| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahrenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.07.2014, 01:31
| #1 |
 |  Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren Hallo liebe trojaner-board-community, Ich habe seit etwa 2-3 Wochen, vielleicht auch schon etwas länger, zunehmende probleme mit meinem laptop. Hier einmal die Symptome in der Übersicht: 1. Häufigstes Problem ist das, meistens zeitweise, einfrieren, am allermeisten bei der Benutzung von mozilla firefox, aber auch schon anderweitig, beispielsweise auch schon bei der Passworteingabe. Anfangs hatte ich den Eindruck dass der PC mit vielen Dingen auf einmal überfordert ist, aber das ganze gab es auch schon wenn nur eine Seite offen war, zum Beispiel Youtube. Dabei friert das ganze für etwa 1-5 Minuten ein, während oben "Keine Rückmeldung" steht und sich der Kreis am Mauszeiger dreht. 2. Gelegentlich gibt es ein Stocken beim Abspielen von Videos, in erster Linie auf Youtube, bei dem der Ton stark verzerrt wurde oder ein fürchterliches Dröhnen losbrach. Manchmal nur wenige Sekunden, manchmal so lange dass ich den Hauptschalter drücken musste, weil es nicht mehr auszuhalten war. Einmal gab es dieses Problem sogar beim Musik abspielen via Mediaplayer. 3. Es gab auch schon Fälle beim Abspielen eines Videos auf youtube, dass der PC wie bei Punkt 1 beschrieben einfror, aber der Ton, mit Standbild noch eine ganze Weile weiterlief. 4. Ein paar mal, und das machte mir die größten Sorgen, stürzte der laptop sogar komplett ab. Beim Hochfahren kam dann der abgesicherte Modus zumeist. heute Abend bekam ich einen Bluescreen, an die genau meldung kann ich mich nicht erinnern. ich hätte es wohl besser notiert. 5. Auch heute morgen hätte ich den genauen Wortlaut der Fehlermeldung mir merken sollen. Ich fuhr den laptop hoch, aber der desktop war komplett schwarz, nur der Papierkorb war zu sehen und er sagte mir soetwas wie, ich meine "Die Systemdatei konnte nicht gefunden werden". habe dann in Panik heruntergefahren, kurz gewartet, und ihn gestartet. Dann War alles normal und lief. 6. Ausserdem lässt er sich manchmal nicht herunterfahren, die Schaltfläche reagiert einfach nicht, auch strg alt entf zeigt keine Wirkung. In anderen Fällen sagt er mir beim herunterfahren dass noch Hintergrundprogramme geschlossen werden müssen, aber bei der Anzeige welche das sind steht manchmal kein Symbol, da auch eigentlich nichts mehr offen ist.  So viel zu meinen Problemen. Noch ein paar Hintergrund . Ich habe natürlich gleich mal die erste goldene regel dieses Forums gebrochen, gegooglet und auf eigene Faust Scans gemacht und Programme geladen, die da Wären OTL, adwcleaner und heute Malwarebytes Anti-Malware. Der Scan des letzteren wurde eben erst beendet und konnte keine infizierten Objekte entdecken. Ansonsten wüsste ich nicht mehr was es noch groß hinzuzufügen gäbe. habe mir vor einer Weile Steam gemacht und ein Spiel installiert, vielleicht ist es in der Zeit ein wenig schlimmer geworden, aber ich denke das kann alle möglichen Gründe haben und muss nicht damit zusammenhängen. Ansonsten bleibt mir nur noch zu sagen, danke schonmal allen die mir in meiner Not helfen, und auf dass wir eine andere Lösung finden werden als diese hier:  Achso, bevor ichs vergesse, noch die Logs meiner Durchläufe OLT Code:
ATTFilter OTL logfile created on: 14.07.2014 14:17:10 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sia\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17207) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 56,23% Memory free 7,71 Gb Paging File | 5,83 Gb Available in Paging File | 75,65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 680,54 Gb Total Space | 595,74 Gb Free Space | 87,54% Space Free | Partition Type: NTFS Computer Name: ZEBRA | User Name: sia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014.07.14 14:03:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sia\Desktop\OTL.exe PRC - [2014.06.06 16:04:37 | 005,037,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe PRC - [2014.05.12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe PRC - [2014.05.12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe PRC - [2014.05.12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe PRC - [2013.12.18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.06.26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2013.06.26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2011.08.26 15:14:40 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe PRC - [2011.08.24 19:03:44 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe PRC - [2011.08.24 19:03:42 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe PRC - [2011.07.01 04:51:13 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2011.07.01 04:51:12 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2011.07.01 04:51:11 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2011.07.01 04:51:10 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2011.05.30 04:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe PRC - [2011.05.20 19:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2011.05.12 07:04:12 | 000,723,560 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe PRC - [2011.04.24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe PRC - [2011.04.24 03:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe PRC - [2011.02.01 23:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2011.02.01 23:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.12.27 10:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe PRC - [2010.11.17 03:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe ========== Modules (No Company Name) ========== MOD - [2011.08.24 19:03:42 | 000,206,216 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll MOD - [2011.08.24 19:03:42 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe MOD - [2011.04.24 03:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll ========== Services (SafeList) ========== SRV:64bit: - [2014.06.19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2011.03.13 20:45:12 | 000,158,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp) SRV:64bit: - [2011.03.13 20:37:22 | 000,208,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV:64bit: - [2011.03.13 20:37:06 | 000,197,960 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV:64bit: - [2011.01.28 03:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV:64bit: - [2011.01.28 03:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy) SRV:64bit: - [2011.01.28 03:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv) SRV:64bit: - [2011.01.28 03:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc) SRV:64bit: - [2011.01.28 03:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV:64bit: - [2011.01.28 03:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV:64bit: - [2011.01.28 03:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV:64bit: - [2011.01.28 03:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service) SRV:64bit: - [2010.12.17 01:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg) SRV - [2014.07.10 20:21:02 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2014.07.09 03:14:28 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014.06.18 15:16:05 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014.06.06 16:04:37 | 005,037,888 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9) SRV - [2014.05.12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe -- (MBAMService) SRV - [2014.05.12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe -- (MBAMScheduler) SRV - [2014.04.09 15:13:48 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService) SRV - [2013.12.18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013.06.26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2013.06.26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service) SRV - [2012.01.29 15:21:25 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011.07.01 04:51:11 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2011.06.21 21:55:04 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service) SRV - [2011.05.30 04:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2011.05.20 19:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011.05.02 15:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2011.05.02 15:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2011.05.02 15:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2011.04.24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2011.03.29 06:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2011.03.28 10:41:00 | 000,799,848 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc) SRV - [2011.03.18 01:39:40 | 000,501,768 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\mcafee\virusscan\mcods.exe -- (McODS) SRV - [2011.03.09 02:00:50 | 000,224,704 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Programme\mcafee\msc\McAWFwk.exe -- (McAWFwk) SRV - [2011.02.01 23:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2011.02.01 23:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.12.27 10:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2010.11.29 16:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.06.02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2014.07.14 14:16:02 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV:64bit: - [2014.05.12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl) DRV:64bit: - [2014.05.12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2013.06.26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2013.06.26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2013.06.26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2013.06.26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.09.23 06:59:02 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2011.09.23 06:59:02 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2011.09.23 06:59:02 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2011.09.20 12:02:55 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2011.09.20 12:02:55 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2011.07.14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.07.14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.06.24 05:22:04 | 001,591,936 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2011.06.21 16:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2011.06.21 16:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2011.06.10 20:16:08 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011.05.20 18:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011.05.01 08:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:64bit: - [2011.04.05 13:26:26 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2011.03.13 20:20:10 | 000,639,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk) DRV:64bit: - [2011.03.13 20:20:10 | 000,481,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek) DRV:64bit: - [2011.03.13 20:20:10 | 000,281,928 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk) DRV:64bit: - [2011.03.13 20:20:10 | 000,227,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk) DRV:64bit: - [2011.03.13 20:20:10 | 000,156,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk) DRV:64bit: - [2011.03.13 20:20:10 | 000,098,728 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet) DRV:64bit: - [2011.03.13 20:20:10 | 000,075,672 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk) DRV:64bit: - [2011.03.13 20:20:10 | 000,065,128 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids) DRV:64bit: - [2011.02.21 09:30:54 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2011.02.10 08:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2011.02.10 08:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2011.01.12 10:10:44 | 000,333,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2010.11.29 16:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.11.08 06:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.10.15 10:28:17 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010.05.11 12:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {DD79BB6E-07E6-4A38-9710-43E448D7FF66} IE - HKCU\..\SearchScopes\{DD79BB6E-07E6-4A38-9710-43E448D7FF66}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.order.1: "Sichere Suche" FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.7.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE662&p=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2014.06.13 23:54:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8}: C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014.04.04 12:36:14 | 000,010,691 | ---- | M] () [2012.05.25 07:37:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sia\AppData\Roaming\mozilla\Extensions [2014.06.05 14:22:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sia\AppData\Roaming\mozilla\Firefox\Profiles\akem2bnl.default\extensions [2014.06.05 14:22:26 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\sia\AppData\Roaming\mozilla\firefox\profiles\akem2bnl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014.07.09 13:28:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014.06.18 15:16:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014.06.18 03:00:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\browser\extensions [2014.06.18 03:00:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014.06.13 23:54:52 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20120525074010.dll (McAfee, Inc.) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120525074011.dll (McAfee, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59A7FAA5-FB99-44E2-A17F-BBFF2202F954}: DhcpNameServer = 192.168.1.250 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3AA01FD-A35C-47C5-A9EE-C32710273C5D}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014.07.14 14:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2014.07.14 14:03:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\sia\Desktop\OTL.exe [2014.07.09 03:34:20 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014.07.09 03:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware [2014.07.09 03:33:39 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2014.07.09 03:33:39 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys [2014.07.09 03:33:39 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2014.07.09 03:33:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware [2014.07.09 03:33:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2014.07.08 13:36:50 | 000,000,000 | ---D | C] -- C:\Users\sia\Documents\My Games [2014.07.08 13:23:18 | 000,000,000 | ---D | C] -- C:\Users\sia\Desktop\NMM [2014.07.08 13:21:15 | 000,000,000 | ---D | C] -- C:\Users\sia\Documents\Nexus Mod Manager [2014.07.08 13:13:00 | 000,000,000 | ---D | C] -- C:\Users\sia\AppData\Local\Black_Tree_Gaming [2014.07.08 13:12:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager [2014.07.08 13:12:40 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager [2014.07.08 13:11:51 | 000,000,000 | ---D | C] -- C:\Users\sia\AppData\Local\Programs [2014.07.07 23:59:33 | 000,000,000 | ---D | C] -- C:\Users\sia\AppData\Local\Skyrim [2014.07.07 17:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2014.07.07 17:35:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2014.07.07 17:35:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2014.07.07 16:47:07 | 000,000,000 | ---D | C] -- C:\Users\sia\Desktop\Modifikationen [2014.07.05 00:27:23 | 000,000,000 | ---D | C] -- C:\Users\sia\AppData\Local\Adobe [2014.07.04 16:57:21 | 000,000,000 | ---D | C] -- C:\Users\sia\AppData\Roaming\NVIDIA [2014.07.04 16:57:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z [2014.07.03 20:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2014.07.03 20:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2014.07.03 13:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan ========== Files - Modified Within 30 Days ========== [2014.07.14 14:21:26 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014.07.14 14:21:26 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014.07.14 14:20:06 | 001,622,236 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014.07.14 14:20:06 | 000,700,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2014.07.14 14:20:06 | 000,654,932 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014.07.14 14:20:06 | 000,149,984 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2014.07.14 14:20:06 | 000,122,546 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014.07.14 14:16:02 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014.07.14 14:13:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014.07.14 14:13:00 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys [2014.07.14 14:03:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sia\Desktop\OTL.exe [2014.07.14 13:32:59 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014.07.14 01:57:39 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk [2014.07.09 21:54:15 | 000,291,800 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014.07.09 03:33:46 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2014.07.08 13:21:13 | 000,001,123 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk [2014.07.07 17:35:35 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2014.07.07 17:26:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2014.07.04 16:57:11 | 000,000,967 | ---- | M] () -- C:\Users\sia\Desktop\TechPowerUp GPU-Z.lnk [2014.07.03 20:22:36 | 000,001,935 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2014.07.03 20:22:36 | 000,001,935 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014.06.26 11:14:47 | 000,011,744 | ---- | M] () -- C:\Users\sia\Bremen Süd KW 26 14 julien-1.pdf [2014.06.26 11:12:31 | 000,090,999 | ---- | M] () -- C:\Users\sia\Bremen Süd KW 26 14 julien.pdf [2014.06.16 22:27:13 | 002,289,087 | ---- | M] () -- C:\Users\sia\an_herr_roll.rtf [2014.06.16 22:27:05 | 000,250,641 | ---- | M] () -- C:\Users\sia\an_herr_roll.pdf ========== Files Created - No Company Name ========== [2014.07.09 03:33:46 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2014.07.08 13:21:13 | 000,001,123 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk [2014.07.07 17:35:35 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2014.07.07 17:26:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2014.07.04 16:57:11 | 000,000,967 | ---- | C] () -- C:\Users\sia\Desktop\TechPowerUp GPU-Z.lnk [2014.07.03 13:23:28 | 000,001,935 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2014.07.03 13:23:28 | 000,001,935 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014.06.26 11:14:47 | 000,011,744 | ---- | C] () -- C:\Users\sia\Bremen Süd KW 26 14 julien-1.pdf [2014.06.26 11:12:29 | 000,090,999 | ---- | C] () -- C:\Users\sia\Bremen Süd KW 26 14 julien.pdf [2014.06.16 22:27:04 | 000,250,641 | ---- | C] () -- C:\Users\sia\an_herr_roll.pdf [2014.06.16 22:23:22 | 002,289,087 | ---- | C] () -- C:\Users\sia\an_herr_roll.rtf [2014.06.06 11:59:51 | 000,035,654 | ---- | C] () -- C:\Users\sia\Bremen Süd KW 23 14 julien.pdf [2014.04.24 01:17:45 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\qttask.exe [2014.03.31 22:09:40 | 000,038,829 | ---- | C] () -- C:\Users\sia\Bremen Süd KW 13 14 plan julien.pdf [2012.08.06 10:08:15 | 001,596,516 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.11.13 10:49:46 | 000,000,000 | ---D | M] -- C:\Users\sia\AppData\Roaming\Canon [2013.05.13 07:43:01 | 000,000,000 | ---D | M] -- C:\Users\sia\AppData\Roaming\FileZilla [2014.04.29 01:14:52 | 000,000,000 | ---D | M] -- C:\Users\sia\AppData\Roaming\FloodLightGames [2012.11.13 10:54:13 | 000,000,000 | ---D | M] -- C:\Users\sia\AppData\Roaming\PowerCinema [2014.04.28 00:32:47 | 000,000,000 | ---D | M] -- C:\Users\sia\AppData\Roaming\runic games [2012.05.23 15:10:51 | 000,000,000 | ---D | M] -- C:\Users\sia\AppData\Roaming\Screensaver [2014.07.14 04:34:19 | 000,000,000 | ---D | M] -- C:\Users\sia\AppData\Roaming\SoftGrid Client [2013.01.17 20:55:30 | 000,000,000 | ---D | M] -- C:\Users\sia\AppData\Roaming\SuperMailer [2012.08.06 10:09:05 | 000,000,000 | ---D | M] -- C:\Users\sia\AppData\Roaming\TP [2014.05.15 02:56:48 | 000,000,000 | ---D | M] -- C:\Users\sia\AppData\Roaming\Windows Live Writer ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 14.07.2014 14:17:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 56,23% Memory free
7,71 Gb Paging File | 5,83 Gb Available in Paging File | 75,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 680,54 Gb Total Space | 595,74 Gb Free Space | 87,54% Space Free | Partition Type: NTFS
Computer Name: ZEBRA | User Name: sia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{034364E0-274D-4FF5-98FF-DC4957775444}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2D5301B3-1BC1-4D4F-B5A8-E7DC3BDFD263}" = lport=2869 | protocol=6 | dir=in | app=system |
"{33C633ED-62D0-4AA1-B910-A018656F6E26}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{47413231-0E79-4AB2-ADC2-B449C5D955F0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4F0CD995-EA96-4765-B9AD-BE29B423BC27}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{66B65548-0F59-4F50-BB08-6FAA34F86D45}" = rport=10243 | protocol=6 | dir=out | app=system |
"{718F1D93-BEB0-426C-B61D-B72D376783DB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7234A753-C20A-4B39-9F5D-3DADA83E9947}" = lport=445 | protocol=6 | dir=in | app=system |
"{754E3CF1-FEFC-4BA4-84A6-B3599832F6BE}" = rport=445 | protocol=6 | dir=out | app=system |
"{7B67FA24-7270-4DA8-B956-949CDCDB785B}" = rport=139 | protocol=6 | dir=out | app=system |
"{82D72F9C-BB17-4BA7-92BB-20B3AC7CF74D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{88792837-6135-452A-9567-A851EA201D06}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8EB44175-BFB9-46BA-AEFC-70B85ED19B50}" = rport=137 | protocol=17 | dir=out | app=system |
"{A02CA634-80D0-4903-BF04-E3B4EAEFB224}" = lport=138 | protocol=17 | dir=in | app=system |
"{ADDA1579-1D6F-4DD7-A71B-967A8CC1E6BE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BCDEDC6A-A99A-4DB5-AB89-285DB1954DEB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4695678-F12C-43AD-B5A8-1A388A63C89D}" = lport=137 | protocol=17 | dir=in | app=system |
"{C6545053-A7D1-49F8-BACC-D3AA4165630B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C93254B2-8934-43A2-9170-C63A4B804FAE}" = rport=138 | protocol=17 | dir=out | app=system |
"{CC933B99-861D-4127-890A-CEEE7A53BCC6}" = lport=139 | protocol=6 | dir=in | app=system |
"{DB885C25-C125-4DA2-85FA-273C99CB72D4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F56C56E2-BE09-43B9-B32F-1AF373306D44}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF937AE4-E094-4D54-A78A-75CDF0CF3113}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D43DD46-211D-46B4-B920-470F66BDC448}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{0EE7CFBD-98AA-4546-A85E-EB91461C7AA2}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe |
"{1916BD14-563C-4259-8BA6-5911B8A4F78E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{279B17EE-B060-47FA-9260-C9A9FAB607BB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A859BCC-89C2-4B79-9531-DBF09A6B995B}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe |
"{30228A40-9582-4FE6-8C03-1B7E9D891222}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{3A0A7D28-87E6-416F-B2E6-CDE131C04CF7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3B7F64C5-E94B-470D-8E6C-DEC638A419CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41A8C4DB-284F-45FA-B384-06C4380F1C1B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{48989199-0AB2-414C-A761-C00F72438F9F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{48C214DA-91E9-472D-B779-B3A36AE13819}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{4D7225A8-7513-4B9B-8CAE-DFA0CDECFF68}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E541B93-17DB-4323-9E28-B848D1F03147}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5A8476E7-B35C-4D60-B62F-8107D47118D7}" = dir=in | app=c:\program files (x86)\acer\clear.fi\movie\touchmovie.exe |
"{5C2168B5-DA30-4B54-8FB7-226F92752191}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{5D85770B-1E9A-4BEF-8754-043CE8C559B2}" = protocol=6 | dir=out | app=system |
"{5D9731DF-7272-43F4-8CA0-FD0CE8F0EB2B}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{5F7D686C-EF91-488A-AA51-59D140D1EBDF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{71FB0AC3-5BDE-4D71-9EB6-F204B789BFC3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{72DDCAFB-0BAD-4893-916A-E7004FC705E3}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\clml\clmlsvc.exe |
"{79480B81-D080-4029-A888-DE2B3E8C68FE}" = dir=in | app=c:\program files (x86)\acer\clear.fi\movie\touchmovieservice.exe |
"{79D1184F-5844-4E7E-B4D5-57274C602F12}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{7C986A5B-5F2B-40C0-B2EB-5B725AB610C7}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe |
"{7EFE938F-852B-49DE-8439-EE0B5DDEF259}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{868234E1-1F76-4028-9124-8B07845AA017}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8D291157-78B7-4337-A6DF-177CF818BEB9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{90F2127D-4242-4468-B779-9045D52BDC5B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{97438B38-09AB-4963-8A37-8D630AF08DAD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9C2EA398-1033-45DF-8582-8A9C4C155475}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9D86C4CD-151F-44B4-937F-0973D56ADAD5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{ACAAD064-C404-4952-A8D2-21AE657F8FB9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{B87B3240-3121-4918-9479-9352A04A5E1E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{C4A78E6B-590B-40EA-853C-82FFE574D2F0}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{C5C27DA8-85C7-45D4-B0B1-113FE5098D63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C884A479-B033-4A38-95D4-DF7552E5244F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CA2B79D4-BE15-4439-8B90-B38E4B1C2654}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DE3105B3-A395-4856-ABEB-61C89502131C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DF89B5F4-7849-4DE9-88FE-A17C61376AB4}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{EB886576-69A9-43D6-9688-927019190AFF}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"{EC1504CD-4385-440C-8E3E-7478E27AA944}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EDFE4B79-12A9-49B2-8F7F-085DE3357969}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{F52FD2C9-C6B5-4C79-8EC4-C43E55BDB98F}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F9E69F15-254C-4746-BC10-5580C50D986F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FA305990-FFA4-4DC1-A501-8081EA6CE0DA}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi-Software
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Elantech" = ETDWare PS/2-X64 8.0.6.3_WHQL
"McAfee Security Scan" = McAfee Security Scan Plus
"Newsletter Software SuperMailer (x64)_is1" = SuperMailer 6.10
"ProInst" = Intel PROSet Wireless
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A629E86-7F8F-4477-8297-5BF422522838}" = LEGO Racers 2002
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0F022A2E-7022-497D-90A5-0F46746D8275}" = Macromedia Extension Manager
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}" = clear.fi
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43AAE145-83CF-4C96-9A5E-756CEFCE879F}" = clear.fi Client
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{44025BD7-AD10-4769-99AE-6378FD0303D6}" = Macromedia Dreamweaver 8
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso
"{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{781A93CD-1608-427D-B7F0-D05C07795B25}" = Intel(R) WiDi
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{820D0BA3-ACD7-4FB9-A3A7-0ADF0C66A4BE}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{885A63EA-382B-4DD4-A755-14809B8557D6}" = Macromedia Flash Player 8
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.10) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = clear.fi
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}" = WinZip 18.0
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D3E5A972-9A15-427D-AE78-8181A5FD943C}" = eBay Worldwide
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F53A49E6-9FB1-4A5A-B1D9-82BA116196B7}" = Acer USB Charge Manager
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"DPP" = Canon Utilities Digital Photo Professional 3.10
"EOS Sample Music" = Canon Utilities EOS Sample Music
"EOS Utility" = Canon Utilities EOS Utility
"EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
"FileZilla Client" = FileZilla Client 3.6.0.2
"Identity Card" = Identity Card
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.0.2.1012
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 30.0 (x86 de)" = Mozilla Firefox 30.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Internet Security Suite
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"ProInst" = Intel PROSet Wireless
"QuickTime" = QuickTime
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TeamViewer 9" = TeamViewer 9
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"WildTangent acer Master Uninstall" = Acer Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 5.01 (32-Bit)
"WTA-008ffdec-cc07-4442-a6a9-9dd690ef9e57" = Crazy Chicken Kart 2
"WTA-06264ba2-2b41-4946-b2ac-d61455ee0a7d" = Mystery of Mortlake Mansion
"WTA-5d1a7a58-3b69-466f-8a3e-e0d80f159b3d" = Jewel Match 3
"WTA-7208c175-cf5b-4a2e-8186-50ef9964d1ed" = Insaniquarium Deluxe
"WTA-7ea1718c-5b3c-48f6-a6f1-551c826a00fc" = Penguins!
"WTA-8000ce5c-e4fc-463a-ad04-0a497aa2046b" = Torchlight
"WTA-8ec79668-f928-43e8-9285-6dd2f7b269e0" = Final Drive: Nitro
"WTA-90f0e8f8-fbf7-45a7-92d9-7a3442c22334" = Plants vs. Zombies - Game of the Year
"WTA-98118299-c010-47c0-83a9-90810cb61d66" = John Deere Drive Green
"WTA-98f2747a-b9c4-4549-9afa-c67a33dd5c05" = Jewel Quest Solitaire
"WTA-a5d83723-bf81-4371-9827-8c91cfded41c" = FATE
"WTA-a7c59fc4-b0b4-4c9a-a66b-03ccd7ef909f" = Bejeweled 2 Deluxe
"WTA-ba895502-6ebf-491b-821f-69a677d00c88" = Zuma Deluxe
"WTA-bcc12c6e-3052-4870-bbac-f03640330557" = Chuzzle Deluxe
"WTA-c8323569-4884-4a04-b983-9b62b6028fe5" = Slingo Deluxe
"WTA-e2306e7f-2516-4d72-93dc-841d26ba65b9" = Virtual Villagers 4 - The Tree of Life
"WTA-fe8e33cf-31b7-415d-97b0-dcfd3f6680f4" = Wedding Dash
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.06.2014 07:12:47 | Computer Name = zebra | Source = WinMgmt | ID = 10
Description =
Error - 19.06.2014 09:42:58 | Computer Name = zebra | Source = WinMgmt | ID = 10
Description =
Error - 19.06.2014 10:01:33 | Computer Name = zebra | Source = WinMgmt | ID = 10
Description =
Error - 19.06.2014 14:58:59 | Computer Name = zebra | Source = WinMgmt | ID = 10
Description =
Error - 19.06.2014 17:57:57 | Computer Name = zebra | Source = WinMgmt | ID = 10
Description =
Error - 20.06.2014 08:19:15 | Computer Name = zebra | Source = WinMgmt | ID = 10
Description =
Error - 20.06.2014 09:58:28 | Computer Name = zebra | Source = WinMgmt | ID = 10
Description =
Error - 20.06.2014 12:51:58 | Computer Name = zebra | Source = WinMgmt | ID = 10
Description =
Error - 20.06.2014 14:57:54 | Computer Name = zebra | Source = WinMgmt | ID = 10
Description =
Error - 21.06.2014 08:45:34 | Computer Name = zebra | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 13.07.2014 19:56:02 | Computer Name = zebra | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?13.?07.?2014 um 23:15:53 unerwartet heruntergefahren.
Error - 13.07.2014 19:57:18 | Computer Name = zebra | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst McAfee SiteAdvisor Service erreicht.
Error - 13.07.2014 20:23:11 | Computer Name = zebra | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows-Fehlerberichterstattungsdienst erreicht.
Error - 13.07.2014 20:24:15 | Computer Name = zebra | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 14.07.2014 07:32:57 | Computer Name = zebra | Source = DCOM | ID = 10010
Description =
Error - 14.07.2014 07:32:57 | Computer Name = zebra | Source = DCOM | ID = 10010
Description =
Error - 14.07.2014 07:33:02 | Computer Name = zebra | Source = DCOM | ID = 10010
Description =
Error - 14.07.2014 07:33:30 | Computer Name = zebra | Source = DCOM | ID = 10010
Description =
Error - 14.07.2014 07:34:27 | Computer Name = zebra | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 14.07.2014 08:13:04 | Computer Name = zebra | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?07.?2014 um 14:04:12 unerwartet heruntergefahren.
< End of report >
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 15.07.2014 Suchlauf-Zeit: 01:21:28 Logdatei: mwb.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.14.12 Rootkit Datenbank: v2014.07.14.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: sia Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 297375 Verstrichene Zeit: 10 Min, 22 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) |
|
15.07.2014, 06:22
| #2 |
| /// the machine /// TB-Ausbilder    |  Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
15.07.2014, 17:44
| #3 |
| | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren hi,
__________________vielen Dank erstmal und bitte=) FSRT FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014 01 Ran by sia (administrator) on ZEBRA on 15-07-2014 18:00:43 Running from C:\Users\sia\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dolby Laboratories Inc.) C:\DOLBY PCEE4\pcee4.exe (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.) HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [499304 2011-03-28] (Acer Incorporated) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation) HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1658440 2011-03-13] (McAfee, Inc.) HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-22] (Egis Technology Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.) HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-2962658076-3842029121-131464362-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-06-30] (Valve Corporation) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-02-21] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-02-21] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {DD79BB6E-07E6-4A38-9710-43E448D7FF66} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms} SearchScopes: HKCU - {DD79BB6E-07E6-4A38-9710-43E448D7FF66} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms} BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120525074010.dll (McAfee, Inc.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120525074011.dll (McAfee, Inc.) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\sia\AppData\Roaming\Mozilla\Firefox\Profiles\akem2bnl.default FF SearchEngineOrder.1: Sichere Suche FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE662&p= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\progra~2\mcafee\msc\npmcsn~1.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\sia\AppData\Roaming\Mozilla\Firefox\Profiles\akem2bnl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-26] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-09-23] FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] ==================== Services (Whitelisted) ================= R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [799848 2011-03-28] (Acer Incorporated) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-27] (Realsil Microelectronics Inc.) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-09] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.) R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.) R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [501768 2011-03-18] (McAfee, Inc.) S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.) R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [197960 2011-03-13] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [208272 2011-03-13] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [158832 2011-03-13] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-28] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] () R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation) R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated) ==================== Drivers (Whitelisted) ==================== R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [65128 2011-03-13] (McAfee, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-15] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [156792 2011-03-13] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [227856 2011-03-13] (McAfee, Inc.) U3 mfeavfk01; No ImagePath R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [481376 2011-03-13] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [639216 2011-03-13] (McAfee, Inc.) R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75672 2011-03-13] (McAfee, Inc.) S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [98728 2011-03-13] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [281928 2011-03-13] (McAfee, Inc.) S3 GPU-Z; \??\C:\Users\sia\AppData\Local\Temp\GPU-Z.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-15 18:00 - 2014-07-15 18:01 - 00018084 _____ () C:\Users\sia\Downloads\FRST.txt 2014-07-15 18:00 - 2014-07-15 18:00 - 00000000 ____D () C:\FRST 2014-07-15 17:59 - 2014-07-15 17:59 - 02086912 _____ (Farbar) C:\Users\sia\Downloads\FRST64.exe 2014-07-15 17:16 - 2014-07-15 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-07-15 02:30 - 2014-07-15 02:30 - 00001154 _____ () C:\Users\sia\Desktop\mwb.txt 2014-07-15 02:04 - 2014-07-15 02:24 - 00003084 _____ () C:\Users\sia\Desktop\problem.txt 2014-07-14 14:30 - 2014-07-14 14:30 - 00106298 _____ () C:\Users\sia\Desktop\Extras.Txt 2014-07-14 14:29 - 2014-07-14 14:32 - 00091926 _____ () C:\Users\sia\Desktop\OTL.Txt 2014-07-14 14:03 - 2014-07-14 14:03 - 00602112 _____ (OldTimer Tools) C:\Users\sia\Desktop\OTL.exe 2014-07-12 01:59 - 2014-07-12 01:59 - 05071065 _____ () C:\Users\Public\RealisticNeedsandDiseases-26228-1-9-10.7z 2014-07-09 18:28 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 18:28 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 18:28 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 18:28 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 18:28 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-09 18:28 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-09 18:27 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 18:27 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 18:27 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 18:27 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 18:27 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 18:27 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 18:27 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 18:27 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 18:27 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 18:27 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 18:27 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 18:27 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 18:27 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 18:27 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 18:27 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 18:27 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 18:27 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 18:27 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 18:27 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 18:27 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 18:27 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 18:27 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 18:27 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 18:27 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 18:27 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 18:27 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 18:27 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 18:27 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 18:27 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 18:27 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 18:27 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 18:27 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 18:27 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 18:27 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 18:27 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 18:27 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 18:27 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 18:27 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 18:27 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 18:27 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 18:27 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 18:27 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 18:27 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 18:27 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 18:27 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 18:27 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 18:27 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 18:27 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 18:27 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 18:27 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 18:27 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 18:27 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 18:27 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 18:27 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 18:27 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 18:27 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 18:01 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 18:01 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 18:01 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-09 03:34 - 2014-07-15 17:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-09 03:33 - 2014-07-09 03:33 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-09 03:33 - 2014-07-09 03:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-09 03:33 - 2014-07-09 03:33 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-09 03:33 - 2014-07-09 03:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-09 03:33 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-09 03:33 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-09 03:33 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-09 03:30 - 2014-07-09 03:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\sia\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-08 18:48 - 2014-07-08 18:48 - 00009781 _____ () C:\Users\Public\Duel Combat Realism HARDCORE v7_6_4_2-2700-7-6-4-2.rar 2014-07-08 13:39 - 2014-07-08 13:39 - 05077610 _____ () C:\Users\Public\Realistic Needs and Diseases DE-49060-1-9-10-0.7z 2014-07-08 13:36 - 2014-07-08 13:36 - 00000000 ____D () C:\Users\sia\Documents\My Games 2014-07-08 13:24 - 2014-07-12 01:59 - 00000000 ____D () C:\Users\Public\cache 2014-07-08 13:24 - 2014-07-12 01:58 - 00000000 ____D () C:\Users\Public\categories 2014-07-08 13:24 - 2014-07-08 13:39 - 00000000 ____D () C:\Users\Public\ReadMe 2014-07-08 13:23 - 2014-07-12 02:32 - 00000000 ____D () C:\Users\sia\Desktop\NMM 2014-07-08 13:21 - 2014-07-08 13:21 - 00001123 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk 2014-07-08 13:21 - 2014-07-08 13:21 - 00000000 ____D () C:\Users\sia\Documents\Nexus Mod Manager 2014-07-08 13:21 - 2014-07-08 13:21 - 00000000 ____D () C:\Users\Public\Nexus Mod Manager 2014-07-08 13:13 - 2014-07-08 13:21 - 00000000 ____D () C:\Users\sia\AppData\Local\Black_Tree_Gaming 2014-07-08 13:12 - 2014-07-08 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager 2014-07-08 13:12 - 2014-07-08 13:12 - 00000000 ____D () C:\Program Files\Nexus Mod Manager 2014-07-07 23:59 - 2014-07-12 01:58 - 00000000 ____D () C:\Users\sia\AppData\Local\Skyrim 2014-07-07 23:59 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2014-07-07 23:59 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2014-07-07 23:59 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2014-07-07 23:59 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2014-07-07 23:59 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2014-07-07 23:59 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2014-07-07 23:59 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2014-07-07 23:59 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2014-07-07 23:59 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2014-07-07 23:59 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2014-07-07 23:59 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2014-07-07 23:59 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2014-07-07 23:59 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2014-07-07 23:59 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2014-07-07 23:59 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2014-07-07 23:59 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-07-07 23:59 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2014-07-07 23:59 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-07-07 23:59 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-07-07 23:59 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-07-07 23:59 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-07-07 23:59 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2014-07-07 23:59 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2014-07-07 23:59 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2014-07-07 23:59 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2014-07-07 23:59 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2014-07-07 23:59 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2014-07-07 23:59 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2014-07-07 23:59 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2014-07-07 23:59 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2014-07-07 23:59 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2014-07-07 23:59 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2014-07-07 23:59 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2014-07-07 23:59 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2014-07-07 23:59 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2014-07-07 23:59 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2014-07-07 23:59 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2014-07-07 23:59 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2014-07-07 23:59 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2014-07-07 23:59 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2014-07-07 23:59 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2014-07-07 23:58 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2014-07-07 23:58 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2014-07-07 23:58 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2014-07-07 23:58 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2014-07-07 23:58 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2014-07-07 23:58 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2014-07-07 23:58 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2014-07-07 23:58 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2014-07-07 23:58 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2014-07-07 23:58 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2014-07-07 23:58 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2014-07-07 23:58 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2014-07-07 23:58 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2014-07-07 23:58 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2014-07-07 23:58 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2014-07-07 23:58 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2014-07-07 23:58 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2014-07-07 23:58 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2014-07-07 23:58 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2014-07-07 23:58 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2014-07-07 23:58 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2014-07-07 23:58 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2014-07-07 23:58 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2014-07-07 23:58 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2014-07-07 23:58 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2014-07-07 23:58 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2014-07-07 23:58 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2014-07-07 23:58 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2014-07-07 23:58 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2014-07-07 23:58 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2014-07-07 23:58 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-07-07 23:58 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2014-07-07 23:58 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2014-07-07 23:58 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2014-07-07 23:58 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2014-07-07 23:58 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2014-07-07 23:58 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2014-07-07 23:58 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2014-07-07 23:58 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2014-07-07 23:58 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2014-07-07 23:58 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2014-07-07 23:58 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2014-07-07 23:58 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2014-07-07 23:58 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2014-07-07 23:58 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2014-07-07 23:58 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2014-07-07 23:58 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2014-07-07 23:58 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2014-07-07 23:58 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2014-07-07 23:58 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2014-07-07 23:58 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2014-07-07 23:58 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2014-07-07 23:58 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2014-07-07 23:58 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2014-07-07 23:58 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2014-07-07 23:58 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2014-07-07 23:58 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2014-07-07 23:58 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2014-07-07 23:58 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2014-07-07 23:58 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2014-07-07 23:58 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2014-07-07 23:58 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2014-07-07 23:58 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-07-07 23:58 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2014-07-07 23:58 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2014-07-07 23:58 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2014-07-07 23:58 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-07-07 23:58 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-07-07 23:58 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2014-07-07 23:58 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2014-07-07 23:58 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2014-07-07 23:58 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2014-07-07 23:58 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-07-07 23:58 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2014-07-07 23:58 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2014-07-07 23:58 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2014-07-07 23:58 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2014-07-07 23:58 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2014-07-07 23:58 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-07-07 23:58 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-07-07 23:58 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-07-07 23:58 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2014-07-07 23:58 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-07-07 23:58 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2014-07-07 23:58 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-07-07 23:58 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2014-07-07 23:58 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2014-07-07 23:58 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2014-07-07 23:58 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-07-07 23:58 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2014-07-07 23:58 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-07-07 23:58 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2014-07-07 23:58 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-07-07 23:58 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2014-07-07 17:35 - 2014-07-15 17:16 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-07 17:35 - 2014-07-07 17:35 - 00000921 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-07-07 17:35 - 2014-07-07 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-07-07 17:26 - 2014-07-07 17:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2014-07-07 16:47 - 2014-07-08 13:23 - 00000000 ____D () C:\Users\sia\Desktop\Modifikationen 2014-07-05 00:29 - 2014-07-05 00:29 - 00000502 _____ () C:\Users\sia\Desktop\email.txt 2014-07-05 00:27 - 2014-07-05 00:27 - 00000000 ____D () C:\Users\sia\AppData\Local\Adobe 2014-07-04 16:57 - 2014-07-04 16:57 - 00000967 _____ () C:\Users\sia\Desktop\TechPowerUp GPU-Z.lnk 2014-07-04 16:57 - 2014-07-04 16:57 - 00000000 ____D () C:\Users\sia\AppData\Roaming\NVIDIA 2014-07-04 16:57 - 2014-07-04 16:57 - 00000000 ____D () C:\Program Files (x86)\GPU-Z 2014-07-04 16:55 - 2014-07-04 16:56 - 00961360 _____ (Chip Digital GmbH) C:\Users\sia\Downloads\GPU Z - CHIP-Installer.exe 2014-07-04 00:58 - 2014-07-04 00:58 - 00918952 _____ (Oracle Corporation) C:\Users\sia\Downloads\jxpiinstall.exe 2014-07-03 20:22 - 2014-07-03 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-07-03 20:22 - 2014-07-03 20:22 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-07-03 13:23 - 2014-07-03 20:22 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-06-25 12:52 - 2014-06-25 12:52 - 01058200 _____ (Adobe) C:\Users\sia\Downloads\install_flashplayer14x32au_mssa_aaa_aih.exe 2014-06-22 05:02 - 2014-07-13 14:19 - 00006017 _____ () C:\Users\sia\Desktop\guilds and friends.txt 2014-06-21 00:45 - 2014-06-21 00:45 - 00000000 ____D () C:\Users\sia\Downloads\Jochen 2014-06-21 00:45 - 2014-06-21 00:45 - 00000000 ____D () C:\Users\sia\Downloads\__MACOSX 2014-06-21 00:44 - 2014-06-21 00:44 - 05460621 _____ () C:\Users\sia\Downloads\Jochen.zip 2014-06-16 22:19 - 2014-06-16 22:19 - 00000000 ____D () C:\Users\zebra\rotermundt ==================== One Month Modified Files and Folders ======= 2014-07-15 18:01 - 2014-07-15 18:00 - 00018084 _____ () C:\Users\sia\Downloads\FRST.txt 2014-07-15 18:00 - 2014-07-15 18:00 - 00000000 ____D () C:\FRST 2014-07-15 17:59 - 2014-07-15 17:59 - 02086912 _____ (Farbar) C:\Users\sia\Downloads\FRST64.exe 2014-07-15 17:52 - 2014-07-09 03:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-15 17:21 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-15 17:21 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-15 17:20 - 2012-01-29 23:47 - 00700134 _____ () C:\Windows\system32\perfh007.dat 2014-07-15 17:20 - 2012-01-29 23:47 - 00149984 _____ () C:\Windows\system32\perfc007.dat 2014-07-15 17:20 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-15 17:17 - 2012-01-29 14:54 - 01378181 _____ () C:\Windows\WindowsUpdate.log 2014-07-15 17:16 - 2014-07-15 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-07-15 17:16 - 2014-07-07 17:35 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-15 17:16 - 2012-05-25 08:28 - 00000000 ____D () C:\ProgramData\clear.fi 2014-07-15 17:16 - 2011-09-23 06:46 - 00001832 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk 2014-07-15 17:14 - 2012-05-25 07:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-15 17:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-15 17:13 - 2009-07-14 06:51 - 00081083 _____ () C:\Windows\setupact.log 2014-07-15 02:30 - 2014-07-15 02:30 - 00001154 _____ () C:\Users\sia\Desktop\mwb.txt 2014-07-15 02:24 - 2014-07-15 02:04 - 00003084 _____ () C:\Users\sia\Desktop\problem.txt 2014-07-14 21:48 - 2012-05-23 15:09 - 00000000 ____D () C:\Users\sia\AppData\Roaming\CyberLink 2014-07-14 21:48 - 2012-01-29 15:25 - 00000000 ____D () C:\ProgramData\CyberLink 2014-07-14 18:57 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-07-14 14:32 - 2014-07-14 14:29 - 00091926 _____ () C:\Users\sia\Desktop\OTL.Txt 2014-07-14 14:30 - 2014-07-14 14:30 - 00106298 _____ () C:\Users\sia\Desktop\Extras.Txt 2014-07-14 14:03 - 2014-07-14 14:03 - 00602112 _____ (OldTimer Tools) C:\Users\sia\Desktop\OTL.exe 2014-07-14 04:34 - 2012-08-06 10:08 - 00000000 ____D () C:\Users\sia\AppData\Roaming\SoftGrid Client 2014-07-13 14:19 - 2014-06-22 05:02 - 00006017 _____ () C:\Users\sia\Desktop\guilds and friends.txt 2014-07-12 03:29 - 2014-05-01 03:12 - 00000000 ____D () C:\Users\sia\Desktop\Roman 2014-07-12 02:32 - 2014-07-08 13:23 - 00000000 ____D () C:\Users\sia\Desktop\NMM 2014-07-12 01:59 - 2014-07-12 01:59 - 05071065 _____ () C:\Users\Public\RealisticNeedsandDiseases-26228-1-9-10.7z 2014-07-12 01:59 - 2014-07-08 13:24 - 00000000 ____D () C:\Users\Public\cache 2014-07-12 01:58 - 2014-07-08 13:24 - 00000000 ____D () C:\Users\Public\categories 2014-07-12 01:58 - 2014-07-07 23:59 - 00000000 ____D () C:\Users\sia\AppData\Local\Skyrim 2014-07-09 21:54 - 2009-07-14 06:45 - 00291800 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-09 21:52 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-09 21:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-09 21:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-09 13:35 - 2014-05-31 00:27 - 00000000 ____D () C:\Users\sia\Documents\job 2014-07-09 13:26 - 2011-09-23 06:44 - 00000000 ____D () C:\ProgramData\Skype 2014-07-09 13:24 - 2012-05-23 15:14 - 00000000 ____D () C:\Users\sia\AppData\Roaming\Skype 2014-07-09 03:33 - 2014-07-09 03:33 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-09 03:33 - 2014-07-09 03:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-09 03:33 - 2014-07-09 03:33 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-09 03:33 - 2014-07-09 03:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-09 03:31 - 2014-07-09 03:30 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\sia\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-09 03:14 - 2012-05-25 07:40 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 03:14 - 2012-05-25 07:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 03:14 - 2011-09-23 07:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-08 18:48 - 2014-07-08 18:48 - 00009781 _____ () C:\Users\Public\Duel Combat Realism HARDCORE v7_6_4_2-2700-7-6-4-2.rar 2014-07-08 13:39 - 2014-07-08 13:39 - 05077610 _____ () C:\Users\Public\Realistic Needs and Diseases DE-49060-1-9-10-0.7z 2014-07-08 13:39 - 2014-07-08 13:24 - 00000000 ____D () C:\Users\Public\ReadMe 2014-07-08 13:36 - 2014-07-08 13:36 - 00000000 ____D () C:\Users\sia\Documents\My Games 2014-07-08 13:23 - 2014-07-07 16:47 - 00000000 ____D () C:\Users\sia\Desktop\Modifikationen 2014-07-08 13:21 - 2014-07-08 13:21 - 00001123 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk 2014-07-08 13:21 - 2014-07-08 13:21 - 00000000 ____D () C:\Users\sia\Documents\Nexus Mod Manager 2014-07-08 13:21 - 2014-07-08 13:21 - 00000000 ____D () C:\Users\Public\Nexus Mod Manager 2014-07-08 13:21 - 2014-07-08 13:13 - 00000000 ____D () C:\Users\sia\AppData\Local\Black_Tree_Gaming 2014-07-08 13:21 - 2014-07-08 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager 2014-07-08 13:12 - 2014-07-08 13:12 - 00000000 ____D () C:\Program Files\Nexus Mod Manager 2014-07-08 03:18 - 2014-02-09 01:34 - 00000000 ____D () C:\Users\sia\Desktop\fogrfenbewrbungfoauswl 2014-07-07 23:58 - 2011-09-23 06:48 - 00010316 _____ () C:\Windows\DirectX.log 2014-07-07 23:54 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-07 17:35 - 2014-07-07 17:35 - 00000921 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-07-07 17:35 - 2014-07-07 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-07-07 17:26 - 2014-07-07 17:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2014-07-05 00:35 - 2013-06-11 17:37 - 00000000 ____D () C:\Users\sia\Desktop\Juliens 2014-07-05 00:29 - 2014-07-05 00:29 - 00000502 _____ () C:\Users\sia\Desktop\email.txt 2014-07-05 00:27 - 2014-07-05 00:27 - 00000000 ____D () C:\Users\sia\AppData\Local\Adobe 2014-07-04 16:57 - 2014-07-04 16:57 - 00000967 _____ () C:\Users\sia\Desktop\TechPowerUp GPU-Z.lnk 2014-07-04 16:57 - 2014-07-04 16:57 - 00000000 ____D () C:\Users\sia\AppData\Roaming\NVIDIA 2014-07-04 16:57 - 2014-07-04 16:57 - 00000000 ____D () C:\Program Files (x86)\GPU-Z 2014-07-04 16:56 - 2014-07-04 16:55 - 00961360 _____ (Chip Digital GmbH) C:\Users\sia\Downloads\GPU Z - CHIP-Installer.exe 2014-07-04 00:58 - 2014-07-04 00:58 - 00918952 _____ (Oracle Corporation) C:\Users\sia\Downloads\jxpiinstall.exe 2014-07-03 20:22 - 2014-07-03 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-07-03 20:22 - 2014-07-03 20:22 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-07-03 20:22 - 2014-07-03 13:23 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-07-01 16:28 - 2014-06-10 14:23 - 00000071 _____ () C:\Users\sia\Desktop\CUBE.txt 2014-06-26 13:07 - 2011-09-23 07:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-06-26 11:16 - 2014-06-14 10:25 - 00054272 ___SH () C:\Users\sia\Thumbs.db 2014-06-26 11:14 - 2012-05-23 15:08 - 00000000 ____D () C:\Users\sia 2014-06-25 12:52 - 2014-06-25 12:52 - 01058200 _____ (Adobe) C:\Users\sia\Downloads\install_flashplayer14x32au_mssa_aaa_aih.exe 2014-06-21 00:45 - 2014-06-21 00:45 - 00000000 ____D () C:\Users\sia\Downloads\Jochen 2014-06-21 00:45 - 2014-06-21 00:45 - 00000000 ____D () C:\Users\sia\Downloads\__MACOSX 2014-06-21 00:44 - 2014-06-21 00:44 - 05460621 _____ () C:\Users\sia\Downloads\Jochen.zip 2014-06-20 22:14 - 2014-07-09 18:27 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-06-20 21:39 - 2014-07-09 18:27 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-06-19 03:39 - 2014-07-09 18:27 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-19 03:06 - 2014-07-09 18:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-19 03:06 - 2014-07-09 18:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-19 02:48 - 2014-07-09 18:27 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-19 02:42 - 2014-07-09 18:27 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-19 02:42 - 2014-07-09 18:27 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-19 02:41 - 2014-07-09 18:27 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-06-19 02:41 - 2014-07-09 18:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-19 02:32 - 2014-07-09 18:27 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-19 02:31 - 2014-07-09 18:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-19 02:26 - 2014-07-09 18:27 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-19 02:24 - 2014-07-09 18:27 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-19 02:24 - 2014-07-09 18:27 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-19 02:23 - 2014-07-09 18:27 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-19 02:16 - 2014-07-09 18:27 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-19 02:14 - 2014-07-09 18:27 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-19 02:09 - 2014-07-09 18:27 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-19 01:59 - 2014-07-09 18:27 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-19 01:56 - 2014-07-09 18:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-19 01:53 - 2014-07-09 18:27 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-19 01:51 - 2014-07-09 18:27 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-19 01:50 - 2014-07-09 18:27 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-19 01:48 - 2014-07-09 18:27 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-19 01:39 - 2014-07-09 18:27 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-19 01:38 - 2014-07-09 18:27 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-19 01:37 - 2014-07-09 18:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-19 01:36 - 2014-07-09 18:27 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-19 01:35 - 2014-07-09 18:27 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-06-19 01:33 - 2014-07-09 18:27 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-19 01:32 - 2014-07-09 18:27 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-19 01:28 - 2014-07-09 18:27 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-19 01:28 - 2014-07-09 18:27 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-19 01:27 - 2014-07-09 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-19 01:27 - 2014-07-09 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-19 01:25 - 2014-07-09 18:27 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-19 01:23 - 2014-07-09 18:27 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-19 01:22 - 2014-07-09 18:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-19 01:12 - 2014-07-09 18:27 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-19 01:06 - 2014-07-09 18:27 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-19 01:01 - 2014-07-09 18:27 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-19 00:59 - 2014-07-09 18:27 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-19 00:58 - 2014-07-09 18:27 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-19 00:58 - 2014-07-09 18:27 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-19 00:52 - 2014-07-09 18:27 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-19 00:51 - 2014-07-09 18:27 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-19 00:49 - 2014-07-09 18:27 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-19 00:46 - 2014-07-09 18:27 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-19 00:45 - 2014-07-09 18:27 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-19 00:35 - 2014-07-09 18:27 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-19 00:34 - 2014-07-09 18:27 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-19 00:15 - 2014-07-09 18:27 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-19 00:13 - 2014-07-09 18:27 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-19 00:09 - 2014-07-09 18:27 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-19 00:07 - 2014-07-09 18:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-18 15:44 - 2012-05-25 07:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-18 15:16 - 2012-05-25 07:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-18 04:18 - 2014-07-09 18:28 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-06-18 03:51 - 2014-07-09 18:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-06-18 03:10 - 2014-07-09 18:28 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-06-16 22:19 - 2014-06-16 22:19 - 00000000 ____D () C:\Users\zebra\rotermundt 2014-06-16 22:19 - 2012-05-25 08:22 - 00000000 ____D () C:\Users\zebra Some content of TEMP: ==================== C:\Users\sia\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit-1.exe C:\Users\sia\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit-2.exe C:\Users\sia\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit.exe C:\Users\sia\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-10 19:33 ==================== End Of Log ============================ Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2014 01
Ran by sia at 2014-07-15 18:01:57
Running from C:\Users\sia\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall (Enabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.01.3002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.0921.1959 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Acer USB Charge Manager (HKLM-x32\...\{F53A49E6-9FB1-4A5A-B1D9-82BA116196B7}) (Version: 1.00.3001 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.10 (HKLM-x32\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.17.51 - Conexant)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel PROSet Wireless (Version: - ) Hidden
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
LEGO Racers 2002 (HKLM-x32\...\{0A629E86-7F8F-4477-8297-5BF422522838}) (Version: - )
Macromedia Dreamweaver 8 (HKLM-x32\...\{44025BD7-AD10-4769-99AE-6378FD0303D6}) (Version: 8.0.0.2751 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{0F022A2E-7022-497D-90A5-0F46746D8275}) (Version: 1.7.270 - Ihr Firmenname)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Macromedia Flash Player 8 (HKLM-x32\...\{885A63EA-382B-4DD4-A755-14809B8557D6}) (Version: 8.0.22.0 - Macromedia)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 11.0.543 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.50.3 - Black Tree Gaming)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SuperMailer 6.10 (HKLM\...\Newsletter Software SuperMailer (x64)_is1) (Version: 6.10 - Mirko Boeer Softwareentwicklungen)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29327 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 18.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
14-05-2014 22:17:58 Windows Update
03-06-2014 00:56:24 Geplanter Prüfpunkt
11-06-2014 16:37:37 Windows Update
24-06-2014 20:05:26 Geplanter Prüfpunkt
07-07-2014 15:23:13 Geplanter Prüfpunkt
07-07-2014 15:35:18 Steam wird installiert
07-07-2014 21:57:32 DirectX wurde installiert
08-07-2014 12:27:15 Windows Update
09-07-2014 11:25:27 Removed Skype™ 6.16
09-07-2014 11:27:31 Removed Skype Click to Call
09-07-2014 17:48:10 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {24EAE4E0-B4F5-4CAE-8848-0406CCCEAF86} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {2AE4C545-57BF-4C4A-B2E3-E1B465A27BC2} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {457264D4-D1F9-4CB5-88EE-EFE902A82632} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {756A4804-D4DE-4F50-9D62-5414644D86B3} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2011-08-10] (Acer)
Task: {7D062C41-9AD0-4A2E-BD0D-FEA621938CF5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {7F175FEE-8680-40ED-B6A8-508AFC229BA6} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {FAC148DF-9030-433B-8142-F1CA1A947B9F} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2011-05-02 14:41 - 2011-05-02 14:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2009-01-22 01:45 - 2009-01-22 01:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-09-23 06:58 - 2011-06-10 19:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-02 14:41 - 2011-05-02 14:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-02-18 21:01 - 2014-02-18 21:01 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\367540c92c2004ff2c6695778fed5dd6\IsdiInterop.ni.dll
2011-09-23 06:20 - 2011-05-20 19:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-08-24 19:03 - 2011-08-24 19:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2012-01-29 14:58 - 2011-02-21 09:30 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-30 17:27 - 2014-05-31 03:27 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-05-30 17:27 - 2014-05-31 03:27 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-30 17:27 - 2014-05-31 03:27 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-05-30 17:27 - 2014-05-31 03:27 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-06-26 14:40 - 2014-06-27 00:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-06-30 13:47 - 2014-07-10 20:21 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-04-28 16:37 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-06-30 13:46 - 2014-07-10 20:21 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-05-01 15:35 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-05-25 07:36 - 2014-06-18 15:16 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/15/2014 05:14:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 03:56:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 01:20:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 01:06:10 AM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.
The process will be terminated.
Thread id : 7544 (0x1d78)
Thread address : 0x0000000077A0132A
Thread message :
Build VSCORE.14.4.0.333 / 5400.1158
Object being scanned = \Device\HarddiskVolume3\Program Files (x86)\Adobe\Reader 10.0\Reader\agm.dll
by C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)
Error: (07/15/2014 00:59:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 00:30:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/14/2014 10:07:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1410
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (07/14/2014 09:47:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/14/2014 06:57:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/14/2014 04:24:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/15/2014 04:13:16 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.
Error: (07/15/2014 04:12:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
Error: (07/15/2014 03:56:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 15.07.2014 um 14:35:10 unerwartet heruntergefahren.
Error: (07/15/2014 02:07:56 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.
Error: (07/15/2014 02:05:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
Error: (07/15/2014 02:05:25 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C332C124-340D-4430-AA0D-C75602876FCC}
Error: (07/15/2014 01:06:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee McShield" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/15/2014 01:06:09 AM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.
Error: (07/15/2014 00:59:14 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 15.07.2014 um 00:56:15 unerwartet heruntergefahren.
Error: (07/14/2014 10:19:44 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.
Microsoft Office Sessions:
=========================
Error: (07/15/2014 05:14:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 03:56:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 01:20:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 01:06:10 AM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900007544 (0x1d78)0x0000000077A0132A
Build VSCORE.14.4.0.333 / 5400.1158
Object being scanned = \Device\HarddiskVolume3\Program Files (x86)\Adobe\Reader 10.0\Reader\agm.dll
by C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)
Error: (07/15/2014 00:59:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 00:30:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/14/2014 10:07:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b141001cf9f9cd5c51e26C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll7eeaccb2-0b92-11e4-bdac-dc0ea1921c09
Error: (07/14/2014 09:47:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/14/2014 06:57:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/14/2014 04:24:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 45%
Total physical RAM: 3947.86 MB
Available physical RAM: 2171.07 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 5335.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:595.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 3070A8D0)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=681 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
16.07.2014, 17:22
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.07.2014, 14:34
| #5 |
| | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren ich muss zum deaktivieren der Antivirensoftware leider nochmal nachfragen, dass ich es auch richtig mache. Ich hab jetzt Windowstaste+R gedrückt und "services.msc" eingegeben. Dort dann bei starttyp auf deaktiviert gestellt, allerdings lies sich das nicht bei allen MC Affee Dateien auswählen, der Button war grau, deaktiviert gar nicht anwählbar. Also 2 fragen, hab ich das soweit korrekt gemacht? Und wenn ja, ist das ein Problem, dass sich nicht alles deaktivieren lässt? |
|
17.07.2014, 17:07
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren Eigentlich brauchste nur McAfee öffnen und dort dann beenden oder den Schutz pausieren 
__________________ --> Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren |
|
17.07.2014, 17:52
| #7 |
| | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren Okay, ich denke ich hab alles soweit, danke=) Aber e sscheint nicht richtig zu funktionieren. Wenn ComcoFix läuft ertönt ein Bing, kurz bevor der baken voll ist, dann erscheint ein kleines Bluescreen fenster mit dem Namen "Administrator: ." . Dort drin steht "bitte warten. ComboFix wird vorbereitet um ausgeführt zu werden. Dann ploppt eine fehlermeldung auf NIRKMD NIRKMD konnte nicht gefunden werden. Stellen sie sicher dass die denNamen richtig eingegeben haben und wiederholen sie den Vorgang. (Ok)  |
|
18.07.2014, 04:56
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren Combofix löschen und neu laden. Deinstalliere McAfee vor dem neuen Lauf mit Combofix.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.07.2014, 01:29
| #9 |
| | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren habe Combofix deinstalliert, allerding existiert noch eine datei die ComboFix heißt, in C:, mit dem Symbol von "Computer". Wenn draufgehe komme ich auch auf Computer, also die übersicht der festplatten etc. Während ich das grade geschrieben habe, wollte ich in neuem tab etwas googlen, um auch keinen Blödsinn zu schreiben, doch der laptop stürzte ab und ich bekam einen bluescreen ... Jetzt hat es aber immerhin funktioniert, na endlich Code:
ATTFilter ComboFix 14-07-17.03 - sia 19.07.2014 1:52.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3948.1783 [GMT 2:00]
ausgeführt von:: c:\users\sia\Downloads\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-06-18 bis 2014-07-18 ))))))))))))))))))))))))))))))
.
.
2014-07-18 23:58 . 2014-07-18 23:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-15 16:00 . 2014-07-15 16:02 -------- d-----w- C:\FRST
2014-07-09 16:29 . 2014-06-03 10:02 1719296 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-07-09 16:29 . 2014-06-03 10:02 1389568 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-07-09 16:29 . 2014-06-03 10:02 1380864 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-07-09 16:29 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 16:29 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 16:27 . 2014-06-19 00:31 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-07-09 16:01 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 16:01 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 16:01 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-09 01:34 . 2014-07-18 23:46 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-09 01:33 . 2014-07-09 01:33 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2014-07-09 01:33 . 2014-07-09 01:33 -------- d-----w- c:\programdata\Malwarebytes
2014-07-09 01:33 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-09 01:33 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-09 01:33 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-08 11:24 . 2014-07-08 11:39 -------- d-----w- c:\users\Public\ReadMe
2014-07-08 11:24 . 2014-07-11 23:59 -------- d-----w- c:\users\Public\cache
2014-07-08 11:24 . 2014-07-11 23:58 -------- d-----w- c:\users\Public\categories
2014-07-08 11:21 . 2014-07-08 11:21 -------- d-----w- c:\users\Public\Nexus Mod Manager
2014-07-08 11:13 . 2014-07-08 11:21 -------- d-----w- c:\users\sia\AppData\Local\Black_Tree_Gaming
2014-07-08 11:12 . 2014-07-08 11:12 -------- d-----w- c:\program files\Nexus Mod Manager
2014-07-08 11:11 . 2014-07-08 11:11 -------- d-----w- c:\users\sia\AppData\Local\Programs
2014-07-07 21:58 . 2008-05-30 12:11 540688 ----a-w- c:\windows\system32\d3dx10_38.dll
2014-07-07 15:35 . 2014-07-12 20:02 -------- d-----w- c:\program files (x86)\Common Files\Steam
2014-07-07 15:35 . 2014-07-18 23:47 -------- d-----w- c:\program files (x86)\Steam
2014-07-04 22:27 . 2014-07-04 22:27 -------- d-----w- c:\users\sia\AppData\Local\Adobe
2014-07-04 14:57 . 2014-07-04 14:57 -------- d-----w- c:\users\sia\AppData\Roaming\NVIDIA
2014-07-04 14:57 . 2014-07-04 14:57 -------- d-----w- c:\program files (x86)\GPU-Z
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 01:14 . 2012-05-25 05:40 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-09 01:14 . 2011-09-23 05:02 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-09 06:14 . 2014-05-14 11:28 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-05-09 06:11 . 2014-05-14 11:28 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-04-25 02:34 . 2014-06-11 12:22 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-11 12:22 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2014-04-23 23:19 . 2014-04-23 23:19 1409 ----a-w- c:\windows\QTFont.for
2014-04-23 23:17 . 2014-04-23 23:17 28672 ----a-w- c:\windows\SysWow64\qttask.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-06-30 1753280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-06-21 341360]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"Dolby Home Theater v4"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-26 177448]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2011-9-23 723560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 GPU-Z;GPU-Z;c:\users\sia\AppData\Local\Temp\GPU-Z.sys;c:\users\sia\AppData\Local\Temp\GPU-Z.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe;c:\progra~1\mcafee\msc\mcawfwk.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-25 01:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-21 416024]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"Power Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2011-03-28 499304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\sia\AppData\Roaming\Mozilla\Firefox\Profiles\akem2bnl.default\
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE662&p=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-07-19 02:01:43
ComboFix-quarantined-files.txt 2014-07-19 00:01
.
Vor Suchlauf: 11 Verzeichnis(se), 650.765.815.808 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 650.951.311.360 Bytes frei
.
- - End Of File - - 0384F39A9B45051FA29F80E5C025FD4C
|
|
19.07.2014, 20:47
| #10 |
| /// the machine /// TB-Ausbilder | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.07.2014, 23:55
| #11 |
| | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren Hi, entschuldige dass ich mich jetzt erst melde, war übers Wochenende bei Verwandten. ohne laptop. hatte ja mbam schon, aber auch jetzt hat es keine infizierten Dateien gefunden: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 22.07.2014 Suchlauf-Zeit: 00:22:53 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.21.09 Rootkit Datenbank: v2014.07.17.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: sia Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 343620 Verstrichene Zeit: 9 Min, 7 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) adwcleaner: Code:
ATTFilter # AdwCleaner v3.216 - Bericht erstellt am 22/07/2014 um 00:39:44
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : sia - ZEBRA
# Gestartet von : C:\Users\sia\Desktop\adwcleaner_3.216.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [LManager]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\sia\AppData\Roaming\Mozilla\Firefox\Profiles\akem2bnl.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1294 octets] - [26/05/2014 00:46:19]
AdwCleaner[R1].txt - [1326 octets] - [22/07/2014 00:39:01]
AdwCleaner[S0].txt - [1355 octets] - [26/05/2014 00:54:35]
AdwCleaner[S1].txt - [1201 octets] - [22/07/2014 00:39:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1261 octets] ##########
Junkware Removal Tool: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by sia on 22.07.2014 at 0:46:10,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\sia\appdata\local\{58497866-B2F9-4C3F-9A7D-E0D67631C958}
Successfully deleted: [Empty Folder] C:\Users\sia\appdata\local\{AA03E67F-8E67-4B56-8BA7-148B19E2EA33}
Successfully deleted: [Empty Folder] C:\Users\sia\appdata\local\{CD50EB2B-241F-4BB1-9472-43125C706E2D}
~~~ FireFox
Emptied folder: C:\Users\sia\AppData\Roaming\mozilla\firefox\profiles\akem2bnl.default\minidumps [107 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.07.2014 at 0:51:39,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Und noch die neue FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014 Ran by sia (administrator) on ZEBRA on 22-07-2014 00:53:50 Running from C:\Users\sia\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Dolby Laboratories Inc.) C:\DOLBY PCEE4\pcee4.exe (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.) HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [499304 2011-03-28] (Acer Incorporated) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation) HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-22] (Egis Technology Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation) HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-2962658076-3842029121-131464362-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-06-30] (Valve Corporation) AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-02-21] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-02-21] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {DD79BB6E-07E6-4A38-9710-43E448D7FF66} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\sia\AppData\Roaming\Mozilla\Firefox\Profiles\akem2bnl.default FF SearchEngineOrder.1: Sichere Suche FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE662&p= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\progra~2\mcafee\msc\npmcsn~1.dll No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\sia\AppData\Roaming\Mozilla\Firefox\Profiles\akem2bnl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-26] ==================== Services (Whitelisted) ================= R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [799848 2011-03-28] (Acer Incorporated) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-27] (Realsil Microelectronics Inc.) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] () R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation) R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated) S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [X] ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-22] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 GPU-Z; \??\C:\Users\sia\AppData\Local\Temp\GPU-Z.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-22 00:53 - 2014-07-22 00:53 - 00000000 ____D () C:\Users\sia\Downloads\FRST-OlderVersion 2014-07-22 00:51 - 2014-07-22 00:51 - 00001068 _____ () C:\Users\sia\Desktop\JRT.txt 2014-07-22 00:46 - 2014-07-22 00:46 - 00000000 ____D () C:\Windows\ERUNT 2014-07-22 00:44 - 2014-07-22 00:44 - 01016261 _____ (Thisisu) C:\Users\sia\Desktop\JRT.exe 2014-07-22 00:38 - 2014-07-22 00:38 - 01354223 _____ () C:\Users\sia\Desktop\adwcleaner_3.216.exe 2014-07-22 00:34 - 2014-07-22 00:34 - 00001153 _____ () C:\Users\sia\Desktop\mbam.txt 2014-07-19 02:01 - 2014-07-19 02:01 - 00019951 _____ () C:\ComboFix.txt 2014-07-19 01:50 - 2014-07-19 02:01 - 00000000 ____D () C:\Qoobox 2014-07-19 01:50 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-07-19 01:50 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-07-19 01:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-07-19 01:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-07-19 01:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-07-19 01:50 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-07-19 01:50 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-07-19 01:50 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-07-19 01:48 - 2014-07-19 01:49 - 05221938 ____R (Swearware) C:\Users\sia\Downloads\ComboFix.exe 2014-07-19 01:44 - 2014-07-22 00:45 - 00002729 _____ () C:\Users\sia\Desktop\dosdop.txt 2014-07-19 01:41 - 2014-07-19 01:41 - 00961360 _____ (Chip Digital GmbH) C:\Users\sia\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe 2014-07-17 18:46 - 2014-07-19 02:00 - 00000000 ____D () C:\Windows\erdnt 2014-07-16 01:44 - 2014-07-16 01:44 - 00091136 ___SH () C:\Users\sia\Desktop\Thumbs.db 2014-07-15 18:01 - 2014-07-15 18:02 - 00034388 _____ () C:\Users\sia\Downloads\Addition.txt 2014-07-15 18:00 - 2014-07-22 00:53 - 00011934 _____ () C:\Users\sia\Downloads\FRST.txt 2014-07-15 18:00 - 2014-07-22 00:53 - 00000000 ____D () C:\FRST 2014-07-15 17:59 - 2014-07-22 00:53 - 02090496 _____ (Farbar) C:\Users\sia\Downloads\FRST64.exe 2014-07-15 02:30 - 2014-07-15 02:30 - 00001154 _____ () C:\Users\sia\Desktop\mwb.txt 2014-07-14 14:30 - 2014-07-14 14:30 - 00106298 _____ () C:\Users\sia\Desktop\Extras.Txt 2014-07-14 14:29 - 2014-07-14 14:32 - 00091926 _____ () C:\Users\sia\Desktop\OTL.Txt 2014-07-14 14:03 - 2014-07-14 14:03 - 00602112 _____ (OldTimer Tools) C:\Users\sia\Desktop\OTL.exe 2014-07-12 01:59 - 2014-07-12 01:59 - 05071065 _____ () C:\Users\Public\RealisticNeedsandDiseases-26228-1-9-10.7z 2014-07-09 18:28 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 18:28 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 18:28 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 18:28 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 18:28 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-09 18:28 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 18:28 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-09 18:28 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-09 18:27 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 18:27 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 18:27 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 18:27 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 18:27 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 18:27 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 18:27 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 18:27 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 18:27 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 18:27 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 18:27 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 18:27 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 18:27 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 18:27 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 18:27 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 18:27 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 18:27 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 18:27 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 18:27 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 18:27 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 18:27 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 18:27 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 18:27 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 18:27 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 18:27 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 18:27 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 18:27 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 18:27 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 18:27 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 18:27 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 18:27 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 18:27 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 18:27 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 18:27 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 18:27 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 18:27 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 18:27 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 18:27 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 18:27 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 18:27 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 18:27 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 18:27 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 18:27 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 18:27 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 18:27 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 18:27 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 18:27 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 18:27 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 18:27 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 18:27 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 18:27 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 18:27 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 18:27 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 18:27 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 18:27 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 18:27 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 18:01 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 18:01 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 18:01 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-09 03:34 - 2014-07-22 00:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-09 03:33 - 2014-07-09 03:33 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-09 03:33 - 2014-07-09 03:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-09 03:33 - 2014-07-09 03:33 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-09 03:33 - 2014-07-09 03:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-09 03:33 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-09 03:33 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-09 03:33 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-09 03:30 - 2014-07-09 03:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\sia\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-08 18:48 - 2014-07-08 18:48 - 00009781 _____ () C:\Users\Public\Duel Combat Realism HARDCORE v7_6_4_2-2700-7-6-4-2.rar 2014-07-08 13:39 - 2014-07-08 13:39 - 05077610 _____ () C:\Users\Public\Realistic Needs and Diseases DE-49060-1-9-10-0.7z 2014-07-08 13:36 - 2014-07-08 13:36 - 00000000 ____D () C:\Users\sia\Documents\My Games 2014-07-08 13:24 - 2014-07-12 01:59 - 00000000 ____D () C:\Users\Public\cache 2014-07-08 13:24 - 2014-07-12 01:58 - 00000000 ____D () C:\Users\Public\categories 2014-07-08 13:24 - 2014-07-08 13:39 - 00000000 ____D () C:\Users\Public\ReadMe 2014-07-08 13:23 - 2014-07-12 02:32 - 00000000 ____D () C:\Users\sia\Desktop\NMM 2014-07-08 13:21 - 2014-07-08 13:21 - 00000000 ____D () C:\Users\sia\Documents\Nexus Mod Manager 2014-07-08 13:21 - 2014-07-08 13:21 - 00000000 ____D () C:\Users\Public\Nexus Mod Manager 2014-07-08 13:13 - 2014-07-08 13:21 - 00000000 ____D () C:\Users\sia\AppData\Local\Black_Tree_Gaming 2014-07-08 13:12 - 2014-07-08 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager 2014-07-08 13:12 - 2014-07-08 13:12 - 00000000 ____D () C:\Program Files\Nexus Mod Manager 2014-07-07 23:59 - 2014-07-12 01:58 - 00000000 ____D () C:\Users\sia\AppData\Local\Skyrim 2014-07-07 23:59 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2014-07-07 23:59 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2014-07-07 23:59 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2014-07-07 23:59 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2014-07-07 23:59 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2014-07-07 23:59 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2014-07-07 23:59 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2014-07-07 23:59 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2014-07-07 23:59 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2014-07-07 23:59 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2014-07-07 23:59 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2014-07-07 23:59 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2014-07-07 23:59 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2014-07-07 23:59 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2014-07-07 23:59 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2014-07-07 23:59 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2014-07-07 23:59 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2014-07-07 23:59 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2014-07-07 23:59 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-07-07 23:59 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2014-07-07 23:59 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-07-07 23:59 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-07-07 23:59 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-07-07 23:59 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-07-07 23:59 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2014-07-07 23:59 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2014-07-07 23:59 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2014-07-07 23:59 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2014-07-07 23:59 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2014-07-07 23:59 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2014-07-07 23:59 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2014-07-07 23:59 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2014-07-07 23:59 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2014-07-07 23:59 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2014-07-07 23:59 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2014-07-07 23:59 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2014-07-07 23:59 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2014-07-07 23:59 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2014-07-07 23:59 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2014-07-07 23:59 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2014-07-07 23:59 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2014-07-07 23:59 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2014-07-07 23:59 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2014-07-07 23:59 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2014-07-07 23:58 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2014-07-07 23:58 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2014-07-07 23:58 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2014-07-07 23:58 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2014-07-07 23:58 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2014-07-07 23:58 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2014-07-07 23:58 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2014-07-07 23:58 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2014-07-07 23:58 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2014-07-07 23:58 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2014-07-07 23:58 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2014-07-07 23:58 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2014-07-07 23:58 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2014-07-07 23:58 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2014-07-07 23:58 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2014-07-07 23:58 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2014-07-07 23:58 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2014-07-07 23:58 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2014-07-07 23:58 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2014-07-07 23:58 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2014-07-07 23:58 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2014-07-07 23:58 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2014-07-07 23:58 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2014-07-07 23:58 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2014-07-07 23:58 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2014-07-07 23:58 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2014-07-07 23:58 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2014-07-07 23:58 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2014-07-07 23:58 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2014-07-07 23:58 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2014-07-07 23:58 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-07-07 23:58 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2014-07-07 23:58 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2014-07-07 23:58 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2014-07-07 23:58 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2014-07-07 23:58 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2014-07-07 23:58 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2014-07-07 23:58 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2014-07-07 23:58 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2014-07-07 23:58 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2014-07-07 23:58 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2014-07-07 23:58 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2014-07-07 23:58 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2014-07-07 23:58 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2014-07-07 23:58 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2014-07-07 23:58 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2014-07-07 23:58 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2014-07-07 23:58 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2014-07-07 23:58 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2014-07-07 23:58 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2014-07-07 23:58 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2014-07-07 23:58 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2014-07-07 23:58 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2014-07-07 23:58 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2014-07-07 23:58 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2014-07-07 23:58 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2014-07-07 23:58 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2014-07-07 23:58 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2014-07-07 23:58 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2014-07-07 23:58 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2014-07-07 23:58 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2014-07-07 23:58 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2014-07-07 23:58 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-07-07 23:58 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2014-07-07 23:58 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2014-07-07 23:58 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2014-07-07 23:58 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-07-07 23:58 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-07-07 23:58 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2014-07-07 23:58 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2014-07-07 23:58 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2014-07-07 23:58 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2014-07-07 23:58 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-07-07 23:58 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2014-07-07 23:58 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2014-07-07 23:58 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2014-07-07 23:58 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2014-07-07 23:58 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2014-07-07 23:58 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-07-07 23:58 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-07-07 23:58 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-07-07 23:58 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2014-07-07 23:58 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-07-07 23:58 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2014-07-07 23:58 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-07-07 23:58 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2014-07-07 23:58 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2014-07-07 23:58 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2014-07-07 23:58 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-07-07 23:58 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2014-07-07 23:58 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-07-07 23:58 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2014-07-07 23:58 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-07-07 23:58 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2014-07-07 17:35 - 2014-07-22 00:41 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-07 17:35 - 2014-07-07 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-07-07 17:26 - 2014-07-07 17:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2014-07-07 16:47 - 2014-07-08 13:23 - 00000000 ____D () C:\Users\sia\Desktop\Modifikationen 2014-07-05 00:29 - 2014-07-05 00:29 - 00000502 _____ () C:\Users\sia\Desktop\email.txt 2014-07-05 00:27 - 2014-07-05 00:27 - 00000000 ____D () C:\Users\sia\AppData\Local\Adobe 2014-07-04 16:57 - 2014-07-04 16:57 - 00000967 _____ () C:\Users\sia\Desktop\TechPowerUp GPU-Z.lnk 2014-07-04 16:57 - 2014-07-04 16:57 - 00000000 ____D () C:\Users\sia\AppData\Roaming\NVIDIA 2014-07-04 16:57 - 2014-07-04 16:57 - 00000000 ____D () C:\Program Files (x86)\GPU-Z 2014-07-04 16:55 - 2014-07-04 16:56 - 00961360 _____ (Chip Digital GmbH) C:\Users\sia\Downloads\GPU Z - CHIP-Installer.exe 2014-07-04 00:58 - 2014-07-04 00:58 - 00918952 _____ (Oracle Corporation) C:\Users\sia\Downloads\jxpiinstall.exe 2014-06-25 12:52 - 2014-06-25 12:52 - 01058200 _____ (Adobe) C:\Users\sia\Downloads\install_flashplayer14x32au_mssa_aaa_aih.exe 2014-06-22 05:02 - 2014-07-17 23:29 - 00000071 _____ () C:\Users\sia\Desktop\guilds and friends.txt ==================== One Month Modified Files and Folders ======= 2014-07-22 00:54 - 2014-07-15 18:00 - 00011934 _____ () C:\Users\sia\Downloads\FRST.txt 2014-07-22 00:53 - 2014-07-22 00:53 - 00000000 ____D () C:\Users\sia\Downloads\FRST-OlderVersion 2014-07-22 00:53 - 2014-07-15 18:00 - 00000000 ____D () C:\FRST 2014-07-22 00:53 - 2014-07-15 17:59 - 02090496 _____ (Farbar) C:\Users\sia\Downloads\FRST64.exe 2014-07-22 00:51 - 2014-07-22 00:51 - 00001068 _____ () C:\Users\sia\Desktop\JRT.txt 2014-07-22 00:48 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-22 00:48 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-22 00:46 - 2014-07-22 00:46 - 00000000 ____D () C:\Windows\ERUNT 2014-07-22 00:45 - 2014-07-19 01:44 - 00002729 _____ () C:\Users\sia\Desktop\dosdop.txt 2014-07-22 00:45 - 2012-01-29 23:47 - 00700134 _____ () C:\Windows\system32\perfh007.dat 2014-07-22 00:45 - 2012-01-29 23:47 - 00149984 _____ () C:\Windows\system32\perfc007.dat 2014-07-22 00:45 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-22 00:44 - 2014-07-22 00:44 - 01016261 _____ (Thisisu) C:\Users\sia\Desktop\JRT.exe 2014-07-22 00:41 - 2014-07-09 03:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-22 00:41 - 2014-07-07 17:35 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-22 00:41 - 2012-05-25 08:28 - 00000000 ____D () C:\ProgramData\clear.fi 2014-07-22 00:40 - 2012-01-29 14:54 - 01709005 _____ () C:\Windows\WindowsUpdate.log 2014-07-22 00:40 - 2010-11-21 05:47 - 00124870 _____ () C:\Windows\PFRO.log 2014-07-22 00:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-22 00:40 - 2009-07-14 06:51 - 00082539 _____ () C:\Windows\setupact.log 2014-07-22 00:39 - 2014-05-26 00:46 - 00000000 ____D () C:\AdwCleaner 2014-07-22 00:38 - 2014-07-22 00:38 - 01354223 _____ () C:\Users\sia\Desktop\adwcleaner_3.216.exe 2014-07-22 00:34 - 2014-07-22 00:34 - 00001153 _____ () C:\Users\sia\Desktop\mbam.txt 2014-07-22 00:14 - 2012-05-25 07:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-19 02:01 - 2014-07-19 02:01 - 00019951 _____ () C:\ComboFix.txt 2014-07-19 02:01 - 2014-07-19 01:50 - 00000000 ____D () C:\Qoobox 2014-07-19 02:01 - 2013-03-29 23:09 - 00000000 ____D () C:\Users\julien_bewerbg 2014-07-19 02:01 - 2012-08-10 19:03 - 00000000 ____D () C:\Users\rc_fotos 2014-07-19 02:01 - 2012-05-25 08:22 - 00000000 ____D () C:\Users\zebra 2014-07-19 02:01 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-07-19 02:00 - 2014-07-17 18:46 - 00000000 ____D () C:\Windows\erdnt 2014-07-19 01:58 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-07-19 01:49 - 2014-07-19 01:48 - 05221938 ____R (Swearware) C:\Users\sia\Downloads\ComboFix.exe 2014-07-19 01:41 - 2014-07-19 01:41 - 00961360 _____ (Chip Digital GmbH) C:\Users\sia\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe 2014-07-19 01:35 - 2012-05-23 15:08 - 00000000 ____D () C:\Users\sia 2014-07-18 04:01 - 2014-06-10 14:23 - 00000134 _____ () C:\Users\sia\Desktop\CUBE.txt 2014-07-18 01:52 - 2014-02-09 01:34 - 00000000 ____D () C:\Users\sia\Desktop\fogrfenbewrbungfoauswl 2014-07-17 23:29 - 2014-06-22 05:02 - 00000071 _____ () C:\Users\sia\Desktop\guilds and friends.txt 2014-07-16 16:16 - 2012-08-06 10:08 - 00000000 ____D () C:\Users\sia\AppData\Roaming\SoftGrid Client 2014-07-16 14:10 - 2014-05-01 03:12 - 00000000 ____D () C:\Users\sia\Desktop\Roman 2014-07-16 01:44 - 2014-07-16 01:44 - 00091136 ___SH () C:\Users\sia\Desktop\Thumbs.db 2014-07-16 01:44 - 2013-06-11 17:37 - 00000000 ____D () C:\Users\sia\Desktop\Juliens 2014-07-16 01:43 - 2014-05-15 02:57 - 00000000 ____D () C:\Users\sia\AppData\Local\Windows Live 2014-07-15 18:02 - 2014-07-15 18:01 - 00034388 _____ () C:\Users\sia\Downloads\Addition.txt 2014-07-15 02:30 - 2014-07-15 02:30 - 00001154 _____ () C:\Users\sia\Desktop\mwb.txt 2014-07-14 21:48 - 2012-05-23 15:09 - 00000000 ____D () C:\Users\sia\AppData\Roaming\CyberLink 2014-07-14 21:48 - 2012-01-29 15:25 - 00000000 ____D () C:\ProgramData\CyberLink 2014-07-14 18:57 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-07-14 14:32 - 2014-07-14 14:29 - 00091926 _____ () C:\Users\sia\Desktop\OTL.Txt 2014-07-14 14:30 - 2014-07-14 14:30 - 00106298 _____ () C:\Users\sia\Desktop\Extras.Txt 2014-07-14 14:03 - 2014-07-14 14:03 - 00602112 _____ (OldTimer Tools) C:\Users\sia\Desktop\OTL.exe 2014-07-12 02:32 - 2014-07-08 13:23 - 00000000 ____D () C:\Users\sia\Desktop\NMM 2014-07-12 01:59 - 2014-07-12 01:59 - 05071065 _____ () C:\Users\Public\RealisticNeedsandDiseases-26228-1-9-10.7z 2014-07-12 01:59 - 2014-07-08 13:24 - 00000000 ____D () C:\Users\Public\cache 2014-07-12 01:58 - 2014-07-08 13:24 - 00000000 ____D () C:\Users\Public\categories 2014-07-12 01:58 - 2014-07-07 23:59 - 00000000 ____D () C:\Users\sia\AppData\Local\Skyrim 2014-07-09 21:54 - 2009-07-14 06:45 - 00291800 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-09 21:52 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-09 21:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-09 21:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-09 13:35 - 2014-05-31 00:27 - 00000000 ____D () C:\Users\sia\Documents\job 2014-07-09 13:26 - 2011-09-23 06:44 - 00000000 ____D () C:\ProgramData\Skype 2014-07-09 13:24 - 2012-05-23 15:14 - 00000000 ____D () C:\Users\sia\AppData\Roaming\Skype 2014-07-09 03:33 - 2014-07-09 03:33 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-09 03:33 - 2014-07-09 03:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-09 03:33 - 2014-07-09 03:33 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-09 03:33 - 2014-07-09 03:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-09 03:31 - 2014-07-09 03:30 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\sia\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-09 03:14 - 2012-05-25 07:40 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 03:14 - 2012-05-25 07:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 03:14 - 2011-09-23 07:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-08 18:48 - 2014-07-08 18:48 - 00009781 _____ () C:\Users\Public\Duel Combat Realism HARDCORE v7_6_4_2-2700-7-6-4-2.rar 2014-07-08 13:39 - 2014-07-08 13:39 - 05077610 _____ () C:\Users\Public\Realistic Needs and Diseases DE-49060-1-9-10-0.7z 2014-07-08 13:39 - 2014-07-08 13:24 - 00000000 ____D () C:\Users\Public\ReadMe 2014-07-08 13:36 - 2014-07-08 13:36 - 00000000 ____D () C:\Users\sia\Documents\My Games 2014-07-08 13:23 - 2014-07-07 16:47 - 00000000 ____D () C:\Users\sia\Desktop\Modifikationen 2014-07-08 13:21 - 2014-07-08 13:21 - 00000000 ____D () C:\Users\sia\Documents\Nexus Mod Manager 2014-07-08 13:21 - 2014-07-08 13:21 - 00000000 ____D () C:\Users\Public\Nexus Mod Manager 2014-07-08 13:21 - 2014-07-08 13:13 - 00000000 ____D () C:\Users\sia\AppData\Local\Black_Tree_Gaming 2014-07-08 13:21 - 2014-07-08 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager 2014-07-08 13:12 - 2014-07-08 13:12 - 00000000 ____D () C:\Program Files\Nexus Mod Manager 2014-07-07 23:58 - 2011-09-23 06:48 - 00010316 _____ () C:\Windows\DirectX.log 2014-07-07 23:54 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-07 17:35 - 2014-07-07 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-07-07 17:26 - 2014-07-07 17:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2014-07-05 00:29 - 2014-07-05 00:29 - 00000502 _____ () C:\Users\sia\Desktop\email.txt 2014-07-05 00:27 - 2014-07-05 00:27 - 00000000 ____D () C:\Users\sia\AppData\Local\Adobe 2014-07-04 16:57 - 2014-07-04 16:57 - 00000967 _____ () C:\Users\sia\Desktop\TechPowerUp GPU-Z.lnk 2014-07-04 16:57 - 2014-07-04 16:57 - 00000000 ____D () C:\Users\sia\AppData\Roaming\NVIDIA 2014-07-04 16:57 - 2014-07-04 16:57 - 00000000 ____D () C:\Program Files (x86)\GPU-Z 2014-07-04 16:56 - 2014-07-04 16:55 - 00961360 _____ (Chip Digital GmbH) C:\Users\sia\Downloads\GPU Z - CHIP-Installer.exe 2014-07-04 00:58 - 2014-07-04 00:58 - 00918952 _____ (Oracle Corporation) C:\Users\sia\Downloads\jxpiinstall.exe 2014-06-26 13:07 - 2011-09-23 07:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-06-26 11:16 - 2014-06-14 10:25 - 00054272 ___SH () C:\Users\sia\Thumbs.db 2014-06-25 12:52 - 2014-06-25 12:52 - 01058200 _____ (Adobe) C:\Users\sia\Downloads\install_flashplayer14x32au_mssa_aaa_aih.exe Some content of TEMP: ==================== C:\Users\sia\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-10 19:33 ==================== End Of Log ============================ gruß Lyana |
|
22.07.2014, 11:17
| #12 |
| /// the machine /// TB-Ausbilder | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahrenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.07.2014, 23:16
| #13 |
| | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren Hm, habe mehrfach versucht den ESET Scanner durchlaufen zu lassen, doch er bleibe immer bei 25% stehen. Wenn ich dann versucht habe irgendwas zu machen war einfrieren oder abstürzen vorprogrammiert. habe 2 mal einen Bluescreen bekommen, mit der anschließenden Meldung dass "einer der Datenträger auf seine Konsistenz Überprüft werden" müsse. Hab dann einw enig Angst vor Datenverlust etc. bekommen und den Laptop erst einmal ausgelassen, da er heute sowieso überhaupt nicht wollte, immer wieder einfror :/ Wie soll ich jetzt vorgehen? |
|
23.07.2014, 15:42
| #14 |
| /// the machine /// TB-Ausbilder | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren ESET weg lassen, mach dafür einen Vollscan mit deinem AV Programm.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.07.2014, 17:24
| #15 | |
| | Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren Hatte ihn wohl kurz in guter Stimmung erwischt, konnte Security Check abschliessen und auch Avira hätte den Durchlauf um ein Haar beenden können, doch dann gabs wieder den Bluescreen und Neustart. irgendwelche ideen wie ich den laptop soweit entlasten könnte, dass er wenigstens die Programmdurchläufe schafft? =/ Werde es Morgen dann nochmal probieren, ESET ebenso. Achso, bevor ichs vergesse, Avira war wie gesgat schon sehr weit und hatte bis dahin keinerlei Funde. Hier immerhin schonmal das Ergebnis von Security Check: Code:
ATTFilter Results of screen317's Security Check version 0.99.85
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 14.0.0.145
Adobe Reader 10.1.10 Adobe Reader out of Date!
Mozilla Firefox (30.0)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Zitat:
Edit, nächster Tag: Heute läuft der Laptop erstaunlich gut und stabil. Nur beim Avirascan stüzt er ab. Bei ESET hakt er immer bei 25%, bei C:/OEM/Prealoads/... |
|
| Themen zu Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren |
| autorun, bho, bluescreen, desktop, ebay, einfrieren, error, firefox, flash player, home, homepage, iexplore.exe, install.exe, keine rückmeldung, launch, logfile, microsoft office starter 2010, mozilla, nvpciflt.sys, realtek, registry, security, sekunden, siteadvisor, software, svchost.exe, symantec, usb, windows, wscript.exe |
WARNUNG an die MITLESER: 
Linear-Darstellung
