Source: DCOM) (User: Ein-PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (03/24/2014 05:03:50 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%577 Error: (03/24/2014 05:03:49 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%577 Error: (03/24/2014 04:37:48 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%577 Error: (03/24/2014 04:37:47 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%577 Error: (03/24/2014 04:36:56 PM) (Source: DCOM) (User: Ein-PC) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (03/24/2014 04:36:56 PM) (Source: DCOM) (User: Ein-PC) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (03/24/2014 03:16:42 PM) (Source: DCOM) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Microsoft Office Sessions: ========================= Error: (03/24/2014 08:35:48 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (03/24/2014 05:04:39 PM) (Source: Windows Search Service)(User: ) Description: 300x80040d07iehistory://{S-1-5-21-1777003106-357198834-614928924-1002}/ Error: (03/24/2014 05:04:28 PM) (Source: Windows Search Service)(User: ) Description: 300x80040d07iehistory://{S-1-5-21-1777003106-357198834-614928924-1002}/ Error: (03/24/2014 05:03:03 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (03/24/2014 05:00:33 PM) (Source: Windows Search Service)(User: ) Description: 300x80040d07iehistory://{S-1-5-21-1777003106-357198834-614928924-1002}/ Error: (03/24/2014 05:00:03 PM) (Source: Windows Search Service)(User: ) Description: 300x80040d07iehistory://{S-1-5-21-1777003106-357198834-614928924-1002}/ Error: (03/24/2014 04:36:56 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (03/23/2014 07:51:56 PM) (Source: Application Error)(User: ) Description: Dolphin.exe0.0.0.052990370wpdshext.dll_unloaded6.3.9600.1638452157fc7c00000050018a5e06c001cf46b680c2405dC:\Users\Eddy\Desktop\Emulatoren\GameCube\Dolphin x86\Dolphin.exewpdshext.dll3493c98f-b2bc-11e3-bf04-08606e8a560b Error: (03/21/2014 11:29:38 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (03/21/2014 10:34:38 PM) (Source: Application Error)(User: ) Description: Dolphin.exe0.0.0.052990370Dolphin.exe0.0.0.052990370c0000005004d74ab127c01cf454d51d9a2f4C:\Users\Eddy\Desktop\Emulatoren\GameCube\Dolphin x86\Dolphin.exeC:\Users\Eddy\Desktop\Emulatoren\GameCube\Dolphin x86\Dolphin.exe9a5eba21-b140-11e3-bf04-84a6c8b8839a CodeIntegrity Errors: =================================== Date: 2014-03-24 17:03:50.421 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-24 17:03:49.671 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-24 16:37:48.460 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-24 16:37:47.304 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-19 14:43:54.393 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-19 14:43:53.877 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-19 13:10:09.577 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-19 13:10:09.093 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-19 13:05:51.187 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-19 13:05:50.781 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 29% Total physical RAM: 8069.52 MB Available physical RAM: 5718.3 MB Total Pagefile: 16261.52 MB Available Pagefile: 13711.82 MB Total Virtual: 131072 MB Available Virtual: 131071.77 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:372.26 GB) (Free:306.11 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (Data) (Fixed) (Total:537.89 GB) (Free:492.99 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 4AD209D2) Partition: GPT Partition Type. ==================== End Of Log ============================ Gruß Clavat93 |
Spybot - Search and Destroy läßt sich nicht vollständig entfernen

Hast Du den Proxy in Firefox gesetzt?

Revo Uninstaller - Download - Filepony

versuch mal Spybot damit zu entfernen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Spybot - Search and Destroy läßt sich nicht vollständig entfernen

Hallo,

die Proxy habe ich nicht gesetzt, es müssten die Standard-Einstellungen sein, denn da habe ich seit der Formatierung nichts geändert, nur einige andere Einstellungen wie Startseite, Suche bei Eingabe, etc.

Mit dem Revu Uninstaller kann ich den Ordner bzw. die Dateien nicht finden. Gibt es da eine Suchoption oder sowas in der Art, ich finde nämlich auf den ersten Blick jetzt auch keine.

Gruß
Clavat
Spybot - Search and Destroy läßt sich nicht vollständig entfernen

Bevor wir suchen gehen:

Spybot schon mal neu installiert und dann deinstalliert?
__________________ --> Spybot - Search and Destroy läßt sich nicht vollständig entfernen |
Spybot - Search and Destroy läßt sich nicht vollständig entfernen

Ja, wie bereits im ersten Schreiben beschrieben, habe ich Spybot installiert gehabt und danach wieder deinstalliert, weil es irgendwie nicht richtig funktioniert hat. Durch das Suchfeld im Arbeitsplatz/Computer lassen sich aber immernoch Restdateien finden die sich nicht löschen lassen, bzw. sich nach dem löschen wieder herstellen.

Wenn du jetzt meinst, ob ich es nochmal ein 2. Mal versucht habe zu installieren und wieder zu deinstallieren, dann habe ich das noch nicht getan, kann das aber gerne versuchen und mit Revo wieder deinstallieren.

Liebe Grüße,
Clavat
Spybot - Search and Destroy läßt sich nicht vollständig entfernen

Das meinte ich, nochmal installieren, dann revo
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Spybot - Search and Destroy läßt sich nicht vollständig entfernen

Hallo schrauber,

entschuldige bitte dass ich solange nicht geantwortet habe. Ich bedanke mich an dieser Stelle auch herzlichst für deine Bemühungen, aber das Problem ist jetzt behoben, da ich den Laptop neu formatieren durfte. Mein kleiner Bruder wollte lustig sein und mir einen Streich spielen und mir hat irgendeinen Mist draufgeladen hat während ich nicht anwesend war, weswegen sich der Laptop immer nach einigen Minuten nach dem Start aufgehangen hat.

Liebe Grüße
Clavat
Spybot - Search and Destroy läßt sich nicht vollständig entfernen

das is naürlich nit so nett
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
