|
Log-Analyse und Auswertung: Windows 8.1. - Pausen, Festplattenprobleme, Bluescreen, ExplorerproblemeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
09.08.2014, 08:18 | #1 |
| Windows 8.1. - Pausen, Festplattenprobleme, Bluescreen, Explorerprobleme Hallo, Ich habe mir vor einigen Wochen einen neuen Rechner zusammengebaut. Allerdings macht er immer wieder Zicken. Oft kann ich ihn stundenlang laufen lassen ohne dass ich dran sitze und alles ist ok. Dann setz ich mich kurz hin und mach was und er beginnt Denkpausen einzulegen, in denen das System nicht mehr reagiert. Die Abstände werden dann immer kürzer und die Pausen länger, bis irgendwann gar nichts mehr geht und ich (mit Glück) noch neustarten kann. Nach einem Neustart ist erst mal wieder alles okay... Gestern Nacht als ich schlief, hat er dann doch auch passiv seinen ersten Bluescreen wohl hingelegt. Die Ereignisanzeige ist in den Minuten davor voller Probleme in denen "nicht genügend Quoten" bemängelt werden. ---- Benachrichtigungen für Volume C:\ sind nicht aktiv. Kontext: Windows Anwendung Details: Nicht genügend Quoten, um den angeforderten Dienst auszuführen. (HRESULT : 0x800705ad) (0x800705ad) ---- taskhostex (2056) WebCacheLocal: Versuch, in Datei "C:\Users\xyz\AppData\Local\Microsoft\Windows\WebCache\V01.log" bei Offset 487424 (0x0000000000077000) für 4096 (0x00001000) Bytes zu schreiben, ist nach 0.000 Sekunden mit Systemfehler 1453 (0x000005ad): "Nicht genügend Quoten, um den angeforderten Dienst auszuführen. " fehlgeschlagen. Fehler -1011 (0xfffffc0d) bei Schreiboperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden. ---- usw. Auch hab ich bei 2 Festplatten (zu 95% dieselbe) immer wieder SMART-Errors mit zu langen Motor-Anlaufzeiten. (Spin-Up Time). Ich vermute dahinter entweder ein S-ATA Problem, ein Stromproblem, oder ein Problem, weil die Platten im neuen Gehäuse nicht mehr hochkant sondern waagerecht verbaut sind. Sind jedoch nur Storage Platten. Laufwerk C ist eine SSD, ohne SMART errors. Klingt erst mal alles nach einem Hardwareproblem. Aber ich hab auch so ein merkwürdiges Verhalten, dass Drag'n'Drop im Explorer einfach mal eine Weile lang nicht mehr funktionieren will - das File wird dann nur angeklickt aber nicht verschoben. Auch gehen Kontextfenster dann einfach von selbst zu. Ein Explorer Neustart bewirkt nichts. Dann warte ich 'ne halbe Stunde und plötzlich geht's wieder. Deswegen bin ich nun (auch) hier gelandet. Schritt 1 (defogger) hab ich ausgelassen, da ich abgesehen vom Windows 8 eigenen CD Emulator keinen weiteren installiert habe. (Anmeckern, wenn ich defogger doch anschmeißen soll) Im angehängten Archiv: FRST Addition GMER (aus abgesichertem Modus, stürzte sonst ab) |
09.08.2014, 09:39 | #2 |
/// the machine /// TB-Ausbilder | Windows 8.1. - Pausen, Festplattenprobleme, Bluescreen, Explorerprobleme Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke. So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
09.08.2014, 11:01 | #3 |
| Windows 8.1. - Pausen, Festplattenprobleme, Bluescreen, Explorerprobleme Hallo Schrauber,
__________________Danke für's Drübergucken! Aso, wollt ich erst. Dann kam explizit die Aufforderung, es in ein Archiv zu packen. Okay, hier die Einzel-Logs. FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-08-2014 Ran by xyz_user (administrator) on xyz_rechner on 09-08-2014 08:18:54 Running from C:\Users\xyz_user\AppData\Local\Microsoft\Windows\INetCache\IE\GWE0NEP9 Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Akamai Technologies, Inc.) C:\Users\xyz_user\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\xyz_user\AppData\Local\Akamai\netsession_win.exe () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Curse) C:\Users\xyz_user\AppData\Local\Apps\2.0\GW82342M.1VJ\7KTNXDWA.D02\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe (Dropbox, Inc.) C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe (Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Autodesk Inc.) C:\Users\xyz_user\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe (freefilesync.sourceforge.net) C:\Program Files\FreeFileSync\FreeFileSync.exe (freefilesync.sourceforge.net) C:\Program Files\FreeFileSync\Bin\FreeFileSync_x64.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-06-21] (Autodesk Inc.) HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.) HKU\S-1-5-21-3471595544-4284951698-2703622056-1001\...\Run: [Akamai NetSession Interface] => C:\Users\xyz_user\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) Startup: C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () Startup: C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBBAF0D8845AFCF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-07-05] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [596360 2014-06-21] (Autodesk Inc.) S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-08-02] (Microsoft Corporation) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed] S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed] R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed] S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed] S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [468240 2013-08-29] (Intel Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET) R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET) R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-09] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation) S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-09 08:18 - 2014-08-09 08:18 - 00000000 ____D () C:\FRST 2014-08-09 07:44 - 2014-08-09 07:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-09 07:44 - 2014-08-09 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-09 07:44 - 2014-08-09 07:44 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-09 07:44 - 2014-08-09 07:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-09 07:44 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-09 07:44 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-09 07:44 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-08 19:48 - 2014-08-08 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-08-08 19:42 - 2014-08-08 19:42 - 00000000 ____D () C:\Program Files\VideoLAN 2014-08-08 19:39 - 2014-08-08 20:31 - 00000369 _____ () C:\Users\xyz_user\Desktop\diary.txt 2014-08-08 08:18 - 2014-08-08 08:18 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\My_MP4Box_GUI 2014-08-08 08:17 - 2014-08-08 08:18 - 00000000 ____D () C:\Program Files\My MP4Box GUI 2014-08-08 08:17 - 2014-08-08 08:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My MP4Box GUI 2014-08-08 08:13 - 2014-08-08 08:13 - 03764948 _____ () C:\Users\xyz_user\Downloads\My MP4Box GUI v0.6.0.6.7z 2014-08-08 08:11 - 2014-08-08 08:13 - 19884818 _____ () C:\Users\xyz_user\Downloads\GPAC.Framework.Setup-0.5.1-DEV-rev5350-x64.exe 2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 _____ () C:\Users\xyz_user\Downloads\VA_X_Setup2043 (1).exe.opdownload 2014-08-06 21:17 - 2014-08-06 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64 2014-08-06 21:17 - 2014-08-06 21:17 - 00000000 ____D () C:\Program Files\ffdshow 2014-08-06 21:16 - 2014-08-06 21:16 - 05023797 _____ (ffdshow ) C:\Users\xyz_user\Downloads\ffdshow_rev4531_20140628_x64.exe 2014-08-06 21:16 - 2014-08-06 21:16 - 05023797 _____ (ffdshow ) C:\Users\xyz_user\Downloads\ffdshow_rev4531_20140628_x64 (1).exe 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\MadVR 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\LAV Filters 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\Haali 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\FFMPEG Core Files 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\DirectVobSub 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\DCoder Image Source 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\AC3Filter 2014-08-06 21:15 - 2014-08-09 04:22 - 00000000 ____D () C:\ProgramData\Zoom Player 2014-08-06 21:15 - 2014-08-06 21:15 - 00001989 _____ () C:\Users\Public\Desktop\Zoom Player FREE.lnk 2014-08-06 21:15 - 2014-08-06 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom Player 2014-08-06 21:15 - 2014-08-06 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow 2014-08-06 21:15 - 2014-08-06 21:15 - 00000000 ____D () C:\Program Files (x86)\Zoom Player 2014-08-06 21:15 - 2014-08-06 21:15 - 00000000 ____D () C:\Program Files (x86)\ffdshow 2014-08-06 21:15 - 2014-08-06 21:15 - 00000000 ____D () C:\Program Files (x86)\Bass Audio Decoder 2014-08-06 21:15 - 2014-02-09 20:36 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll 2014-08-06 21:14 - 2014-08-06 21:14 - 08337216 _____ () C:\Users\xyz_user\Downloads\zp920free.exe 2014-08-06 20:58 - 2014-08-06 20:58 - 11044520 _____ () C:\Users\xyz_user\Downloads\FreeFileSync_6.8_Windows_Setup.exe 2014-08-05 22:19 - 2014-08-05 22:19 - 28234461 _____ () C:\Users\xyz_user\Downloads\GOAL-MACHINE-DOKU_PAL-H.264 2014-08-05 21:58 - 2014-08-05 21:59 - 00000000 ____D () C:\Users\xyz_user\Documents\FinePrint-Dateien 2014-08-05 21:58 - 2014-08-05 21:58 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FinePrint 2014-08-05 21:58 - 2013-11-18 21:04 - 00578264 ____N (FinePrint Software, LLC) C:\Windows\system32\fpmon8.dll 2014-08-05 21:58 - 2013-11-18 21:04 - 00488152 ____N (FinePrint Software, LLC) C:\Windows\system32\fpres8-x64.dll 2014-08-05 21:56 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\xyz_user\Documents\PDF-Dateien 2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pdfFactory Pro 2014-08-05 21:56 - 2013-11-18 21:09 - 00569560 ____N (FinePrint Software, LLC) C:\Windows\system32\fppr5-x64.dll 2014-08-05 21:56 - 2013-11-18 21:08 - 00606424 ____N (FinePrint Software, LLC) C:\Windows\system32\fppmon5.dll 2014-08-05 07:37 - 2014-08-05 07:37 - 00001757 _____ () C:\Users\xyz_user\Documents\Sync_Portable_MP3.ffs_gui 2014-08-03 20:10 - 2014-08-03 20:11 - 17616496 _____ () C:\Users\xyz_user\Downloads\VA_X_Setup2043.exe 2014-08-03 14:58 - 2014-08-03 14:58 - 00798588 _____ () C:\Users\xyz_user\Downloads\CodecTweakTool-582.zip 2014-08-03 14:58 - 2014-08-03 14:58 - 00798588 _____ () C:\Users\xyz_user\Downloads\CodecTweakTool-582 (1).zip 2014-08-03 08:25 - 2014-08-03 08:25 - 00388608 _____ (Trend Micro Inc.) C:\Users\xyz_user\Downloads\HiJackThis204.exe 2014-08-03 08:25 - 2014-08-03 08:25 - 00388608 _____ (Trend Micro Inc.) C:\Users\xyz_user\Downloads\HiJackThis204 (1).exe 2014-08-03 08:25 - 2014-08-03 08:25 - 00011600 _____ () C:\Users\xyz_user\Downloads\hijackthis.log 2014-08-03 00:27 - 2014-08-03 00:27 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2014-08-03 00:27 - 2014-08-03 00:27 - 00000000 ____D () C:\Program Files\Unlocker 2014-08-02 21:24 - 2014-08-02 21:24 - 00000000 ____D () C:\Program Files (x86)\Workflow Manager Tools 2014-08-02 21:22 - 2014-08-02 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 2014-08-02 21:22 - 2014-08-02 21:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0 2014-08-02 21:20 - 2014-08-02 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1 2014-08-02 21:20 - 2014-08-02 21:20 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Silverlight Kits 2014-08-02 21:19 - 2014-08-02 21:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft XDE 2014-08-02 21:18 - 2014-08-02 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Web Tools 2014-08-02 21:14 - 2014-08-02 21:14 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits 2014-08-02 21:12 - 2014-08-02 21:12 - 00000000 ____D () C:\ProgramData\NuGet 2014-08-02 21:12 - 2014-08-02 21:12 - 00000000 ____D () C:\Program Files (x86)\NuGet 2014-08-02 17:07 - 2014-08-02 17:07 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\SteelBytes 2014-08-02 14:58 - 2014-08-02 14:58 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\MAGIX 2014-08-02 13:56 - 2014-08-02 14:58 - 00000000 ____D () C:\ProgramData\MAGIX 2014-08-02 13:56 - 2014-08-02 13:56 - 00001172 _____ () C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Plus.lnk 2014-08-02 13:56 - 2014-08-02 13:56 - 00000000 ____D () C:\Users\xyz_user\Documents\MAGIX_MusicEditor 2014-08-02 13:56 - 2014-08-02 13:56 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Xara 2014-08-02 13:56 - 2014-08-02 13:56 - 00000000 ____D () C:\Users\Public\Documents\MAGIX 2014-08-02 13:56 - 2014-08-02 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-08-02 13:56 - 2014-08-02 13:56 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0 2014-08-02 13:56 - 2014-08-02 13:56 - 00000000 ____D () C:\Program Files (x86)\MAGIX 2014-08-02 11:24 - 2014-08-02 11:24 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Unreal Engine 2014-08-02 11:07 - 2014-08-02 11:07 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\NuGet 2014-08-02 11:04 - 2014-08-02 13:36 - 00000000 ____D () C:\Users\xyz_user\Documents\Visual Studio 2013 2014-08-02 11:03 - 2014-08-02 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK 2014-08-02 11:03 - 2014-08-02 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-08-02 11:03 - 2014-08-02 11:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-08-02 11:02 - 2014-08-02 11:02 - 00000000 ____D () C:\Program Files\Windows Identity Foundation 2014-08-02 11:02 - 2014-08-02 11:02 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2014-08-02 11:02 - 2014-08-02 11:02 - 00000000 ____D () C:\Program Files\Microsoft Identity Extensions 2014-08-02 11:02 - 2014-08-02 11:02 - 00000000 ____D () C:\Program Files (x86)\Open XML SDK 2014-08-02 11:02 - 2014-08-02 11:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2014-08-02 11:01 - 2014-08-02 21:18 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit 2014-08-02 11:01 - 2014-08-02 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2014-08-02 11:01 - 2014-08-02 11:01 - 00000000 ____D () C:\Program Files\Application Verifier 2014-08-02 11:01 - 2014-08-02 11:01 - 00000000 ____D () C:\Program Files (x86)\Application Verifier 2014-08-02 11:00 - 2014-08-02 21:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET 2014-08-02 11:00 - 2014-08-02 11:00 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions 2014-08-02 10:59 - 2014-08-02 10:59 - 00000000 ____D () C:\Program Files\IIS Express 2014-08-02 10:59 - 2014-08-02 10:59 - 00000000 ____D () C:\Program Files\IIS 2014-08-02 10:59 - 2014-08-02 10:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft WCF Data Services 2014-08-02 10:59 - 2014-08-02 10:59 - 00000000 ____D () C:\Program Files (x86)\IIS Express 2014-08-02 10:59 - 2014-08-02 10:59 - 00000000 ____D () C:\Program Files (x86)\IIS 2014-08-02 10:58 - 2014-08-02 11:01 - 00000000 ____D () C:\Program Files (x86)\Windows Kits 2014-08-02 10:58 - 2014-08-02 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression 2014-08-02 10:56 - 2014-08-02 10:56 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop 2014-08-02 10:55 - 2014-08-02 21:15 - 00000000 ____D () C:\Windows\SysWOW64\1033 2014-08-02 10:55 - 2014-08-02 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013 2014-08-02 10:55 - 2014-08-02 11:02 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-08-02 10:55 - 2014-08-02 11:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-08-02 10:55 - 2014-08-02 10:55 - 00000000 ____D () C:\Windows\symbols 2014-08-02 10:55 - 2014-08-02 10:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer 2014-08-02 10:53 - 2014-08-02 21:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0 2014-08-02 10:53 - 2014-08-02 21:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs 2014-08-02 10:53 - 2014-08-02 10:55 - 00000000 ____D () C:\Windows\system32\1033 2014-08-02 10:53 - 2014-08-02 10:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf 2014-08-02 10:53 - 2014-08-02 10:53 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0 2014-08-02 09:59 - 2014-08-02 09:59 - 00002153 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2014-08-02 09:59 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-08-02 09:56 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-08-02 09:56 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00835032 _____ () C:\Windows\system32\nvmcumd.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-08-02 09:56 - 2014-07-02 22:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-08-02 09:09 - 2014-07-25 15:50 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2014-08-02 09:09 - 2014-07-25 15:50 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2014-08-02 08:50 - 2014-08-02 20:14 - 00000000 ____D () C:\workspace 2014-08-02 08:50 - 2014-08-02 08:50 - 00000000 ____D () C:\Users\xyz_user\Documents\GitHub 2014-08-02 08:49 - 2014-08-02 08:49 - 00000000 ____D () C:\Users\xyz_user\.ssh 2014-08-02 08:39 - 2014-08-02 11:04 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\GitHub 2014-08-02 08:39 - 2014-08-02 11:03 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\GitHub 2014-08-02 08:39 - 2014-08-02 08:39 - 00002201 _____ () C:\Users\xyz_user\Desktop\Git Shell.lnk 2014-08-02 08:39 - 2014-08-02 08:39 - 00000308 _____ () C:\Users\xyz_user\Desktop\GitHub.appref-ms 2014-08-02 08:39 - 2014-08-02 08:39 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2014-07-28 06:38 - 2014-08-06 20:59 - 00002467 _____ () C:\Users\xyz_user\Documents\SyncSettings.ffs_gui 2014-07-27 20:20 - 2014-07-27 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid 2014-07-27 20:20 - 2014-07-27 20:20 - 00000000 ____D () C:\Program Files (x86)\Xvid 2014-07-27 20:20 - 2014-04-08 22:51 - 00706048 _____ () C:\Windows\system32\xvidcore.dll 2014-07-27 20:20 - 2014-04-08 22:51 - 00251392 _____ () C:\Windows\system32\xvidvfw.dll 2014-07-27 20:20 - 2014-04-08 22:51 - 00169984 _____ () C:\Windows\system32\xvid.ax 2014-07-27 20:20 - 2014-04-08 22:50 - 00632320 _____ () C:\Windows\SysWOW64\xvidcore.dll 2014-07-27 20:20 - 2014-04-08 22:50 - 00235520 _____ () C:\Windows\SysWOW64\xvidvfw.dll 2014-07-27 20:20 - 2014-04-08 22:50 - 00147456 _____ () C:\Windows\SysWOW64\xvid.ax 2014-07-27 10:29 - 2014-08-06 20:59 - 00000956 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk 2014-07-27 10:29 - 2014-08-06 20:59 - 00000946 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealtimeSync.lnk 2014-07-27 10:29 - 2014-08-06 20:59 - 00000944 _____ () C:\Users\Public\Desktop\FreeFileSync.lnk 2014-07-27 10:29 - 2014-08-06 20:59 - 00000934 _____ () C:\Users\Public\Desktop\RealtimeSync.lnk 2014-07-27 10:29 - 2014-07-27 10:34 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\FreeFileSync 2014-07-27 10:29 - 2014-07-27 10:29 - 00000000 ____D () C:\Program Files\FreeFileSync 2014-07-27 00:00 - 2014-08-03 09:33 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Locate32 2014-07-26 22:02 - 2014-07-27 10:42 - 00000000 ____D () C:\Program Files (x86)\Cobian Backup 11 2014-07-26 15:12 - 2014-07-26 15:12 - 00000072 _____ () C:\Users\xyz_user\Desktop\vid file extension.txt 2014-07-26 15:12 - 2014-07-26 15:12 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-07-26 15:09 - 2013-11-25 01:21 - 00035741 _____ () C:\Windows\ProfessionalWMC.xml 2014-07-26 12:45 - 2014-08-02 20:52 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\DVS 2014-07-26 12:45 - 2014-07-26 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Video Search 2014-07-26 12:45 - 2014-07-26 12:45 - 00000000 ____D () C:\Program Files (x86)\Duplicate Video Search 2014-07-26 12:36 - 2014-07-26 12:36 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-07-26 12:35 - 2014-07-26 12:36 - 00026112 _____ () C:\Users\xyz_user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-07-26 12:34 - 2014-07-26 12:36 - 00000000 _____ () C:\Users\xyz_user\Documents\vlcsrc.log 2014-07-26 12:34 - 2014-07-26 12:34 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\VisioForge 2014-07-23 07:26 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll 2014-07-23 07:26 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll 2014-07-23 07:26 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe 2014-07-22 08:59 - 2014-07-22 09:00 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Akamai 2014-07-22 08:59 - 2014-07-22 08:59 - 00000000 ____D () C:\ProgramData\Applications 2014-07-20 13:57 - 2014-07-20 13:57 - 00000000 ____D () C:\MudboxCommunity 2014-07-20 13:56 - 2014-07-20 13:57 - 00000000 ____D () C:\Users\xyz_user\Documents\Mudbox 2014-07-20 13:56 - 2014-07-20 13:56 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\NVIDIA 2014-07-20 13:56 - 2014-07-20 13:56 - 00000000 ____D () C:\ProgramData\FLEXnet 2014-07-20 13:41 - 2014-07-20 13:41 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2014-07-20 13:41 - 2014-07-20 13:41 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2014-07-20 13:41 - 2014-07-20 13:41 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe 2014-07-20 13:41 - 2014-07-20 13:41 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2014-07-20 13:41 - 2014-07-20 13:41 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2014-07-20 13:41 - 2014-07-20 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center 2014-07-20 13:41 - 2014-07-20 13:41 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center 2014-07-20 09:34 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2014-07-20 09:34 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2014-07-20 09:33 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll 2014-07-20 09:33 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll 2014-07-20 09:33 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2014-07-20 09:33 - 2014-05-31 12:07 - 00467800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2014-07-20 09:33 - 2014-05-31 12:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-07-20 09:33 - 2014-05-31 12:07 - 00419672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-07-20 09:33 - 2014-05-31 12:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-07-20 09:33 - 2014-05-31 12:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-07-20 09:33 - 2014-05-31 08:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-07-20 09:33 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2014-07-20 09:33 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2014-07-20 09:33 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2014-07-20 09:33 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2014-07-20 09:33 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2014-07-20 09:33 - 2014-05-29 08:21 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll 2014-07-20 09:33 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-07-20 09:33 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll 2014-07-20 09:33 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll 2014-07-20 09:33 - 2014-04-30 06:30 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll 2014-07-20 09:33 - 2014-04-30 05:52 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll 2014-07-19 15:22 - 2014-07-19 15:22 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Cinema_Squid 2014-07-19 15:14 - 2014-07-19 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-07-19 15:14 - 2014-07-19 15:14 - 00000000 ____D () C:\Program Files\7-Zip 2014-07-19 14:33 - 2014-07-19 14:33 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\dvdcss 2014-07-19 12:38 - 2014-07-19 12:38 - 00001750 _____ () C:\Users\Public\Desktop\Mudbox 2015.lnk 2014-07-19 12:38 - 2014-07-19 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Mudbox 2015 2014-07-19 12:38 - 2014-07-19 12:38 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared 2014-07-19 12:37 - 2014-07-22 09:00 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Autodesk 2014-07-19 12:37 - 2014-07-22 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2014-07-19 12:37 - 2014-07-19 12:37 - 00000000 ____D () C:\Users\xyz_user\Documents\Autodesk Application Manager 2014-07-19 12:37 - 2014-07-19 12:37 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared 2014-07-19 12:37 - 2014-07-19 12:37 - 00000000 ____D () C:\Program Files\Autodesk 2014-07-19 12:33 - 2014-07-20 13:57 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Autodesk 2014-07-19 12:33 - 2014-07-20 13:57 - 00000000 ____D () C:\ProgramData\Autodesk 2014-07-19 12:32 - 2014-07-20 16:21 - 00000000 ____D () C:\Autodesk Install 2014-07-19 12:04 - 2014-07-27 17:19 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\HandBrake 2014-07-19 12:04 - 2014-07-19 12:04 - 00000836 _____ () C:\Users\xyz_user\Desktop\Handbrake.lnk 2014-07-19 12:04 - 2014-07-19 12:04 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake 2014-07-19 12:04 - 2014-07-19 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake 2014-07-19 12:04 - 2014-07-19 12:04 - 00000000 ____D () C:\Program Files\Handbrake 2014-07-19 11:40 - 2014-07-19 11:40 - 00000270 _____ () C:\Users\xyz_user\Desktop\Festplatten.txt 2014-07-19 10:11 - 2014-07-19 10:11 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\ESET 2014-07-19 08:09 - 2014-07-19 08:09 - 00001127 _____ () C:\Users\Public\Desktop\DriveImage XML.lnk 2014-07-19 08:09 - 2014-07-19 08:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software 2014-07-19 08:09 - 2014-07-19 08:09 - 00000000 ____D () C:\Program Files (x86)\Runtime Software 2014-07-18 23:38 - 2014-07-18 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune 2014-07-18 23:38 - 2014-07-18 23:38 - 00000000 ____D () C:\Program Files (x86)\HD Tune 2014-07-18 22:58 - 2014-08-07 08:47 - 00007597 _____ () C:\Users\xyz_user\AppData\Local\Resmon.ResmonCfg 2014-07-18 21:42 - 2014-07-18 21:42 - 00001417 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk 2014-07-18 21:42 - 2014-07-18 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate 2014-07-18 21:42 - 2014-07-18 21:42 - 00000000 ____D () C:\Program Files (x86)\Seagate 2014-07-13 20:11 - 2014-07-13 20:13 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\paint.net 2014-07-13 20:11 - 2014-07-13 20:11 - 00001312 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2014-07-13 20:11 - 2014-07-13 20:11 - 00000000 ____D () C:\Program Files\paint.net 2014-07-13 20:09 - 2014-07-13 20:09 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Apple Computer 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Apple Computer 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\Program Files\iTunes 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\Program Files\iPod 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-07-13 20:09 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-07-13 20:08 - 2014-07-13 20:08 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-07-13 20:08 - 2014-07-13 20:08 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-07-13 20:08 - 2014-07-13 20:08 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Apple 2014-07-13 20:08 - 2014-07-13 20:08 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-07-13 20:08 - 2014-07-13 20:08 - 00000000 ____D () C:\Program Files\Bonjour 2014-07-13 20:08 - 2014-07-13 20:08 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-07-13 20:08 - 2014-07-13 20:08 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-07-13 20:07 - 2014-07-13 20:08 - 00000000 ____D () C:\ProgramData\Apple 2014-07-11 23:49 - 2014-07-11 23:49 - 00000931 _____ () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk 2014-07-11 23:49 - 2014-07-11 23:49 - 00000000 ____D () C:\Program Files\MediaInfo 2014-07-11 15:51 - 2014-08-08 20:06 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\vlc 2014-07-11 15:50 - 2014-08-08 19:48 - 00000887 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-07-11 15:50 - 2014-07-11 15:50 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-07-11 13:34 - 2014-07-11 13:34 - 00001164 _____ () C:\Users\xyz_user\Desktop\Duplicate Cleaner Pro.lnk 2014-07-11 13:34 - 2014-07-11 13:34 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Pro 2014-07-11 13:34 - 2014-07-11 13:34 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\IsolatedStorage 2014-07-11 13:34 - 2014-07-11 13:34 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\DigitalVolcano 2014-07-11 13:34 - 2014-07-11 13:34 - 00000000 ____D () C:\ProgramData\IsolatedStorage 2014-07-11 13:34 - 2014-07-11 13:34 - 00000000 ____D () C:\Program Files (x86)\Duplicate Cleaner Pro 2014-07-10 21:59 - 2014-07-10 21:59 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk 2014-07-10 21:59 - 2014-07-10 21:59 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0 2014-07-10 21:59 - 2014-07-10 21:59 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\OpenOffice 2014-07-10 21:59 - 2014-07-10 21:59 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-07-10 03:49 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-09 08:19 - 2014-07-07 10:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-09 08:18 - 2014-08-09 08:18 - 00000000 ____D () C:\FRST 2014-08-09 08:06 - 2014-07-04 23:56 - 00000000 ____D () C:\_MyCabinet 2014-08-09 08:04 - 2014-07-05 02:08 - 01063478 _____ () C:\Windows\WindowsUpdate.log 2014-08-09 08:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru 2014-08-09 07:50 - 2014-07-05 02:13 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3471595544-4284951698-2703622056-1001 2014-08-09 07:44 - 2014-08-09 07:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-09 07:44 - 2014-08-09 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-09 07:44 - 2014-08-09 07:44 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-09 07:44 - 2014-08-09 07:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-09 07:30 - 2014-07-07 10:39 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Deployment 2014-08-09 07:30 - 2014-07-05 02:08 - 00000000 ____D () C:\Users\xyz_user 2014-08-09 07:30 - 2014-07-05 00:57 - 00000000 ___RD () C:\Users\xyz_user\Desktop\Dropbox 2014-08-09 07:30 - 2014-07-05 00:55 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Dropbox 2014-08-09 04:44 - 2013-09-30 06:14 - 01804026 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-09 04:44 - 2013-09-30 05:56 - 00773818 _____ () C:\Windows\system32\perfh007.dat 2014-08-09 04:44 - 2013-09-30 05:56 - 00164462 _____ () C:\Windows\system32\perfc007.dat 2014-08-09 04:37 - 2014-07-08 03:18 - 00000000 ____D () C:\Windows\Minidump 2014-08-09 04:37 - 2014-07-05 02:02 - 00150292 ____N () C:\Windows\Minidump\080914-10343-01.dmp 2014-08-09 04:37 - 2014-07-04 23:38 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-08-09 04:37 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-09 04:22 - 2014-08-06 21:15 - 00000000 ____D () C:\ProgramData\Zoom Player 2014-08-08 20:31 - 2014-08-08 19:39 - 00000369 _____ () C:\Users\xyz_user\Desktop\diary.txt 2014-08-08 20:06 - 2014-07-11 15:51 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\vlc 2014-08-08 19:48 - 2014-08-08 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-08-08 19:48 - 2014-07-11 15:50 - 00000887 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-08-08 19:42 - 2014-08-08 19:42 - 00000000 ____D () C:\Program Files\VideoLAN 2014-08-08 10:01 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness 2014-08-08 08:18 - 2014-08-08 08:18 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\My_MP4Box_GUI 2014-08-08 08:18 - 2014-08-08 08:17 - 00000000 ____D () C:\Program Files\My MP4Box GUI 2014-08-08 08:17 - 2014-08-08 08:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My MP4Box GUI 2014-08-08 08:13 - 2014-08-08 08:13 - 03764948 _____ () C:\Users\xyz_user\Downloads\My MP4Box GUI v0.6.0.6.7z 2014-08-08 08:13 - 2014-08-08 08:11 - 19884818 _____ () C:\Users\xyz_user\Downloads\GPAC.Framework.Setup-0.5.1-DEV-rev5350-x64.exe 2014-08-07 21:06 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 _____ () C:\Users\xyz_user\Downloads\VA_X_Setup2043 (1).exe.opdownload 2014-08-07 08:51 - 2013-09-29 21:04 - 00006344 _____ () C:\Windows\PFRO.log 2014-08-07 08:51 - 2013-08-22 16:44 - 00506704 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-07 08:47 - 2014-07-18 22:58 - 00007597 _____ () C:\Users\xyz_user\AppData\Local\Resmon.ResmonCfg 2014-08-07 07:37 - 2014-08-07 07:37 - 00000040 _____ () C:\Users\xyz_user\Desktop\Uploaded Account.txt 2014-08-07 07:30 - 2014-07-05 00:47 - 00003864 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1404514041 2014-08-07 07:30 - 2014-07-05 00:47 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-08-06 21:17 - 2014-08-06 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64 2014-08-06 21:17 - 2014-08-06 21:17 - 00000000 ____D () C:\Program Files\ffdshow 2014-08-06 21:16 - 2014-08-06 21:16 - 05023797 _____ (ffdshow ) C:\Users\xyz_user\Downloads\ffdshow_rev4531_20140628_x64.exe 2014-08-06 21:16 - 2014-08-06 21:16 - 05023797 _____ (ffdshow ) C:\Users\xyz_user\Downloads\ffdshow_rev4531_20140628_x64 (1).exe 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\MadVR 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\LAV Filters 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\Haali 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\FFMPEG Core Files 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\DirectVobSub 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\DCoder Image Source 2014-08-06 21:16 - 2014-08-06 21:16 - 00000000 ____D () C:\Program Files (x86)\AC3Filter 2014-08-06 21:15 - 2014-08-06 21:15 - 00001989 _____ () C:\Users\Public\Desktop\Zoom Player FREE.lnk 2014-08-06 21:15 - 2014-08-06 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom Player 2014-08-06 21:15 - 2014-08-06 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow 2014-08-06 21:15 - 2014-08-06 21:15 - 00000000 ____D () C:\Program Files (x86)\Zoom Player 2014-08-06 21:15 - 2014-08-06 21:15 - 00000000 ____D () C:\Program Files (x86)\ffdshow 2014-08-06 21:15 - 2014-08-06 21:15 - 00000000 ____D () C:\Program Files (x86)\Bass Audio Decoder 2014-08-06 21:14 - 2014-08-06 21:14 - 08337216 _____ () C:\Users\xyz_user\Downloads\zp920free.exe 2014-08-06 20:59 - 2014-07-28 06:38 - 00002467 _____ () C:\Users\xyz_user\Documents\SyncSettings.ffs_gui 2014-08-06 20:59 - 2014-07-27 10:29 - 00000956 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk 2014-08-06 20:59 - 2014-07-27 10:29 - 00000946 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealtimeSync.lnk 2014-08-06 20:59 - 2014-07-27 10:29 - 00000944 _____ () C:\Users\Public\Desktop\FreeFileSync.lnk 2014-08-06 20:59 - 2014-07-27 10:29 - 00000934 _____ () C:\Users\Public\Desktop\RealtimeSync.lnk 2014-08-06 20:58 - 2014-08-06 20:58 - 11044520 _____ () C:\Users\xyz_user\Downloads\FreeFileSync_6.8_Windows_Setup.exe 2014-08-06 00:22 - 2014-07-04 23:54 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-08-05 22:39 - 2014-07-04 23:55 - 00000000 ____D () C:\temp 2014-08-05 22:19 - 2014-08-05 22:19 - 28234461 _____ () C:\Users\xyz_user\Downloads\GOAL-MACHINE-DOKU_PAL-H.264 2014-08-05 21:59 - 2014-08-05 21:58 - 00000000 ____D () C:\Users\xyz_user\Documents\FinePrint-Dateien 2014-08-05 21:58 - 2014-08-05 21:58 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FinePrint 2014-08-05 21:57 - 2014-08-05 21:56 - 00000000 ____D () C:\Users\xyz_user\Documents\PDF-Dateien 2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pdfFactory Pro 2014-08-05 07:37 - 2014-08-05 07:37 - 00001757 _____ () C:\Users\xyz_user\Documents\Sync_Portable_MP3.ffs_gui 2014-08-03 20:11 - 2014-08-03 20:10 - 17616496 _____ () C:\Users\xyz_user\Downloads\VA_X_Setup2043.exe 2014-08-03 15:59 - 2014-07-04 23:47 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-08-03 14:58 - 2014-08-03 14:58 - 00798588 _____ () C:\Users\xyz_user\Downloads\CodecTweakTool-582.zip 2014-08-03 14:58 - 2014-08-03 14:58 - 00798588 _____ () C:\Users\xyz_user\Downloads\CodecTweakTool-582 (1).zip 2014-08-03 14:12 - 2013-08-22 16:46 - 00019477 _____ () C:\Windows\setupact.log 2014-08-03 09:33 - 2014-07-27 00:00 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Locate32 2014-08-03 08:25 - 2014-08-03 08:25 - 00388608 _____ (Trend Micro Inc.) C:\Users\xyz_user\Downloads\HiJackThis204.exe 2014-08-03 08:25 - 2014-08-03 08:25 - 00388608 _____ (Trend Micro Inc.) C:\Users\xyz_user\Downloads\HiJackThis204 (1).exe 2014-08-03 08:25 - 2014-08-03 08:25 - 00011600 _____ () C:\Users\xyz_user\Downloads\hijackthis.log 2014-08-03 08:25 - 2014-07-05 02:08 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\VirtualStore 2014-08-03 05:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache 2014-08-03 00:27 - 2014-08-03 00:27 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2014-08-03 00:27 - 2014-08-03 00:27 - 00000000 ____D () C:\Program Files\Unlocker 2014-08-02 21:26 - 2014-07-05 02:35 - 00000000 ____D () C:\ProgramData\Package Cache 2014-08-02 21:24 - 2014-08-02 21:24 - 00000000 ____D () C:\Program Files (x86)\Workflow Manager Tools 2014-08-02 21:24 - 2014-08-02 10:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0 2014-08-02 21:24 - 2014-07-07 10:37 - 00000000 ____D () C:\Program Files\MSBuild 2014-08-02 21:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-08-02 21:22 - 2014-08-02 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 2014-08-02 21:22 - 2014-08-02 21:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0 2014-08-02 21:22 - 2014-08-02 10:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs 2014-08-02 21:20 - 2014-08-02 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1 2014-08-02 21:20 - 2014-08-02 21:20 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Silverlight Kits 2014-08-02 21:19 - 2014-08-02 21:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft XDE 2014-08-02 21:18 - 2014-08-02 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Web Tools 2014-08-02 21:18 - 2014-08-02 11:01 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit 2014-08-02 21:15 - 2014-08-02 10:55 - 00000000 ____D () C:\Windows\SysWOW64\1033 2014-08-02 21:15 - 2014-08-02 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013 2014-08-02 21:14 - 2014-08-02 21:14 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits 2014-08-02 21:12 - 2014-08-02 21:12 - 00000000 ____D () C:\ProgramData\NuGet 2014-08-02 21:12 - 2014-08-02 21:12 - 00000000 ____D () C:\Program Files (x86)\NuGet 2014-08-02 21:12 - 2014-08-02 11:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET 2014-08-02 20:52 - 2014-07-26 12:45 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\DVS 2014-08-02 20:14 - 2014-08-02 08:50 - 00000000 ____D () C:\workspace 2014-08-02 17:07 - 2014-08-02 17:07 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\SteelBytes 2014-08-02 14:58 - 2014-08-02 14:58 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\MAGIX 2014-08-02 14:58 - 2014-08-02 13:56 - 00000000 ____D () C:\ProgramData\MAGIX 2014-08-02 13:56 - 2014-08-02 13:56 - 00001172 _____ () C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Plus.lnk 2014-08-02 13:56 - 2014-08-02 13:56 - 00000000 ____D () C:\Users\xyz_user\Documents\MAGIX_MusicEditor 2014-08-02 13:56 - 2014-08-02 13:56 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Xara 2014-08-02 13:56 - 2014-08-02 13:56 - 00000000 ____D () C:\Users\Public\Documents\MAGIX 2014-08-02 13:56 - 2014-08-02 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-08-02 13:56 - 2014-08-02 13:56 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0 2014-08-02 13:56 - 2014-08-02 13:56 - 00000000 ____D () C:\Program Files (x86)\MAGIX 2014-08-02 13:56 - 2007-04-27 10:43 - 00120200 _____ () C:\Windows\SysWOW64\DLLDEV32i.dll 2014-08-02 13:36 - 2014-08-02 11:04 - 00000000 ____D () C:\Users\xyz_user\Documents\Visual Studio 2013 2014-08-02 11:24 - 2014-08-02 11:24 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Unreal Engine 2014-08-02 11:07 - 2014-08-02 11:07 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\NuGet 2014-08-02 11:04 - 2014-08-02 08:39 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\GitHub 2014-08-02 11:03 - 2014-08-02 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK 2014-08-02 11:03 - 2014-08-02 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-08-02 11:03 - 2014-08-02 11:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-08-02 11:03 - 2014-08-02 08:39 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\GitHub 2014-08-02 11:02 - 2014-08-02 11:02 - 00000000 ____D () C:\Program Files\Windows Identity Foundation 2014-08-02 11:02 - 2014-08-02 11:02 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2014-08-02 11:02 - 2014-08-02 11:02 - 00000000 ____D () C:\Program Files\Microsoft Identity Extensions 2014-08-02 11:02 - 2014-08-02 11:02 - 00000000 ____D () C:\Program Files (x86)\Open XML SDK 2014-08-02 11:02 - 2014-08-02 11:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2014-08-02 11:02 - 2014-08-02 10:55 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-08-02 11:02 - 2014-08-02 10:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-08-02 11:02 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp 2014-08-02 11:01 - 2014-08-02 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2014-08-02 11:01 - 2014-08-02 11:01 - 00000000 ____D () C:\Program Files\Application Verifier 2014-08-02 11:01 - 2014-08-02 11:01 - 00000000 ____D () C:\Program Files (x86)\Application Verifier 2014-08-02 11:01 - 2014-08-02 10:58 - 00000000 ____D () C:\Program Files (x86)\Windows Kits 2014-08-02 11:00 - 2014-08-02 11:00 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions 2014-08-02 10:59 - 2014-08-02 10:59 - 00000000 ____D () C:\Program Files\IIS Express 2014-08-02 10:59 - 2014-08-02 10:59 - 00000000 ____D () C:\Program Files\IIS 2014-08-02 10:59 - 2014-08-02 10:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft WCF Data Services 2014-08-02 10:59 - 2014-08-02 10:59 - 00000000 ____D () C:\Program Files (x86)\IIS Express 2014-08-02 10:59 - 2014-08-02 10:59 - 00000000 ____D () C:\Program Files (x86)\IIS 2014-08-02 10:58 - 2014-08-02 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression 2014-08-02 10:56 - 2014-08-02 10:56 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop 2014-08-02 10:55 - 2014-08-02 10:55 - 00000000 ____D () C:\Windows\symbols 2014-08-02 10:55 - 2014-08-02 10:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer 2014-08-02 10:55 - 2014-08-02 10:53 - 00000000 ____D () C:\Windows\system32\1033 2014-08-02 10:53 - 2014-08-02 10:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf 2014-08-02 10:53 - 2014-08-02 10:53 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0 2014-08-02 10:53 - 2014-07-07 10:37 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-08-02 09:59 - 2014-08-02 09:59 - 00002153 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2014-08-02 09:59 - 2014-07-04 23:37 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-08-02 09:58 - 2014-07-04 23:37 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-08-02 09:09 - 2014-07-04 23:39 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\NVIDIA Corporation 2014-08-02 08:50 - 2014-08-02 08:50 - 00000000 ____D () C:\Users\xyz_user\Documents\GitHub 2014-08-02 08:49 - 2014-08-02 08:49 - 00000000 ____D () C:\Users\xyz_user\.ssh 2014-08-02 08:39 - 2014-08-02 08:39 - 00002201 _____ () C:\Users\xyz_user\Desktop\Git Shell.lnk 2014-08-02 08:39 - 2014-08-02 08:39 - 00000308 _____ () C:\Users\xyz_user\Desktop\GitHub.appref-ms 2014-08-02 08:39 - 2014-08-02 08:39 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2014-07-27 20:20 - 2014-07-27 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid 2014-07-27 20:20 - 2014-07-27 20:20 - 00000000 ____D () C:\Program Files (x86)\Xvid 2014-07-27 17:19 - 2014-07-19 12:04 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\HandBrake 2014-07-27 10:42 - 2014-07-26 22:02 - 00000000 ____D () C:\Program Files (x86)\Cobian Backup 11 2014-07-27 10:34 - 2014-07-27 10:29 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\FreeFileSync 2014-07-27 10:29 - 2014-07-27 10:29 - 00000000 ____D () C:\Program Files\FreeFileSync 2014-07-26 15:12 - 2014-07-26 15:12 - 00000072 _____ () C:\Users\xyz_user\Desktop\vid file extension.txt 2014-07-26 15:12 - 2014-07-26 15:12 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-07-26 15:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-07-26 15:09 - 2014-07-05 00:53 - 01401224 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2014-07-26 15:09 - 2013-08-22 13:33 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\sysprepMCE.dll 2014-07-26 15:09 - 2013-08-22 13:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\mcsrchPH.dll 2014-07-26 15:09 - 2013-08-22 12:54 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\MsPbdaCoInst.dll 2014-07-26 15:09 - 2013-08-22 12:32 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll 2014-07-26 15:09 - 2013-08-22 12:27 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll 2014-07-26 15:09 - 2013-08-22 12:17 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll 2014-07-26 15:09 - 2013-08-22 05:04 - 00097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iTVData.dll 2014-07-26 12:45 - 2014-07-26 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Video Search 2014-07-26 12:45 - 2014-07-26 12:45 - 00000000 ____D () C:\Program Files (x86)\Duplicate Video Search 2014-07-26 12:36 - 2014-07-26 12:36 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-07-26 12:36 - 2014-07-26 12:35 - 00026112 _____ () C:\Users\xyz_user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-07-26 12:36 - 2014-07-26 12:34 - 00000000 _____ () C:\Users\xyz_user\Documents\vlcsrc.log 2014-07-26 12:34 - 2014-07-26 12:34 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\VisioForge 2014-07-26 09:16 - 2014-07-05 00:57 - 00001038 _____ () C:\Users\xyz_user\Desktop\Dropbox.lnk 2014-07-26 09:16 - 2014-07-05 00:56 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-07-25 15:50 - 2014-08-02 09:09 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2014-07-25 15:50 - 2014-08-02 09:09 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2014-07-25 15:50 - 2014-07-04 23:39 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-07-25 15:50 - 2014-07-04 23:39 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-07-22 09:00 - 2014-07-22 08:59 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Akamai 2014-07-22 09:00 - 2014-07-19 12:37 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Autodesk 2014-07-22 09:00 - 2014-07-19 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2014-07-22 08:59 - 2014-07-22 08:59 - 00000000 ____D () C:\ProgramData\Applications 2014-07-20 16:21 - 2014-07-19 12:32 - 00000000 ____D () C:\Autodesk Install 2014-07-20 13:57 - 2014-07-20 13:57 - 00000000 ____D () C:\MudboxCommunity 2014-07-20 13:57 - 2014-07-20 13:56 - 00000000 ____D () C:\Users\xyz_user\Documents\Mudbox 2014-07-20 13:57 - 2014-07-19 12:33 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Autodesk 2014-07-20 13:57 - 2014-07-19 12:33 - 00000000 ____D () C:\ProgramData\Autodesk 2014-07-20 13:56 - 2014-07-20 13:56 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\NVIDIA 2014-07-20 13:56 - 2014-07-20 13:56 - 00000000 ____D () C:\ProgramData\FLEXnet 2014-07-20 13:41 - 2014-07-20 13:41 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2014-07-20 13:41 - 2014-07-20 13:41 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2014-07-20 13:41 - 2014-07-20 13:41 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe 2014-07-20 13:41 - 2014-07-20 13:41 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2014-07-20 13:41 - 2014-07-20 13:41 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2014-07-20 13:41 - 2014-07-20 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center 2014-07-20 13:41 - 2014-07-20 13:41 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center 2014-07-20 09:33 - 2014-07-05 00:53 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-07-19 15:22 - 2014-07-19 15:22 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Cinema_Squid 2014-07-19 15:14 - 2014-07-19 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-07-19 15:14 - 2014-07-19 15:14 - 00000000 ____D () C:\Program Files\7-Zip 2014-07-19 14:33 - 2014-07-19 14:33 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\dvdcss 2014-07-19 12:38 - 2014-07-19 12:38 - 00001750 _____ () C:\Users\Public\Desktop\Mudbox 2015.lnk 2014-07-19 12:38 - 2014-07-19 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Mudbox 2015 2014-07-19 12:38 - 2014-07-19 12:38 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared 2014-07-19 12:37 - 2014-07-19 12:37 - 00000000 ____D () C:\Users\xyz_user\Documents\Autodesk Application Manager 2014-07-19 12:37 - 2014-07-19 12:37 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared 2014-07-19 12:37 - 2014-07-19 12:37 - 00000000 ____D () C:\Program Files\Autodesk 2014-07-19 12:04 - 2014-07-19 12:04 - 00000836 _____ () C:\Users\xyz_user\Desktop\Handbrake.lnk 2014-07-19 12:04 - 2014-07-19 12:04 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake 2014-07-19 12:04 - 2014-07-19 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake 2014-07-19 12:04 - 2014-07-19 12:04 - 00000000 ____D () C:\Program Files\Handbrake 2014-07-19 11:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Registration 2014-07-19 11:40 - 2014-07-19 11:40 - 00000270 _____ () C:\Users\xyz_user\Desktop\Festplatten.txt 2014-07-19 10:11 - 2014-07-19 10:11 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\ESET 2014-07-19 08:09 - 2014-07-19 08:09 - 00001127 _____ () C:\Users\Public\Desktop\DriveImage XML.lnk 2014-07-19 08:09 - 2014-07-19 08:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software 2014-07-19 08:09 - 2014-07-19 08:09 - 00000000 ____D () C:\Program Files (x86)\Runtime Software 2014-07-18 23:38 - 2014-07-18 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune 2014-07-18 23:38 - 2014-07-18 23:38 - 00000000 ____D () C:\Program Files (x86)\HD Tune 2014-07-18 21:42 - 2014-07-18 21:42 - 00001417 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk 2014-07-18 21:42 - 2014-07-18 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate 2014-07-18 21:42 - 2014-07-18 21:42 - 00000000 ____D () C:\Program Files (x86)\Seagate 2014-07-13 20:13 - 2014-07-13 20:11 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\paint.net 2014-07-13 20:11 - 2014-07-13 20:11 - 00001312 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2014-07-13 20:11 - 2014-07-13 20:11 - 00000000 ____D () C:\Program Files\paint.net 2014-07-13 20:09 - 2014-07-13 20:09 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Apple Computer 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Apple Computer 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\Program Files\iTunes 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\Program Files\iPod 2014-07-13 20:09 - 2014-07-13 20:09 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-07-13 20:08 - 2014-07-13 20:08 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-07-13 20:08 - 2014-07-13 20:08 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-07-13 20:08 - 2014-07-13 20:08 - 00000000 ____D () C:\Users\xyz_user\AppData\Local\Apple 2014-07-13 20:08 - 2014-07-13 20:08 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-07-13 20:08 - 2014-07-13 20:08 - 00000000 ____D () C:\Program Files\Bonjour 2014-07-13 20:08 - 2014-07-13 20:08 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-07-13 20:08 - 2014-07-13 20:08 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-07-13 20:08 - 2014-07-13 20:07 - 00000000 ____D () C:\ProgramData\Apple 2014-07-11 23:49 - 2014-07-11 23:49 - 00000931 _____ () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk 2014-07-11 23:49 - 2014-07-11 23:49 - 00000000 ____D () C:\Program Files\MediaInfo 2014-07-11 15:50 - 2014-07-11 15:50 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-07-11 13:52 - 2014-07-04 23:54 - 00000000 ____D () C:\ProgramData\Origin 2014-07-11 13:34 - 2014-07-11 13:34 - 00001164 _____ () C:\Users\xyz_user\Desktop\Duplicate Cleaner Pro.lnk 2014-07-11 13:34 - 2014-07-11 13:34 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Pro 2014-07-11 13:34 - 2014-07-11 13:34 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\IsolatedStorage 2014-07-11 13:34 - 2014-07-11 13:34 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\DigitalVolcano 2014-07-11 13:34 - 2014-07-11 13:34 - 00000000 ____D () C:\ProgramData\IsolatedStorage 2014-07-11 13:34 - 2014-07-11 13:34 - 00000000 ____D () C:\Program Files (x86)\Duplicate Cleaner Pro 2014-07-10 22:15 - 2014-07-05 00:07 - 00000000 ____D () C:\Users\xyz_user\Documents\Fax 2014-07-10 21:59 - 2014-07-10 21:59 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk 2014-07-10 21:59 - 2014-07-10 21:59 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0 2014-07-10 21:59 - 2014-07-10 21:59 - 00000000 ____D () C:\Users\xyz_user\AppData\Roaming\OpenOffice 2014-07-10 21:59 - 2014-07-10 21:59 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-07-10 18:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData 2014-07-10 18:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-10 18:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-10 18:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore 2014-07-10 06:16 - 2014-07-23 07:26 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll 2014-07-10 06:03 - 2014-07-23 07:26 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll 2014-07-10 05:33 - 2014-07-23 07:26 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe 2014-07-10 03:50 - 2014-07-04 23:55 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-10 03:50 - 2014-07-04 23:55 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-10 03:50 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-07-10 03:49 - 2013-09-30 05:59 - 00000000 ____D () C:\Program Files\Windows Journal Some content of TEMP: ==================== C:\Users\xyz_user\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps2a6um.dll C:\Users\xyz_user\AppData\Local\Temp\proxy_vole146870901037846162.dll C:\Users\xyz_user\AppData\Local\Temp\vlc-2.1.5-win32.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-06 02:58 ==================== End Of Log ============================ --- --- --- |
09.08.2014, 21:30 | #4 |
| Windows 8.1. - Pausen, Festplattenprobleme, Bluescreen, Explorerprobleme Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2014 Ran by xyz_user at 2014-08-09 08:19:13 Running from C:\Users\xyz_user\AppData\Local\Microsoft\Windows\INetCache\IE\GWE0NEP9 Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden 16.0.0.0 (HKLM-x32\...\{6B75BAF2-A67A-418D-A3D4-B27A5C04F2F5}_is1) (Version: 16.0.0 - Duplicate Video Search) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.155.0 - Autodesk) Autodesk Download Manager (HKLM-x32\...\{C897D9EC-13C6-4A22-ABF7-33F2126A7DB6}) (Version: 3.0.8.0 - Autodesk, Inc.) Autodesk Mudbox 2015 (HKLM\...\Autodesk Mudbox 2015) (Version: 9.0.0.1383 - Autodesk) Autodesk Mudbox 2015 (Version: 9.0.0.1383 - Autodesk) Hidden AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - ) Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden Build Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CrystalDiskInfo 6.1.14 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.14 - Crystal Dew World) Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse) DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - ) DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - ) Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden Dragon Age™ II (HKLM-x32\...\{4D565319-8B91-41CB-961C-0DDC86101AC5}) (Version: 1.04.8524.0 - Electronic Arts) DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software) Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.) Duplicate Cleaner Pro 3.2.4 (HKLM-x32\...\Duplicate Cleaner Pro) (Version: 3.2.4 - DigitalVolcano Software Ltd) Entity Framework 6.1.0 Tools for Visual Studio 2013 (HKLM-x32\...\{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}) (Version: 12.0.30228.0 - Microsoft Corporation) ESET NOD32 Antivirus (HKLM\...\{EDD78A07-776B-417C-817B-35BB00F12EBF}) (Version: 7.0.317.4 - ESET, spol s r. o.) ffdshow v1.3.4530 [2014-02-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4530.0 - ) ffdshow x64 v1.3.4531 [2014-06-28] (HKLM\...\ffdshow64_is1) (Version: 1.3.4531.0 - ) FFMPEG Core Files (remove only) (HKLM-x32\...\FFMPEG Core Files) (Version: - ) FinePrint (HKLM\...\FinePrint) (Version: 8.01 - FinePrint Software, LLC) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG) FreeFileSync 6.8 (HKLM-x32\...\FreeFileSync) (Version: 6.8 - Zenju) GitHub (HKCU\...\5f7eb300e2ea4ebf) (Version: 2.2.0.0 - GitHub, Inc.) Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - ) HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - ) HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) Intel(R) Chipset Device Software (Version: 10.0.13 - Intel Corporation) Hidden Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel) Intel(R) Network Connections 18.8.136.0 (Version: 18.8.136.0 - Intel) Hidden Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.) LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes) Legend of Grimrock (HKLM-x32\...\Steam App 207170) (Version: - Almost Human Games) LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - ) MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{2E01C311-3ED2-42CF-B1E9-9A36D4B9E26B}) (Version: 7.0.2.6 - MAGIX AG) MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden MAGIX Video deluxe 2013 Plus (HKLM-x32\...\MAGIX_{258D56DE-24F2-479E-BED2-8103CB0B9D58}) (Version: 12.0.0.32 - MAGIX AG) MAGIX Video deluxe 2013 Plus (Version: 12.0.0.32 - MAGIX AG) Hidden MAGIX Video deluxe Plus 2013 Update (Version: 12.0.4.2 - MAGIX AG) Hidden Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) MediaInfo 0.7.69 (HKLM\...\MediaInfo) (Version: 0.7.69 - MediaArea.net) Memory Profiler (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) Hidden Microsoft Advertising SDK for Windows Phone 8.1 XAML - ENU (x32 Version: 8.1.40427.0 - Microsoft Corporation) Hidden Microsoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.40402.0 - Microsoft Corporation) Hidden Microsoft ASP.NET and Web Tools 2013.2 - Visual Studio 2013 (x32 Version: 2.3.50425.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU (x32 Version: 5.1.20409.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden Microsoft C++ Azure Mobile SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden Microsoft Exchange Web Services Managed API 2.1 (x32 Version: 15.0.847.30 - Microsoft Corporation) Hidden Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden Microsoft Identity Extensions (Version: 2.0.1459.0 - Microsoft Corporation) Hidden Microsoft LightSwitch for Visual Studio 2013 Core (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden Microsoft LightSwitch for Visual Studio 2013 CoreRes - ENU (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden Microsoft LightSwitch for Visual Studio 2013 v4.5 Tools (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden Microsoft LightSwitch for Visual Studio 2013 v4.5 ToolsRes - ENU (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden Microsoft LightSwitch v4.5 SDK (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden Microsoft NuGet - Visual Studio 2013 (x32 Version: 2.8.50313.46 - Microsoft Corporation) Hidden Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) - ENU Language Pack (Version: 12.0.30422 - Microsoft Corporation) Hidden Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) (Version: 12.0.30422 - Microsoft Corporation) Hidden Microsoft Office Developer Tools for Visual Studio (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden Microsoft Office Developer Tools for Visual Studio ENU Language Pack (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - chs (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - cht (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - csy (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - esn (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - fra (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - ita (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - jpn (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - kor (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - plk (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - ptb (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - rus (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - trk (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden Microsoft Report Viewer Add-On for Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden Microsoft Report Viewer Add-On für Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft Team Foundation Server 2013 Update 2 Object Model (x64) (Version: 12.0.30501 - Microsoft Corporation) Hidden Microsoft Team Foundation Server 2013 Update 2 Object Model Language Pack (x64) - ENU (Version: 12.0.30501 - Microsoft Corporation) Hidden Microsoft Visual C++ ARM Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ x64 Native Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ x64 Native Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ x64-arm Cross Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ x64-arm Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ x64-x86 Cross Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ x64-x86 Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 32bit Compilers - ENU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Designtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Extended Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40825 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 Devenv (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 Devenv Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 Diagnostic Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 Diagnostic Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 IntelliTrace (x64) (Version: 12.0.30501 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 IntelliTrace (x86) (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 IntelliTrace Front End (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 Performance Collection Tools - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 Performance Collection Tools (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 XAML UI Designer - ENU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Microsoft Visual Studio 2013 XAML UI Designer (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Microsoft Visual Studio Premium 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio Premium 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio Professional 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio Professional 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2013 Storyboarding (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2013 Storyboarding Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio Ultimate 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{cd09eea6-d0b3-4246-bb80-e047ceadf61f}) (Version: 12.0.21005.13 - Microsoft Corporation) Microsoft Visual Studio Ultimate 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden Module Microsoft Report Viewer pour Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) My MP4Box GUI 0.6.0.6 (HKLM\...\{3FBE3061-F2BC-4D3A-B4A9-8FB15C503F87}_is1) (Version: 0.6.0.6 - Matt Bodin) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.50.3 - Black Tree Gaming) NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation) Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA) Opera Stable 23.0.1522.72 (HKLM-x32\...\Opera 23.0.1522.72) (Version: 23.0.1522.72 - Opera Software ASA) Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.) paint.net (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC) pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: 5.01 - FinePrint Software, LLC) PowerLine Utility (HKLM-x32\...\{5D1E5ED5-E436-4A0D-8812-953FFBDFF3B3}) (Version: 1.2.709 - TP-LINK) PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation) Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros) Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.) SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology) SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom) The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED) TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) TypeScript Power Tool (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft) Visual F# 3.1 SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Visual F# 3.1 VS (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Visual Studio 2013 Prerequisites - ENU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden Visual Studio 2013 Prerequisites (Version: 12.0.21005 - Microsoft Corporation) Hidden Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation) Visual Studio 2013 的 Microsoft Report Viewer 附加元件 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden Visual Studio 2013용 Microsoft Report Viewer 추가 기능 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 2.1.30501.00 - Microsoft Corporation) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN) VS Update core components (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation) Windows App Certification Kit Native Components (Version: 8.100.26629 - Microsoft Corporation) Hidden Windows App Certification Kit x64 (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden Windows Azure Mobile Services SDK (x32 Version: 1.0.20401.0 - Microsoft Corporation) Hidden Windows Azure Mobile Services Tools for Visual Studio - v1.1 (x32 Version: 1.1.20407.1601 - Microsoft Corporation) Hidden Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.1 (x32 Version: 1.1.20410.1601 - Microsoft Corporation) Hidden Windows Azure Tools for LightSwitch for Visual Studio 2013 - March 2014 Update - v2.2 (x32 Version: 2.2.20311.1602 - Microsoft) Hidden Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 (x32 Version: 2.1.10909.1601 - Microsoft) Hidden Windows Phone 8.0 Tools for Visual Studio 2013 - ENU Language Pack (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Windows Phone 8.0 Tools for Visual Studio 2013 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{940596e5-652a-4970-8a5a-492e73ed0fbb}) (Version: 12.0.30501.0 - Microsoft Corporation) Windows Phone 8.1 SDK - ARM (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden Windows Phone 8.1 SDK - Desktop (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden Windows Phone 8.1 SDK - x64 (Version: 8.1.12358 - Microsoft Corporation) Hidden Windows Phone 8.1 SDK - x86 (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden Windows Phone 8.1 Tools for Visual Studio 2013 - ENU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Windows Phone 8.1 Tools for Visual Studio 2013 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Windows Phone 8.1 Tools for Visual Studio Professional 2013 - ENU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Windows Phone 8.1 Tools for Visual Studio Professional 2013 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Windows Phone SDK 8.0 Assemblies (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Windows Runtime Intellisense Content - en-us (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden Windows Software Development Kit (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.26695 - Microsoft Corporation) Hidden Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team) Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: - ) Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden 用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3471595544-4284951698-2703622056-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3471595544-4284951698-2703622056-1001_Classes\CLSID\{89954881-6f46-4287-921d-f898dce7e799}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3471595544-4284951698-2703622056-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3471595544-4284951698-2703622056-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3471595544-4284951698-2703622056-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3471595544-4284951698-2703622056-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3471595544-4284951698-2703622056-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3471595544-4284951698-2703622056-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3471595544-4284951698-2703622056-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3471595544-4284951698-2703622056-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 27-07-2014 03:38:37 Geplanter Prüfpunkt 02-08-2014 07:09:05 DirectX wurde installiert ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {02EA25DB-A1EC-4B45-8D66-27B09DB78DAE} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {0BB6755F-F75C-4E91-A9E0-26FDFC702F82} - System32\Tasks\Opera scheduled Autoupdate 1404514041 => C:\Program Files (x86)\Opera\launcher.exe [2014-08-05] (Opera Software) Task: {1B6B73C2-AAED-426C-9A7F-E19B76B6793A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {1D4AB72A-5692-450C-A9F2-738027FDCB05} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3C3D2C42-3385-40B0-B8C3-F0FD037ED003} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {5132D615-0B02-45B7-8B63-4928F720CE4E} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {59266766-9E38-40DF-B997-CB172A146EDB} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DE4260A-15A6-450A-BB8D-4FBEAC157198} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-10] (Microsoft Corporation) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {85637240-D740-434F-930E-72C2415E3CC0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {99A1CCDF-EAB8-44B7-BC95-0C617441D83D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated) Task: {9AA1EB5B-1FA9-464C-A2BA-A88A5CE1979F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {BECD2B3F-2FED-44A6-B4F4-869C64A2CDA0} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {DB5D242D-CDE7-4A7F-8783-95D31093A192} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {E53D6D9A-C4F7-4C99-912B-448183B42088} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {F9DE53DF-E212-4371-AB33-9CF7D6C3BF85} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-07-04 23:38 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2008-08-05 20:01 - 2008-08-05 20:01 - 00092160 _____ () C:\Program Files (x86)\Zoom Player\zpshlext64.dll 2013-08-08 14:30 - 2013-08-08 14:30 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe 2014-07-07 10:40 - 2014-07-07 10:40 - 00014848 _____ () C:\Users\xyz_user\AppData\Local\Apps\2.0\GW82342M.1VJ\7KTNXDWA.D02\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.WowDb.dll 2014-07-07 10:40 - 2014-07-07 10:40 - 00035840 _____ () C:\Users\xyz_user\AppData\Local\Apps\2.0\GW82342M.1VJ\7KTNXDWA.D02\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.Advertising.dll 2014-07-07 10:40 - 2014-07-07 10:40 - 00099840 _____ () C:\Users\xyz_user\AppData\Local\Apps\2.0\GW82342M.1VJ\7KTNXDWA.D02\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.CMOD2.dll 2014-07-20 01:34 - 2014-07-20 01:34 - 00197120 _____ () C:\Program Files\FreeFileSync\Bin\FindFilePlus_x64.dll 2014-04-08 01:03 - 2014-04-08 01:03 - 00308736 _____ () C:\Program Files\FreeFileSync\Bin\Thumbnail_x64.dll 2014-04-08 01:03 - 2014-04-08 01:03 - 00396288 _____ () C:\Program Files\FreeFileSync\Bin\Taskbar7_x64.dll 2014-07-19 12:37 - 2014-06-21 08:19 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2014-07-19 12:37 - 2014-06-21 08:19 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-08-09 07:30 - 2014-08-09 07:30 - 00043008 _____ () c:\users\xyz_user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps2a6um.dll 2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\xyz_user\AppData\Roaming\Dropbox\bin\libcef.dll 2014-08-09 07:30 - 2014-06-21 08:19 - 00104328 _____ () C:\Users\xyz_user\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/09/2014 04:49:29 AM) (Source: usbperf) (EventID: 2001) (User: ) Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben. Error: (08/09/2014 04:47:28 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: usbhubC:\Windows\system32\usbperf.dll8 Error: (08/09/2014 04:47:28 AM) (Source: usbperf) (EventID: 2001) (User: ) Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben. Error: (08/09/2014 04:47:28 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: RemoteAccessC:\Windows\System32\rasctrs.dll8 Error: (08/09/2014 04:47:28 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (08/09/2014 04:37:29 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 6.3.9600.16384, Zeitstempel: 0x5215dfe3 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000000000 ID des fehlerhaften Prozesses: 0x704 Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0 Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1 Pfad des fehlerhaften Moduls: svchost.exe_stisvc2 Berichtskennung: svchost.exe_stisvc3 Vollständiger Name des fehlerhaften Pakets: svchost.exe_stisvc4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_stisvc5 Error: (08/09/2014 04:37:25 AM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet. 0x0. Error: (08/09/2014 04:37:25 AM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. Kontext: Anwendung, SystemIndex Katalog Error: (08/09/2014 04:37:25 AM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. Error: (08/09/2014 04:36:17 AM) (Source: ESENT) (EventID: 439) (User: ) Description: DllHost (10416) WebCacheLocal: Die Shadowkopfzeile für Datei C:\Users\xyz_user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat konnte nicht geschrieben werden. Fehler -1011. System errors: ============= Error: (08/09/2014 04:37:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/09/2014 04:37:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde mit folgendem Fehler beendet: %%1008 Error: (08/09/2014 04:37:25 AM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x0000007a (0xfffff6e000ec2060, 0xffffffffc0000185, 0x00000000769e7880, 0xffffc001d840cbd0)C:\Windows\Minidump\080914-10343-01.dmp080914-10343-01 Error: (08/09/2014 04:37:17 AM) (Source: Ntfs) (EventID: 137) (User: ) Description: Auf dem Volume "\\?\Volume{af5ed5c2-0415-11e4-8255-806e6f6e6963}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten. Error: (08/09/2014 04:37:17 AM) (Source: Ntfs) (EventID: 137) (User: ) Description: Auf dem Volume "\\?\Volume{af5ed5c0-0415-11e4-8255-806e6f6e6963}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten. Error: (08/09/2014 04:25:39 AM) (Source: DCOM) (EventID: 10000) (User: xyz_Rechner Description: C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}1450{0358B920-0AC7-461F-98F4-58E32CD89148} Error: (08/09/2014 04:25:34 AM) (Source: DCOM) (EventID: 10000) (User: xyz_Rechner Description: C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}1450{0358B920-0AC7-461F-98F4-58E32CD89148} Error: (08/09/2014 04:25:21 AM) (Source: DCOM) (EventID: 10000) (User: xyz_Rechner Description: C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}1450{0358B920-0AC7-461F-98F4-58E32CD89148} Error: (08/09/2014 04:25:19 AM) (Source: DCOM) (EventID: 10000) (User: xyz_Rechner Description: C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}1450{0358B920-0AC7-461F-98F4-58E32CD89148} Error: (08/09/2014 04:25:18 AM) (Source: DCOM) (EventID: 10000) (User: xyz_Rechner Description: C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}1450{0358B920-0AC7-461F-98F4-58E32CD89148} Microsoft Office Sessions: ========================= Error: (08/09/2014 04:49:29 AM) (Source: usbperf) (EventID: 2001) (User: ) Description: Error: (08/09/2014 04:47:28 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: usbhubC:\Windows\system32\usbperf.dll8 Error: (08/09/2014 04:47:28 AM) (Source: usbperf) (EventID: 2001) (User: ) Description: Error: (08/09/2014 04:47:28 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: RemoteAccessC:\Windows\System32\rasctrs.dll8 Error: (08/09/2014 04:47:28 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (08/09/2014 04:37:29 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: svchost.exe_stisvc6.3.9600.163845215dfe3unknown0.0.0.000000000c0000005000000000000000070401cfb37ada83a7c9C:\Windows\system32\svchost.exeunknown1a9aecad-1f6e-11e4-826c-001583549ddb Error: (08/09/2014 04:37:25 AM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet. 0x0 Error: (08/09/2014 04:37:25 AM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Kontext: Anwendung, SystemIndex Katalog Error: (08/09/2014 04:37:25 AM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: Error: (08/09/2014 04:36:17 AM) (Source: ESENT) (EventID: 439) (User: ) Description: DllHost10416WebCacheLocal: C:\Users\xyz_user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1011 ==================== Memory info =========================== Percentage of memory in use: 27% Total physical RAM: 16264.13 MB Available physical RAM: 11840.56 MB Total Pagefile: 32648.13 MB Available Pagefile: 29335.03 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:446.79 GB) (Free:106.25 GB) NTFS Drive m: (CoreBig) (Fixed) (Total:2041.03 GB) (Free:226.76 GB) NTFS Drive n: (CoreSmall) (Fixed) (Total:753.48 GB) (Free:559.68 GB) NTFS Drive p: () (Fixed) (Total:3725.88 GB) (Free:350.04 GB) NTFS Drive w: () (Fixed) (Total:931.12 GB) (Free:53.44 GB) NTFS Drive x: () (Fixed) (Total:1862.91 GB) (Free:114.55 GB) NTFS Drive y: () (Fixed) (Total:1863 GB) (Free:1543.57 GB) NTFS Drive z: () (Fixed) (Total:1863.01 GB) (Free:136.29 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447 GB) (Disk ID: 8CC11D00) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=447 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 3726 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D41C40A8) Partition 1: (Not Active) - (Size=401 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 9190589F) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 4 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1EE545A2) Partition 1: (Not Active) - (Size=8 MB) - (Type=07 NTFS) Partition 2: (Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 5 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F83BD661) Partition 1: (Not Active) - (Size=8 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 6. ==================== End Of Log ============================ Code:
ATTFilter GMER Logfile: Hab jetzt alle Platten bis auf zwei abgestöpselt - v.a. die problematischen. Der Rechner war den ganzen Tag erst mal friedlich... Vor 30min hat er sich spontan neugestartet. Ereignisanzeige war bis dahin auch leer. Jedoch dann: Code:
ATTFilter Protokollname: System Quelle: Microsoft-Windows-Kernel-Power Datum: 09.08.2014 21:48:14 Ereignis-ID: 41 Aufgabenkategorie:(63) Ebene: Kritisch Schlüsselwörter:(2) Benutzer: SYSTEM Computer: xy_rechner Beschreibung: Das System wurde neu gestartet, ohne dass es zuvor ordnungsgemäß heruntergefahren wurde. Dieser Fehler kann auftreten, wenn das System nicht mehr reagiert hat oder abgestürzt ist oder die Stromzufuhr unerwartet unterbrochen wurde. Ereignis-XML: <Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" /> <EventID>41</EventID> <Version>3</Version> <Level>1</Level> <Task>63</Task> <Opcode>0</Opcode> <Keywords>0x8000000000000002</Keywords> <TimeCreated SystemTime="2014-08-09T19:48:14.413386000Z" /> <EventRecordID>6674</EventRecordID> <Correlation /> <Execution ProcessID="4" ThreadID="8" /> <Channel>System</Channel> <Computer>xy_rechner</Computer> <Security UserID="S-1-5-18" /> </System> <EventData> <Data Name="BugcheckCode">122</Data> <Data Name="BugcheckParameter1">0xfffff6e000df20f0</Data> <Data Name="BugcheckParameter2">0xffffffffc0000185</Data> <Data Name="BugcheckParameter3">0x13008d880</Data> <Data Name="BugcheckParameter4">0xffffc001be41e6d6</Data> <Data Name="SleepInProgress">0</Data> <Data Name="PowerButtonTimestamp">0</Data> <Data Name="BootAppStatus">0</Data> </EventData> </Event> Protokollname: System Quelle: EventLog Datum: 09.08.2014 21:48:17 Ereignis-ID: 6008 Aufgabenkategorie:Keine Ebene: Fehler Schlüsselwörter:Klassisch Benutzer: Nicht zutreffend Computer: xy_rechner Beschreibung: Das System wurde zuvor am 09.08.2014 um 21:45:57 unerwartet heruntergefahren. Ereignis-XML: <Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="EventLog" /> <EventID Qualifiers="32768">6008</EventID> <Level>2</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2014-08-09T19:48:17.000000000Z" /> <EventRecordID>6664</EventRecordID> <Channel>System</Channel> <Computer>xy_rechner</Computer> <Security /> </System> <EventData> <Data>21:45:57</Data> <Data>09.08.2014</Data> <Data> </Data> <Data> </Data> <Data>44536</Data> <Data> </Data> <Data> </Data> <Binary>DE0708000600090015002D003900FA02DE0708000600090013002D003900FA023C0000003C000000000000000000000000000000000000000100000000000000</Binary> </EventData> </Event> Protokollname: Application Quelle: Microsoft-Windows-Search Datum: 09.08.2014 21:39:39 Ereignis-ID: 10024 Aufgabenkategorie:Gatherer Ebene: Warnung Schlüsselwörter:Klassisch Benutzer: Nicht zutreffend Computer: xy_rechner Beschreibung: Der Filterhostprozess 45824 hat nicht reagiert. Das Beenden des Prozesses wird erzwungen. Ereignis-XML: <Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Search" Guid="{CA4E628D-8567-4896-AB6B-835B221F373F}" EventSourceName="Windows Search Service" /> <EventID Qualifiers="32768">10024</EventID> <Version>0</Version> <Level>3</Level> <Task>3</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2014-08-09T19:39:39.000000000Z" /> <EventRecordID>6170</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>xy_rechner</Computer> <Security /> </System> <EventData> <Data Name="ExtraInfo"> </Data> <Data Name="FilterHostProcessID">45824</Data> </EventData> </Event> Protokollname: Application Quelle: Microsoft-Windows-Search Datum: 09.08.2014 21:39:09 Ereignis-ID: 10023 Aufgabenkategorie:Gatherer Ebene: Warnung Schlüsselwörter:Klassisch Benutzer: Nicht zutreffend Computer: xy_rechner Beschreibung: Der Protokollhostprozess 45808 hat nicht reagiert. Das Beenden des Prozesses wird erzwungen {Filterhostprozess 45824}. Ereignis-XML: <Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Search" Guid="{CA4E628D-8567-4896-AB6B-835B221F373F}" EventSourceName="Windows Search Service" /> <EventID Qualifiers="32768">10023</EventID> <Version>0</Version> <Level>3</Level> <Task>3</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2014-08-09T19:39:09.000000000Z" /> <EventRecordID>6169</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>xy_rechner</Computer> <Security /> </System> <EventData> <Data Name="ExtraInfo"> </Data> <Data Name="ProtocolHostProcessID">45808</Data> <Data Name="FilterHostProcessID">45824</Data> </EventData> </Event> Protokollname: Application Quelle: Microsoft-Windows-Search Datum: 09.08.2014 21:32:07 Ereignis-ID: 10024 Aufgabenkategorie:Gatherer Ebene: Warnung Schlüsselwörter:Klassisch Benutzer: Nicht zutreffend Computer: xy_rechner Beschreibung: Der Filterhostprozess 44696 hat nicht reagiert. Das Beenden des Prozesses wird erzwungen. Ereignis-XML: <Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Search" Guid="{CA4E628D-8567-4896-AB6B-835B221F373F}" EventSourceName="Windows Search Service" /> <EventID Qualifiers="32768">10024</EventID> <Version>0</Version> <Level>3</Level> <Task>3</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2014-08-09T19:32:07.000000000Z" /> <EventRecordID>6168</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>xy_rechner</Computer> <Security /> </System> <EventData> <Data Name="ExtraInfo"> </Data> <Data Name="FilterHostProcessID">44696</Data> </EventData> </Event> Protokollname: Application Quelle: Microsoft-Windows-Search Datum: 09.08.2014 21:31:37 Ereignis-ID: 10023 Aufgabenkategorie:Gatherer Ebene: Warnung Schlüsselwörter:Klassisch Benutzer: Nicht zutreffend Computer: xy_rechner Beschreibung: Der Protokollhostprozess 44548 hat nicht reagiert. Das Beenden des Prozesses wird erzwungen {Filterhostprozess 44696}. Ereignis-XML: <Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Search" Guid="{CA4E628D-8567-4896-AB6B-835B221F373F}" EventSourceName="Windows Search Service" /> <EventID Qualifiers="32768">10023</EventID> <Version>0</Version> <Level>3</Level> <Task>3</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2014-08-09T19:31:37.000000000Z" /> <EventRecordID>6167</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>xy_rechner</Computer> <Security /> </System> <EventData> <Data Name="ExtraInfo"> </Data> <Data Name="ProtocolHostProcessID">44548</Data> <Data Name="FilterHostProcessID">44696</Data> </EventData> </Event> |
10.08.2014, 06:28 | #5 |
/// the machine /// TB-Ausbilder | Windows 8.1. - Pausen, Festplattenprobleme, Bluescreen, Explorerprobleme Malware ist da keine. Zusammenbau des Rechners prüfen, Hardware und Treiber checken.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
10.08.2014, 07:29 | #6 |
| Windows 8.1. - Pausen, Festplattenprobleme, Bluescreen, Explorerprobleme Okay, Dann muss ich wohl noch kreativer werden... Danke, Schrauber! |
10.08.2014, 08:41 | #7 |
/// the machine /// TB-Ausbilder | Windows 8.1. - Pausen, Festplattenprobleme, Bluescreen, Explorerprobleme jup
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Windows 8.1. - Pausen, Festplattenprobleme, Bluescreen, Explorerprobleme |
appdata, beschädigt, bluescreen, bytes, datei, dienst, explorer, festplatte, festplatten, file, funktionieren, laufwerk, laufwerk c, microsoft, neue, neuen, neustarten, nicht mehr, nichts, plötzlich, probleme, rechner, sekunden, system, systemfehler, windows |