Windows 8.0 : Windows öffnet cmd-Fenster und Farmaster in Nightly (Firefox)

Aislin · 18.09.2014, 22:10

Hallo liebes Trojaner Team,

seit einigen Tagen habe ich das Problem, dass bei jedem Start vom PC direkt für den Bruchteil einer Sekunde ein cmd-fenster erscheint und hinterher direkt Farmaster (russische Pornoseite) in Nightly (Firefox) geöffnet wird.
Genau wie bei einigen anderen von denen ich schon hier im Forum gelesen habe.

Ich kann nicht sagen was der Ursprung dafür sein könnte.

Hier sind sämtliche Logs die ich laut "Für alle Hilfesuchenden" vorweg durchführen sollte.

defogger_diable.log:

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:22 on 18/09/2014 (Nils)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...


-=E.O.F=-

FRST.txt:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Nils (administrator) on ANDRAS on 18-09-2014 22:25:24
Running from C:\Users\Nils\Desktop
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
() C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe
() C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
() E:\JD-Downloads\Shakes & Fidget Bot\sfBot.exe
(Mozilla Corporation) C:\Program Files\Nightly\plugin-container.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [CheckNDISPortF0acA7] => C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe [419072 2013-05-10] ()
HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe [446720 2013-05-10] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CMD] => cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20140911 (exit) else (start hxxp://farmaster.net/ && exit)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3333632 2012-08-16] ()
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {4db164f3-face-11e3-bef8-e0cb4eff9bca} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {5886f06b-6022-11e2-be68-e0cb4eff9bca} - "G:\YDKJAutorun.exe" 
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {7e6fd4d3-3ba3-11e4-bf02-e0cb4eff9bca} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {8645b980-7622-11e3-beda-e0cb4eff9bca} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {8645b98f-7622-11e3-beda-e0cb4eff9bca} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {9660248d-9b2e-11e3-bee4-e0cb4eff9bca} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {ba846c51-2f73-11e4-beff-e0cb4eff9bca} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL H:\index.html
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {d68fe42c-409c-11e3-becb-e0cb4eff9bca} - "H:\AutoRun.exe" 
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {d68fea87-409c-11e3-becb-e0cb4eff9bca} - "I:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {d68feaa7-409c-11e3-becb-e0cb4eff9bca} - "I:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {d68feb02-409c-11e3-becb-e0cb4eff9bca} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {e7ebce3b-47f1-11e3-bece-344b50b7ef8c} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\MountPoints2: {ffdd936b-9594-11e2-be85-e0cb4eff9bca} - "G:\Autorun.exe" 
Startup: C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Last.fm Scrobbler.exe - Verknüpfung.lnk
ShortcutTarget: Last.fm Scrobbler.exe - Verknüpfung.lnk -> C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe (Last.fm)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x41FEB7DE2AF4CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7F6E1A48-981E-45C1-8F33-2EE40F90B95C}&mid=1ea5eadd570c47d09dd23182081b7239-d25ebc04efb3ba7179f17f9bc7b28afad7a6ba79&lang=de&ds=tc011&pr=sa&d=&v=&sap=dsp&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF SearchPlugin: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\searchplugins\amazon-search-suggestions.xml
FF SearchPlugin: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\searchplugins\imdb.xml
FF SearchPlugin: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\searchplugins\leo-ger-eng.xml
FF SearchPlugin: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\searchplugins\youtube-video-search.xml
FF Extension: FoxyProxy Standard - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\Extensions\foxyproxy@eric.h.jung [2014-07-15]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: Session Manager - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-01-18]
FF Extension: Adblock Plus - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-16]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Nightly\firefox.exe

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-01-26] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [128000 2014-09-06] (Mozilla Foundation) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2013-01-20] ()
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-31] (DT Soft Ltd)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 vdrive; \SystemRoot\system32\DRIVERS\vdrive.sys [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-18 22:25 - 2014-09-18 22:25 - 00015392 _____ () C:\Users\Nils\Desktop\FRST.txt
2014-09-18 22:25 - 2014-09-18 22:25 - 00000000 ____D () C:\FRST
2014-09-18 22:23 - 2014-09-18 22:23 - 02105856 _____ (Farbar) C:\Users\Nils\Desktop\FRST64.exe
2014-09-18 22:22 - 2014-09-18 22:22 - 00000540 _____ () C:\Users\Nils\Desktop\defogger_disable.log
2014-09-18 22:22 - 2014-09-18 22:22 - 00000168 _____ () C:\Users\Nils\defogger_reenable
2014-09-18 22:20 - 2014-09-18 22:20 - 00050477 _____ () C:\Users\Nils\Desktop\Defogger.exe
2014-09-16 13:19 - 2014-09-16 13:22 - 00000000 ____D () C:\Users\Nils\Desktop\Schnurrr
2014-09-14 20:49 - 2014-09-14 21:18 - 00000341 _____ () C:\Users\Nils\Desktop\Mono G Ramp Deck.txt
2014-09-14 19:58 - 2014-09-14 20:10 - 00000223 _____ () C:\Users\Nils\Desktop\Pox Deck.txt
2014-09-14 19:32 - 2014-09-14 19:38 - 00000321 _____ () C:\Users\Nils\Desktop\Raffinity Deck.txt
2014-09-14 19:07 - 2014-09-14 19:26 - 00000243 _____ () C:\Users\Nils\Desktop\Zombie Deck.txt
2014-09-13 14:22 - 2014-09-13 14:22 - 00009964 _____ () C:\WINDOWS\PFRO.log
2014-09-11 23:48 - 2014-09-12 23:57 - 00000475 _____ () C:\Users\Nils\Desktop\Magic Liste.txt
2014-09-11 22:57 - 2014-09-16 23:46 - 00000278 _____ () C:\Users\Nils\Desktop\Magic Liste - Proxen.txt
2014-09-11 19:27 - 2014-09-11 19:33 - 02266328 _____ () C:\Users\Nils\Desktop\sc0000.bmp
2014-09-11 19:19 - 2014-08-16 11:34 - 01407488 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-11 19:19 - 2014-08-16 11:34 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-11 19:19 - 2014-08-16 11:33 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-11 19:19 - 2014-08-16 11:33 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-11 19:19 - 2014-08-16 11:32 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-11 19:19 - 2014-08-16 11:32 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-11 19:19 - 2014-08-16 11:32 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-09-11 19:19 - 2014-08-16 11:32 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-11 19:19 - 2014-08-16 11:32 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-11 19:19 - 2014-08-16 09:37 - 01180672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-11 19:19 - 2014-08-16 09:36 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-11 19:19 - 2014-08-16 09:36 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-09-11 19:19 - 2014-08-16 09:36 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-11 19:19 - 2014-08-16 09:36 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-11 19:19 - 2014-08-16 09:36 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-11 19:19 - 2014-08-16 09:36 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-11 19:19 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-11 19:19 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-11 19:19 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-11 19:19 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-11 19:19 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-11 19:19 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-09-11 19:19 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-11 19:19 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-11 19:19 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-09-11 19:19 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-11 19:19 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-11 19:19 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-11 19:18 - 2014-08-16 11:34 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-11 19:18 - 2014-08-16 11:34 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-09-11 19:18 - 2014-08-16 11:33 - 19280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-11 19:18 - 2014-08-16 11:32 - 15399424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-11 19:18 - 2014-08-16 11:32 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-11 19:18 - 2014-08-16 11:32 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-11 19:18 - 2014-08-16 09:37 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-11 19:18 - 2014-08-16 09:36 - 14369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-11 19:18 - 2014-08-16 09:36 - 13757440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-11 19:18 - 2014-08-16 09:36 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-11 19:18 - 2014-08-16 09:36 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-11 19:18 - 2014-08-16 09:35 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-11 19:18 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-11 19:18 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-11 19:18 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-09-11 00:13 - 2014-08-28 13:34 - 00059400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-11 00:13 - 2014-08-28 08:05 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-11 00:13 - 2014-08-28 08:05 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-09-11 00:13 - 2014-08-28 08:05 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-11 00:13 - 2014-08-28 08:05 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-09-11 00:13 - 2014-08-28 08:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-09-11 00:13 - 2014-08-28 08:01 - 03285504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-11 00:13 - 2014-08-28 08:01 - 01623552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-11 00:13 - 2014-08-28 08:01 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-11 00:13 - 2014-08-28 08:01 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-11 00:13 - 2014-08-28 08:01 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-09-11 00:13 - 2014-08-28 08:01 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-09-11 00:13 - 2014-08-28 08:01 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-11 00:13 - 2014-08-28 08:01 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-09-11 00:13 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-11 00:13 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-11 00:13 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-11 00:13 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2014-09-11 00:13 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2014-09-07 15:30 - 2014-09-07 15:30 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\Program Files\iTunes
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\Program Files\iPod
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-07 15:26 - 2014-09-16 13:19 - 00003738 _____ () C:\WINDOWS\setupact.log
2014-09-07 15:26 - 2014-09-07 15:26 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-09-05 00:11 - 2014-09-05 21:39 - 00000000 ____D () C:\ProgramData\Origin
2014-09-05 00:11 - 2014-09-05 21:29 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Origin
2014-08-31 15:58 - 2014-08-31 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-08-31 15:58 - 2014-08-31 15:58 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-08-31 13:08 - 2014-09-06 13:25 - 00000000 ____D () C:\Program Files\Nightly
2014-08-29 15:56 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-08-27 22:22 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-27 22:22 - 2014-07-16 01:03 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-27 22:22 - 2014-07-12 04:36 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-26 18:23 - 2014-08-26 18:23 - 234028650 _____ () C:\Users\Nils\Desktop\IMG_1433.psd
2014-08-26 18:21 - 2014-08-26 18:21 - 274261050 _____ () C:\Users\Nils\Desktop\IMG_m.psd
2014-08-25 23:00 - 2014-08-25 23:11 - 00000225 _____ () C:\Users\Nils\Desktop\JDownloads.txt
2014-08-23 12:42 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-08-23 12:41 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-23 12:41 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-23 12:28 - 2014-08-26 17:24 - 00000000 ____D () C:\Users\Nils\AppData\Local\Adobe
2014-08-23 02:59 - 2014-08-23 02:59 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-23 02:02 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-23 02:02 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-08-23 02:02 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-23 02:02 - 2014-06-05 19:30 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-08-23 02:02 - 2014-06-05 19:29 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-23 02:02 - 2014-06-05 19:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-23 02:02 - 2014-06-05 19:28 - 02306560 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-23 02:02 - 2014-06-05 19:28 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-23 02:02 - 2014-06-05 15:12 - 08857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-08-23 02:02 - 2014-06-05 15:11 - 02416128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-23 02:02 - 2014-06-05 15:11 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-23 02:02 - 2014-06-05 15:10 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-23 02:02 - 2014-06-05 15:10 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-23 02:01 - 2014-06-20 01:35 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-23 02:01 - 2014-06-20 00:24 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-23 02:01 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2014-08-23 02:01 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-18 22:25 - 2014-09-18 22:25 - 00015392 _____ () C:\Users\Nils\Desktop\FRST.txt
2014-09-18 22:25 - 2014-09-18 22:25 - 00000000 ____D () C:\FRST
2014-09-18 22:23 - 2014-09-18 22:23 - 02105856 _____ (Farbar) C:\Users\Nils\Desktop\FRST64.exe
2014-09-18 22:22 - 2014-09-18 22:22 - 00000540 _____ () C:\Users\Nils\Desktop\defogger_disable.log
2014-09-18 22:22 - 2014-09-18 22:22 - 00000168 _____ () C:\Users\Nils\defogger_reenable
2014-09-18 22:22 - 2013-01-16 22:44 - 00000000 ____D () C:\Users\Nils
2014-09-18 22:20 - 2014-09-18 22:20 - 00050477 _____ () C:\Users\Nils\Desktop\Defogger.exe
2014-09-18 22:13 - 2014-01-05 17:29 - 01840361 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-18 22:00 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-16 23:46 - 2014-09-11 22:57 - 00000278 _____ () C:\Users\Nils\Desktop\Magic Liste - Proxen.txt
2014-09-16 17:01 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-09-16 16:46 - 2013-01-20 15:56 - 00000000 ____D () C:\Users\Nils\AppData\Local\Last.fm
2014-09-16 13:22 - 2014-09-16 13:19 - 00000000 ____D () C:\Users\Nils\Desktop\Schnurrr
2014-09-16 13:19 - 2014-09-07 15:26 - 00003738 _____ () C:\WINDOWS\setupact.log
2014-09-15 22:02 - 2013-01-16 23:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-15 00:01 - 2012-07-26 12:27 - 00751892 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-15 00:01 - 2012-07-26 12:27 - 00155620 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-15 00:01 - 2012-07-26 09:28 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-14 21:18 - 2014-09-14 20:49 - 00000341 _____ () C:\Users\Nils\Desktop\Mono G Ramp Deck.txt
2014-09-14 20:10 - 2014-09-14 19:58 - 00000223 _____ () C:\Users\Nils\Desktop\Pox Deck.txt
2014-09-14 19:38 - 2014-09-14 19:32 - 00000321 _____ () C:\Users\Nils\Desktop\Raffinity Deck.txt
2014-09-14 19:26 - 2014-09-14 19:07 - 00000243 _____ () C:\Users\Nils\Desktop\Zombie Deck.txt
2014-09-14 02:10 - 2013-01-16 23:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-14 02:10 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-14 01:58 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-13 14:22 - 2014-09-13 14:22 - 00009964 _____ () C:\WINDOWS\PFRO.log
2014-09-13 14:22 - 2014-06-24 20:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 03:18 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-09-13 01:12 - 2013-01-17 00:37 - 00000000 ____D () C:\Users\Nils\Documents\My Games
2014-09-13 00:09 - 2013-01-17 00:53 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-09-12 23:57 - 2014-09-11 23:48 - 00000475 _____ () C:\Users\Nils\Desktop\Magic Liste.txt
2014-09-12 16:13 - 2013-08-19 01:12 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-12 16:03 - 2013-01-18 00:44 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-11 19:33 - 2014-09-11 19:27 - 02266328 _____ () C:\Users\Nils\Desktop\sc0000.bmp
2014-09-11 19:21 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-07 15:30 - 2014-09-07 15:30 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\Program Files\iTunes
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\Program Files\iPod
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-07 15:29 - 2013-01-17 01:02 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Media Player Classic
2014-09-07 15:27 - 2014-05-12 01:15 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Apple Computer
2014-09-07 15:26 - 2014-09-07 15:26 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-09-06 13:25 - 2014-08-31 13:08 - 00000000 ____D () C:\Program Files\Nightly
2014-09-05 21:48 - 2013-01-30 18:35 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-05 21:48 - 2013-01-16 23:26 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\DAEMON Tools Lite
2014-09-05 21:39 - 2014-09-05 00:11 - 00000000 ____D () C:\ProgramData\Origin
2014-09-05 21:29 - 2014-09-05 00:11 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Origin
2014-09-05 00:25 - 2013-01-21 21:07 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-03 20:58 - 2013-01-16 22:50 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2171337075-1393702317-1490181782-1001
2014-09-02 21:32 - 2012-07-26 10:14 - 00705480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 21:32 - 2012-07-26 10:14 - 00104904 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-01 20:46 - 2013-12-15 21:21 - 00000000 ____D () C:\Users\Nils\AppData\Local\Battle.net
2014-08-31 18:26 - 2013-03-17 13:36 - 00004968 _____ () C:\Users\Nils\Documents\TombRaider.log
2014-08-31 15:58 - 2014-08-31 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-08-31 15:58 - 2014-08-31 15:58 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-08-31 13:32 - 2013-01-16 23:24 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-31 13:08 - 2013-01-16 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-29 15:56 - 2013-11-01 18:16 - 00000000 ____D () C:\Temp
2014-08-29 15:56 - 2013-01-16 23:11 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-29 13:58 - 2014-07-22 16:46 - 04917360 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-28 13:34 - 2014-09-11 00:13 - 00059400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-08-28 08:05 - 2014-09-11 00:13 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-08-28 08:05 - 2014-09-11 00:13 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-08-28 08:05 - 2014-09-11 00:13 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-08-28 08:05 - 2014-09-11 00:13 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-08-28 08:02 - 2014-09-11 00:13 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-08-28 08:01 - 2014-09-11 00:13 - 03285504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-08-28 08:01 - 2014-09-11 00:13 - 01623552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-08-28 08:01 - 2014-09-11 00:13 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-08-28 08:01 - 2014-09-11 00:13 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-08-28 08:01 - 2014-09-11 00:13 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-08-28 08:01 - 2014-09-11 00:13 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-08-28 08:01 - 2014-09-11 00:13 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-08-28 08:01 - 2014-09-11 00:13 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-08-26 18:23 - 2014-08-26 18:23 - 234028650 _____ () C:\Users\Nils\Desktop\IMG_1433.psd
2014-08-26 18:21 - 2014-08-26 18:21 - 274261050 _____ () C:\Users\Nils\Desktop\IMG_m.psd
2014-08-26 17:24 - 2014-08-23 12:28 - 00000000 ____D () C:\Users\Nils\AppData\Local\Adobe
2014-08-25 23:11 - 2014-08-25 23:00 - 00000225 _____ () C:\Users\Nils\Desktop\JDownloads.txt
2014-08-24 23:42 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-24 23:42 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-24 02:41 - 2014-07-27 04:53 - 00001080 _____ () C:\WINDOWS\system32\settingsbkup.sfm
2014-08-24 02:41 - 2014-07-27 04:53 - 00001080 _____ () C:\WINDOWS\system32\settings.sfm
2014-08-24 02:35 - 2014-02-09 15:42 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Skype
2014-08-23 08:47 - 2014-08-27 22:22 - 04036096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-23 02:59 - 2014-08-23 02:59 - 00000000 ____D () C:\ProgramData\McAfee

Some content of TEMP:
====================
C:\Users\Nils\AppData\Local\Temp\EAInstall.dll
C:\Users\Nils\AppData\Local\Temp\eauninstall.exe
C:\Users\Nils\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Nils\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\Nils\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 15:30

==================== End Of Log ============================

--- --- ---

Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Nils at 2014-09-18 22:25:46
Running from C:\Users\Nils\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Alice: Madness Returns (HKLM-x32\...\Alice: Madness Returns_is1) (Version:  - )
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ) Hidden
Dawn Of War - Winter Assault (HKLM-x32\...\{DD8408E9-9421-484F-979D-DB6361E3E828}) (Version: 1.4 - THQ)
Dawn Of War (HKLM-x32\...\{83F12F73-D52E-40C0-93B1-463C311C4E17}) (Version: 1.40 - THQ)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Dishonored Die Maske des Zorns Game of the Year Edition MULTI-2 1.0 (HKLM-x32\...\Dishonored Die Maske des Zorns Game of the Year Edition MULTI-2 1.0) (Version:  - )
DmC Devil May Cry Incl. All DLCs MULTI-5 1.04 (HKLM-x32\...\DmC Devil May Cry Incl. All DLCs MULTI-5 1.04) (Version:  - )
Don't Starve version 13.06.2014 (HKLM-x32\...\Don't Starve_is1) (Version: 13.06.2014 - Klei Entertainment)
Dungeon Siege III (HKLM-x32\...\Dungeon Siege III_is1) (Version:  - )
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
Gtk# for .Net 2.12.10 (HKLM-x32\...\{04AE3BBC-ABFF-42CC-9F90-5B35D229328A}) (Version: 2.12.10 - Xamarin, Inc.)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417011FF}) (Version: 7.0.110 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Magic The Gathering - Duels of the Planeswalkers 2013 (HKLM-x32\...\Magic The Gathering - Duels of the Planeswalkers 2013_is1) (Version:  - )
Magicka (HKLM-x32\...\Magicka_is1) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.0 - Ubisoft)
Minion (HKCU\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
Morrowind (HKLM-x32\...\{81935798-5D0C-4892-832E-630E6CC07EAF}) (Version:  - )
Mouse Editor (HKLM-x32\...\InstallShield_{3A4218DE-B9DB-4AD5-9DB2-5853D3AA0335}) (Version: 12.08.0006 - Ihr Firmenname)
MOUSE Editor (x32 Version: 12.08.0006 - Ihr Firmenname) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0a1 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.50.3 - Black Tree Gaming)
Nightly 35.0a1 (x64 en-US) (HKLM\...\Nightly 35.0a1 (x64 en-US)) (Version: 35.0a1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Outlast (HKLM-x32\...\Outlast_is1) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
South Park Der Stab der Wahrheit Incl. Ultimate Fellowship Pack MULTI-2 1.00 (HKLM-x32\...\South Park Der Stab der Wahrheit Incl. Ultimate Fellowship Pack MULTI-2 1.00) (Version:  - )
South Park Der Stab der Wahrheit Update 4 Incl. DLCs MULTI-2 1.00 (HKLM-x32\...\South Park Der Stab der Wahrheit Update 4 Incl. DLCs MULTI-2 1.00) (Version:  - )
Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version:  - Team Meat)
TES Construction Set (HKLM-x32\...\{8245C111-D83F-4C66-BBC6-2424F6116944}) (Version:  - )
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V Hearthfire DLC Englische Version 1.00 (HKLM-x32\...\The Elder Scrolls V Hearthfire DLC Englische Version 1.00) (Version:  - )
The Elder Scrolls V Skyrim Dragonborn (c) Bethesda Softworks version 1 (HKLM-x32\...\The Elder Scrolls V Skyrim Dragonborn (c) Bethes~300CD4A2_is1) (Version: 1 - )
The Stanley Parable (HKLM-x32\...\The Stanley Parable_is1) (Version:  - )
Thief Master Thief Edition MULTI-2 1.01 (HKLM-x32\...\Thief Master Thief Edition MULTI-2 1.01) (Version:  - )
Tombraider (HKLM-x32\...\Tombraider_is1) (Version:  - )
Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision)
Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden
Visual C++ 2008 Runtime (x64) (x32 Version: 1.0.1 - Highresolution Enterprises) Hidden
Watch Dogs Digital Deluxe Edition Multi2 1.0 (HKLM-x32\...\Watch Dogs Digital Deluxe Edition Multi2 1.0) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 16.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}) (Version: 16.5.10095 - WinZip Computing, S.L. )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

31-08-2014 13:58:13 DirectX wurde installiert
08-09-2014 18:51:17 Geplanter Prüfpunkt
12-09-2014 14:03:21 Windows Update
15-09-2014 20:02:17 Removed Ubisoft Game Launcher

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {7DD4B124-5059-44B2-98CC-413194B41466} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {8E820C7F-C125-47DC-9C6E-11F90AD2756E} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {E133AD74-5D4A-4DAB-B02C-C2ABFAE9C71D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-12] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

==================== Loaded Modules (whitelisted) =============

2012-12-07 19:27 - 2012-12-07 19:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-01-20 03:16 - 2013-01-20 03:16 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-01-16 23:11 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-16 06:11 - 2012-08-16 06:11 - 03333632 _____ () C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
2013-10-31 22:56 - 2013-05-10 13:03 - 00419072 _____ () C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe
2013-10-31 22:56 - 2013-05-10 13:03 - 00446720 _____ () C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe
2014-08-31 13:08 - 2014-09-06 13:25 - 05215232 _____ () C:\Program Files\Nightly\mozjs.dll
2014-05-24 17:39 - 2011-07-21 12:44 - 20237824 _____ () E:\JD-Downloads\Shakes & Fidget Bot\sfBot.exe
2014-08-23 02:59 - 2014-08-23 02:59 - 23235248 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-12-02 12:56 - 2010-12-02 12:56 - 00815104 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll
2011-01-09 15:45 - 2011-01-09 15:45 - 00088064 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_MouseDeviceManager.dll
2012-06-14 10:59 - 2012-06-14 10:59 - 02414080 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll
2012-05-17 06:17 - 2012-05-17 06:17 - 01000448 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 09:18 - 2010-09-20 09:18 - 00085504 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ZoomControl.dll
2010-09-20 09:18 - 2010-09-20 09:18 - 00054272 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ScrollbarControl.dll
2011-04-12 10:14 - 2011-04-12 10:14 - 00063488 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 15:16 - 2010-11-01 15:16 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInOne.dll
2012-04-27 06:40 - 2012-04-27 06:40 - 00118272 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_Wheel4D.dll
2013-01-20 15:56 - 2013-09-03 15:01 - 00736768 _____ () C:\Program Files (x86)\Last.fm\unicorn.dll
2013-01-20 15:56 - 2013-09-03 15:01 - 00126976 _____ () C:\Program Files (x86)\Last.fm\listener.dll
2013-01-20 15:56 - 2013-09-03 15:01 - 00032768 _____ () C:\Program Files (x86)\Last.fm\logger.dll
2013-01-20 15:56 - 2013-09-03 11:54 - 00351232 _____ () C:\Program Files (x86)\Last.fm\lastfm.dll
2013-01-20 15:56 - 2013-01-18 13:39 - 00302592 _____ () C:\Program Files (x86)\Last.fm\phonon.dll
2013-11-08 01:12 - 2013-01-18 13:49 - 00182784 _____ () C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll
2013-01-20 15:56 - 2012-12-13 02:12 - 00111104 _____ () C:\Program Files (x86)\Last.fm\libvlc.dll
2013-01-20 15:56 - 2012-12-13 02:13 - 02286592 _____ () C:\Program Files (x86)\Last.fm\libvlccore.dll
2013-11-08 01:12 - 2012-12-13 02:13 - 00049664 _____ () C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll
2013-01-16 23:18 - 2006-06-09 16:20 - 00003072 _____ () C:\WINDOWS\system32\CTXFIGER.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2014 01:30:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Andras)
Description: Die App „Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (09/14/2014 01:07:10 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (09/14/2014 01:06:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/14/2014 01:06:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/14/2014 01:06:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/14/2014 01:06:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/11/2014 07:21:03 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (09/11/2014 07:21:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/11/2014 07:21:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/11/2014 07:21:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (09/16/2014 01:19:30 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "ANDRAS" auf Transport "NetBT_Tcpip_{3FE6C248-A11B-4E64-9C74-A2DF4927533D}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (09/14/2014 11:57:53 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{07A1A0A3-C826-4479-8049-CE094EFD4597} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (09/14/2014 11:57:49 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "ANDRAS" auf Transport "NetBT_Tcpip_{3FE6C248-A11B-4E64-9C74-A2DF4927533D}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (09/14/2014 00:53:01 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "ANDRAS" auf Transport "NetBT_Tcpip_{3FE6C248-A11B-4E64-9C74-A2DF4927533D}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (09/14/2014 02:10:31 AM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "ANDRAS" auf Transport "NetBT_Tcpip_{3FE6C248-A11B-4E64-9C74-A2DF4927533D}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (09/14/2014 02:10:26 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎14.‎09.‎2014 um 02:09:27 unerwartet heruntergefahren.

Error: (09/13/2014 02:22:30 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "ANDRAS" auf Transport "NetBT_Tcpip_{3FE6C248-A11B-4E64-9C74-A2DF4927533D}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (09/13/2014 03:19:11 AM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "ANDRAS" auf Transport "NetBT_Tcpip_{3FE6C248-A11B-4E64-9C74-A2DF4927533D}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (08/29/2014 03:53:55 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "ANDRAS" auf Transport "NetBT_Tcpip_{3FE6C248-A11B-4E64-9C74-A2DF4927533D}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (08/29/2014 03:53:52 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff88007f41b5f, 0xfffff88005ce47e8, 0xfffff88005ce4020)C:\WINDOWS\MEMORY.DMP082914-14664-01


Microsoft Office Sessions:
=========================
Error: (09/16/2014 01:30:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Andras)
Description: Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo

Error: (09/14/2014 01:07:10 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dllc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dll3

Error: (09/14/2014 01:06:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll

Error: (09/14/2014 01:06:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll

Error: (09/14/2014 01:06:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll

Error: (09/14/2014 01:06:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll

Error: (09/11/2014 07:21:03 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dllc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dll3

Error: (09/11/2014 07:21:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll

Error: (09/11/2014 07:21:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll

Error: (09/11/2014 07:21:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU K 875 @ 2.93GHz
Percentage of memory in use: 27%
Total physical RAM: 8182.05 MB
Available physical RAM: 5904.78 MB
Total Pagefile: 16374.05 MB
Available Pagefile: 13604.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:48.82 GB) NTFS
Drive d: (Volume) (Fixed) (Total:465.76 GB) (Free:48.23 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1863.01 GB) (Free:211.97 GB) NTFS
Drive g: (ALICE_2) (CDROM) (Total:7.15 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 414878C4)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 8278219C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 414878C5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Gmer.log:

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-18 22:53:29
Windows 6.2.9200  x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP4T0L0-6 OCZ-VERTEX2 rev.1.11 111,79GB
Running: Gmer-19357.exe; Driver: C:\Users\Nils\AppData\Local\Temp\uwlorpob.sys


---- User code sections - GMER 2.1 ----

.text   C:\WINDOWS\System32\dwm.exe[4068] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                           000007fc7a40177a 4 bytes [40, 7A, FC, 07]
.text   C:\WINDOWS\System32\dwm.exe[4068] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                           000007fc7a401782 4 bytes [40, 7A, FC, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[5552] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690        000007fc759f1532 4 bytes [9F, 75, FC, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[5552] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698        000007fc759f153a 4 bytes [9F, 75, FC, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[5552] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246      000007fc759f165a 4 bytes [9F, 75, FC, 07]
.text   C:\WINDOWS\system32\nvvsvc.exe[3556] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 690                                  000007fc759f1532 4 bytes [9F, 75, FC, 07]
.text   C:\WINDOWS\system32\nvvsvc.exe[3556] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 698                                  000007fc759f153a 4 bytes [9F, 75, FC, 07]
.text   C:\WINDOWS\system32\nvvsvc.exe[3556] C:\WINDOWS\system32\MSIMG32.dll!TransparentBlt + 246                                000007fc759f165a 4 bytes [9F, 75, FC, 07]
.text   C:\WINDOWS\system32\nvvsvc.exe[3556] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                        000007fc7a40177a 4 bytes [40, 7A, FC, 07]
.text   C:\WINDOWS\system32\nvvsvc.exe[3556] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                        000007fc7a401782 4 bytes [40, 7A, FC, 07]
.text   C:\WINDOWS\Explorer.EXE[4572] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                               000007fc7a40177a 4 bytes [40, 7A, FC, 07]
.text   C:\WINDOWS\Explorer.EXE[4572] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                               000007fc7a401782 4 bytes [40, 7A, FC, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[316] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690           000007fc759f1532 4 bytes [9F, 75, FC, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[316] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698           000007fc759f153a 4 bytes [9F, 75, FC, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[316] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246         000007fc759f165a 4 bytes [9F, 75, FC, 07]
.text   C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe[2904] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690    000007fc759f1532 4 bytes [9F, 75, FC, 07]
.text   C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe[2904] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698    000007fc759f153a 4 bytes [9F, 75, FC, 07]
.text   C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe[2904] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246  000007fc759f165a 4 bytes [9F, 75, FC, 07]

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [2652:5908]                                                                                fffff960009705e8

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                        338903081

---- EOF - GMER 2.1 ----

Das Gmer.log konnte ich nicht als .txt abspeichern. Ich hoffe, das macht so keinen Unterschied.

Habe sonst auch noch nichts im Alleingang unternommen. Auch noch kein Malwarebytes laufen lassen. Soll ich dass noch durchführen?

Vielleicht sollte ich noch erwähnen, dass ich den PC vor kurzem von meinem Bruder so übernommen habe (er hat sich einen neuen zugelegt), ohne irgendwas daran geändert zu haben, da ich mich wirklich kaum auskenne.

Vielen Dank schonmal für eure Hilfe.

LG Aislin

Edit: Ich bin ab morgen (Freitag) erstmal für das Wochenende weg und komme erst am Sonntag wieder. Vielleicht habe ich aber noch Zeit morgen kurz reinzuschauen bevor ich weg bin, kann aber nichts versprechen.

cosinus · 18.09.2014, 23:38

Hi und

Zitat:

Vielleicht sollte ich noch erwähnen, dass ich den PC vor kurzem von meinem Bruder so übernommen habe (er hat sich einen neuen zugelegt), ohne irgendwas daran geändert zu haben, da ich mich wirklich kaum auskenne.

Da hat dein Bruder dir aber ne denkbar schlechte Konfig überlassen...
Win8 ist nicht aktuell => Update auf Windows 8.1: FAQ - Windows-Hilfe

Fast noch schlimmer finde ich den bei dir installierten Nightly. Das ist eine experimentelle Testversion vom Firefox und nicht zum allgemeinen Alltagsurfen gedacht! Umgehend deinstallieren und aktuelles Release von Firefox installieren, keine Beta-Version, kein Aurora und erst recht kein Nightly!

Aislin · 19.09.2014, 12:31

Hallo und danke

okay, da hab ich wieder was gelernt. Also Win 8.1 lade ich jetzt gerade.
Um Nightly kümmere ich mich dann nach dem Update, sollte ich dann noch die Zeit haben bevor ich los muss.

Was kann ich denn wegen dem eigentlichen Problem tun?

Lieben Gruß nochmal und danke für die schnelle Rückmeldung.
Aislin

cosinus · 19.09.2014, 12:46

Adware/Junkware/Toolbars entfernen

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen aus den Desktop!)

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Aislin · 21.09.2014, 18:45

Soo, entschuldige bitte meine Abwesenheit über das Wochenende.

Habe alles soweit gemacht.
Allerdings hat FRST keine neue Addition.txt erstellt. Ist das richtig so? Hab es auch nicht erneut runtergeladen weil ich es ja noch von Freitag auf dem PC hatte.

AdwCleaner[S0].txt

Code:

ATTFilter

# AdwCleaner v3.310 - Bericht erstellt am 21/09/2014 um 18:50:52
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 8.1 Pro  (64 bits)
# Benutzername : Nils - ANDRAS
# Gestartet von : C:\Users\Nils\Desktop\AdwCleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\foxydeal.sqlite

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\IGearSettings
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17278


-\\ Mozilla Firefox v32.0.2 (x86 de)

[ Datei : C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1551 octets] - [21/09/2014 18:49:17]
AdwCleaner[R1].txt - [1611 octets] - [21/09/2014 18:50:28]
AdwCleaner[S0].txt - [1251 octets] - [21/09/2014 18:50:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1311 octets] ##########

JRT.txt

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 8.1 Pro x64
Ran by Nils on 21.09.2014 at 18:59:46,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\cmd



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"



~~~ FireFox

Successfully deleted: [File] C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\kou7w5w4.default\searchplugins\youtube-video-search.xml



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.09.2014 at 19:05:35,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scheinbar ist das FRST log zu lang. Daher dieses hier als Anhang.

Ich hoffe, ich habe soweit alles richtig gemacht.

Liebe Gruß und danke weiterhin.
Aislin

cosinus · 21.09.2014, 23:58

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Aislin · 22.09.2014, 17:10

Okay, ich dachte man solle es als zip anhängen, da es so in dem Hilfesuchende-Thema steht und es auch so empfohlen wird wenn der Beitrag zu lang wird.

Also hier dann die FRST.txt:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Nils (administrator) on ANDRAS on 21-09-2014 19:08:08
Running from C:\Users\Nils\Desktop
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
() C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe
() C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [CheckNDISPortF0acA7] => C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe [419072 2013-05-10] ()
HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe [446720 2013-05-10] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3333632 2012-08-16] ()
HKU\S-1-5-21-2171337075-1393702317-1490181782-1001\...\Policies\Explorer: [NoThumbnailCache] 1
Startup: C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Last.fm Scrobbler.exe - Verknüpfung.lnk
ShortcutTarget: Last.fm Scrobbler.exe - Verknüpfung.lnk -> C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe (Last.fm)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x41FEB7DE2AF4CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF SearchPlugin: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\searchplugins\amazon-search-suggestions.xml
FF SearchPlugin: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\searchplugins\imdb.xml
FF SearchPlugin: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\searchplugins\leo-ger-eng.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Cliqz Beta - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\Extensions\cliqz@cliqz.com [2014-09-19]
FF Extension: FoxyProxy Standard - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\Extensions\foxyproxy@eric.h.jung [2014-07-15]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: Session Manager - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-01-18]
FF Extension: Adblock Plus - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-16]
FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\kou7w5w4.default\extensions\cliqz@cliqz.com

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-01-26] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [128000 2014-09-06] (Mozilla Foundation) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-19] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-19] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-19] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-31] (DT Soft Ltd)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-19] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-19] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 19:07 - 2014-09-21 19:07 - 00001009 _____ () C:\Users\Nils\Desktop\AdwCleaner[S0].txt - Verknüpfung.lnk
2014-09-21 19:05 - 2014-09-21 19:05 - 00000961 _____ () C:\Users\Nils\Desktop\JRT.txt
2014-09-21 18:59 - 2014-09-21 18:59 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-21 18:58 - 2014-09-21 18:58 - 01027006 _____ (Thisisu) C:\Users\Nils\Desktop\JRT.exe
2014-09-21 18:51 - 2014-09-21 18:51 - 00000314 _____ () C:\WINDOWS\PFRO.log
2014-09-21 18:49 - 2014-09-21 18:50 - 00000000 ____D () C:\AdwCleaner
2014-09-19 15:15 - 2014-09-19 15:15 - 00000000 ____D () C:\Windows.old
2014-09-19 15:15 - 2014-09-19 14:43 - 00000000 ___DC () C:\WINDOWS\Panther
2014-09-19 15:13 - 2014-09-19 15:13 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-09-19 15:13 - 2014-09-19 15:13 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-09-19 15:13 - 2014-09-19 15:13 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-09-19 15:13 - 2014-09-19 15:13 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-19 15:13 - 2014-09-19 15:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-09-19 15:13 - 2014-09-19 15:13 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-09-19 15:13 - 2014-09-19 15:13 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-09-19 15:13 - 2014-09-19 15:13 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-09-19 15:13 - 2014-09-19 15:13 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-09-19 15:13 - 2014-09-19 15:13 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-19 15:12 - 2014-09-19 15:12 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-09-19 15:12 - 2014-09-19 15:12 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-09-19 15:11 - 2014-09-19 15:11 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-09-19 15:11 - 2014-09-19 15:11 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-09-19 15:11 - 2014-09-19 15:11 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-19 15:11 - 2014-09-19 15:11 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-09-19 15:11 - 2014-09-19 15:11 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-19 15:10 - 2014-09-19 15:10 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-09-19 15:10 - 2014-09-19 15:10 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-09-19 15:09 - 2014-09-19 15:09 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-19 15:08 - 2014-09-19 15:08 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-19 15:08 - 2014-09-19 15:08 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-19 15:08 - 2014-09-19 15:08 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-19 15:08 - 2014-09-19 15:08 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-19 15:08 - 2014-09-19 15:08 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-19 15:08 - 2014-09-19 15:08 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-19 15:08 - 2014-09-19 15:08 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-09-19 15:06 - 2014-09-19 15:06 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-09-19 15:06 - 2014-09-19 15:06 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-19 15:06 - 2014-09-19 15:06 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-19 15:06 - 2014-09-19 15:06 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-09-19 15:06 - 2014-09-19 15:06 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-09-19 15:06 - 2014-09-19 15:06 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-09-19 15:06 - 2014-09-19 15:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-09-19 15:06 - 2014-09-19 15:06 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-19 15:05 - 2014-09-19 15:05 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-19 15:05 - 2014-09-19 15:05 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-19 15:05 - 2014-09-19 15:05 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-09-19 15:05 - 2014-09-19 15:05 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-19 15:05 - 2014-09-19 15:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00310616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb22.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-09-19 15:04 - 2014-09-19 15:04 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-09-19 14:59 - 2014-09-19 14:59 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-09-19 14:59 - 2014-09-19 14:59 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-09-19 14:59 - 2014-09-19 14:59 - 00000000 ____D () C:\Program Files\MSBuild
2014-09-19 14:59 - 2014-09-19 14:59 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-09-19 14:59 - 2014-09-19 14:59 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-19 14:59 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-09-19 14:59 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-19 14:59 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-09-19 14:59 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-09-19 14:49 - 2014-09-19 14:49 - 00000000 ____D () C:\Users\Nils\AppData\Local\Macromedia
2014-09-19 14:47 - 2014-09-19 14:47 - 01373475 _____ () C:\Users\Nils\Desktop\AdwCleaner_3.310.exe
2014-09-19 14:45 - 2014-09-19 14:45 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-19 14:45 - 2014-09-19 14:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 14:45 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2014-09-19 14:45 - 2011-03-25 20:42 - 00338432 _____ () C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2014-09-19 14:36 - 2014-09-21 18:54 - 00000000 ___RD () C:\Users\Nils\OneDrive
2014-09-19 14:35 - 2014-09-19 14:35 - 00001454 _____ () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-19 14:35 - 2014-09-19 14:35 - 00000662 __RSH () C:\Users\Nils\ntuser.pol
2014-09-19 14:35 - 2014-09-19 14:35 - 00000020 ___SH () C:\Users\Nils\ntuser.ini
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-09-19 14:26 - 2014-09-19 14:26 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-09-19 14:23 - 2014-09-19 14:23 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-19 14:23 - 2014-09-19 14:23 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-09-19 14:23 - 2014-09-19 14:23 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-09-19 14:21 - 2014-09-19 14:36 - 00000000 ____D () C:\Users\Nils
2014-09-19 14:21 - 2014-09-19 14:27 - 00024768 _____ () C:\WINDOWS\diagwrn.xml
2014-09-19 14:21 - 2014-09-19 14:27 - 00024768 _____ () C:\WINDOWS\diagerr.xml
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Vorlagen
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Startmenü
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Netzwerkumgebung
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Lokale Einstellungen
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Eigene Dateien
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Druckumgebung
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Documents\Eigene Musik
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Documents\Eigene Bilder
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\AppData\Local\Verlauf
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\AppData\Local\Anwendungsdaten
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Anwendungsdaten
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 ___RD () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 ___RD () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-09-19 14:21 - 2014-03-18 12:12 - 00000369 _____ () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-09-19 14:21 - 2014-03-18 12:12 - 00000369 _____ () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-09-19 14:21 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-19 14:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-19 14:17 - 2014-09-21 19:02 - 00070736 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-19 14:17 - 2014-09-21 18:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-19 14:17 - 2014-09-19 14:22 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-19 14:17 - 2014-09-19 14:22 - 00000000 ____D () C:\ProgramData\Creative
2014-09-19 14:17 - 2014-09-19 14:22 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-19 14:17 - 2014-09-19 14:22 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-19 14:17 - 2014-09-19 14:17 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2014-09-19 14:17 - 2014-09-19 14:17 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2014-09-19 14:17 - 2014-09-19 14:17 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2014-09-19 14:17 - 2014-09-19 14:17 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2014-09-19 14:17 - 2014-09-19 14:17 - 00000159 ___RH () C:\WINDOWS\ctfile.rfc
2014-09-19 14:17 - 2014-09-19 14:17 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-09-19 14:17 - 2014-07-02 20:55 - 06783776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-09-19 14:17 - 2014-07-02 20:55 - 03522392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-09-19 14:17 - 2014-07-02 20:55 - 02559960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-09-19 14:17 - 2014-07-02 20:55 - 00935368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-09-19 14:17 - 2014-07-02 20:55 - 00386520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-09-19 14:17 - 2014-07-02 20:55 - 00062808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-09-19 14:17 - 2014-07-02 12:14 - 03826628 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-09-19 14:17 - 2009-03-26 14:48 - 00190976 _____ () C:\WINDOWS\system32\APOMgr64.DLL
2014-09-19 14:17 - 2009-03-26 14:46 - 00148480 _____ () C:\WINDOWS\SysWOW64\APOMngr.DLL
2014-09-19 14:17 - 2009-02-06 18:53 - 00089088 _____ () C:\WINDOWS\system32\CmdRtr64.DLL
2014-09-19 14:17 - 2009-02-06 18:52 - 00073728 _____ () C:\WINDOWS\SysWOW64\CmdRtr.DLL
2014-09-19 14:17 - 2008-02-04 11:28 - 00107008 _____ (Creative Technology Ltd) C:\WINDOWS\system32\cttele64.dll
2014-09-19 14:17 - 2008-02-04 11:27 - 00102400 _____ (Creative Technology Ltd) C:\WINDOWS\SysWOW64\cttele32.dll
2014-09-19 14:16 - 2014-09-19 14:23 - 00000000 ____D () C:\WINDOWS\SysWOW64\data
2014-09-19 14:16 - 2014-09-19 14:22 - 00000000 ____D () C:\WINDOWS\system32\data
2014-09-18 22:53 - 2014-09-18 22:53 - 00003787 _____ () C:\Users\Nils\Desktop\Gmer.log
2014-09-18 22:28 - 2014-09-18 22:28 - 00380416 _____ () C:\Users\Nils\Desktop\Gmer-19357.exe
2014-09-18 22:25 - 2014-09-21 19:08 - 00013846 _____ () C:\Users\Nils\Desktop\FRST.txt
2014-09-18 22:25 - 2014-09-21 19:08 - 00000000 ____D () C:\FRST
2014-09-18 22:23 - 2014-09-18 22:23 - 02105856 _____ (Farbar) C:\Users\Nils\Desktop\FRST64.exe
2014-09-18 22:22 - 2014-09-18 22:22 - 00000540 _____ () C:\Users\Nils\Desktop\defogger_disable.log
2014-09-18 22:22 - 2014-09-18 22:22 - 00000168 _____ () C:\Users\Nils\defogger_reenable
2014-09-18 22:20 - 2014-09-18 22:20 - 00050477 _____ () C:\Users\Nils\Desktop\Defogger.exe
2014-09-16 13:19 - 2014-09-16 13:22 - 00000000 ____D () C:\Users\Nils\Desktop\Schnurrr
2014-09-14 20:49 - 2014-09-14 21:18 - 00000341 _____ () C:\Users\Nils\Desktop\Mono G Ramp Deck.txt
2014-09-14 19:58 - 2014-09-14 20:10 - 00000223 _____ () C:\Users\Nils\Desktop\Pox Deck.txt
2014-09-14 19:32 - 2014-09-14 19:38 - 00000321 _____ () C:\Users\Nils\Desktop\Raffinity Deck.txt
2014-09-14 19:07 - 2014-09-14 19:26 - 00000243 _____ () C:\Users\Nils\Desktop\Zombie Deck.txt
2014-09-11 23:48 - 2014-09-12 23:57 - 00000475 _____ () C:\Users\Nils\Desktop\Magic Liste.txt
2014-09-11 22:57 - 2014-09-16 23:46 - 00000278 _____ () C:\Users\Nils\Desktop\Magic Liste - Proxen.txt
2014-09-11 19:27 - 2014-09-11 19:33 - 02266328 _____ () C:\Users\Nils\Desktop\sc0000.bmp
2014-09-07 15:30 - 2014-09-19 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-07 15:30 - 2014-09-07 15:30 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\Program Files\iTunes
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\Program Files\iPod
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-05 00:11 - 2014-09-05 21:39 - 00000000 ____D () C:\ProgramData\Origin
2014-09-05 00:11 - 2014-09-05 21:29 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Origin
2014-08-31 15:58 - 2014-09-19 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-08-31 15:58 - 2014-08-31 15:58 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-08-29 15:56 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-08-26 18:23 - 2014-08-26 18:23 - 234028650 _____ () C:\Users\Nils\Desktop\IMG_1433.psd
2014-08-26 18:21 - 2014-08-26 18:21 - 274261050 _____ () C:\Users\Nils\Desktop\IMG_m.psd
2014-08-25 23:00 - 2014-09-18 22:27 - 00000165 _____ () C:\Users\Nils\Desktop\JDownloads.txt
2014-08-23 12:28 - 2014-08-26 17:24 - 00000000 ____D () C:\Users\Nils\AppData\Local\Adobe
2014-08-23 02:59 - 2014-08-23 02:59 - 00000000 ____D () C:\ProgramData\McAfee

LG
Aislin

Aislin · 22.09.2014, 17:11

FRST.txt fortführend:

Code:

ATTFilter

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 19:08 - 2014-09-18 22:25 - 00013846 _____ () C:\Users\Nils\Desktop\FRST.txt
2014-09-21 19:08 - 2014-09-18 22:25 - 00000000 ____D () C:\FRST
2014-09-21 19:07 - 2014-09-21 19:07 - 00001009 _____ () C:\Users\Nils\Desktop\AdwCleaner[S0].txt - Verknüpfung.lnk
2014-09-21 19:05 - 2014-09-21 19:05 - 00000961 _____ () C:\Users\Nils\Desktop\JRT.txt
2014-09-21 19:05 - 2013-01-16 22:50 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2171337075-1393702317-1490181782-1001
2014-09-21 19:02 - 2014-09-19 14:17 - 00070736 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-21 19:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-21 18:59 - 2014-09-21 18:59 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-21 18:58 - 2014-09-21 18:58 - 01027006 _____ (Thisisu) C:\Users\Nils\Desktop\JRT.exe
2014-09-21 18:57 - 2014-03-18 12:04 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-21 18:57 - 2014-03-18 11:25 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-21 18:57 - 2014-03-18 11:25 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-21 18:54 - 2014-09-19 14:36 - 00000000 ___RD () C:\Users\Nils\OneDrive
2014-09-21 18:51 - 2014-09-21 18:51 - 00000314 _____ () C:\WINDOWS\PFRO.log
2014-09-21 18:51 - 2014-09-19 14:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-21 18:51 - 2014-06-24 20:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-21 18:51 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-21 18:51 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-21 18:50 - 2014-09-21 18:49 - 00000000 ____D () C:\AdwCleaner
2014-09-19 15:15 - 2014-09-19 15:15 - 00000000 ____D () C:\Windows.old
2014-09-19 15:15 - 2013-08-22 17:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-09-19 15:13 - 2014-09-19 15:13 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-09-19 15:13 - 2014-09-19 15:13 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-09-19 15:13 - 2014-09-19 15:13 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-09-19 15:13 - 2014-09-19 15:13 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-19 15:13 - 2014-09-19 15:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-09-19 15:13 - 2014-09-19 15:13 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-09-19 15:13 - 2014-09-19 15:13 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-09-19 15:13 - 2014-09-19 15:13 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-09-19 15:13 - 2014-09-19 15:13 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-09-19 15:13 - 2014-09-19 15:13 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-19 15:12 - 2014-09-19 15:12 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-09-19 15:12 - 2014-09-19 15:12 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-09-19 15:12 - 2014-09-19 15:12 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-09-19 15:11 - 2014-09-19 15:11 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-09-19 15:11 - 2014-09-19 15:11 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-09-19 15:11 - 2014-09-19 15:11 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-19 15:11 - 2014-09-19 15:11 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-09-19 15:11 - 2014-09-19 15:11 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-09-19 15:11 - 2014-09-19 15:11 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-09-19 15:11 - 2014-09-19 15:11 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-09-19 15:11 - 2014-09-19 15:11 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-09-19 15:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-19 15:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-09-19 15:10 - 2014-09-19 15:10 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-19 15:10 - 2014-09-19 15:10 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-09-19 15:10 - 2014-09-19 15:10 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-09-19 15:10 - 2014-09-19 15:10 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-09-19 15:10 - 2014-09-19 15:10 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-09-19 15:10 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-19 15:09 - 2014-09-19 15:09 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-09-19 15:09 - 2014-09-19 15:09 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-19 15:09 - 2014-09-19 15:09 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-19 15:09 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-19 15:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-19 15:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-09-19 15:08 - 2014-09-19 15:08 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-19 15:08 - 2014-09-19 15:08 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-19 15:08 - 2014-09-19 15:08 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-19 15:08 - 2014-09-19 15:08 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-19 15:08 - 2014-09-19 15:08 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-19 15:08 - 2014-09-19 15:08 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-19 15:08 - 2014-09-19 15:08 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-19 15:08 - 2014-09-19 15:08 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-09-19 15:06 - 2014-09-19 15:06 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-09-19 15:06 - 2014-09-19 15:06 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-19 15:06 - 2014-09-19 15:06 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-19 15:06 - 2014-09-19 15:06 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-09-19 15:06 - 2014-09-19 15:06 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-19 15:06 - 2014-09-19 15:06 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-09-19 15:06 - 2014-09-19 15:06 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-09-19 15:06 - 2014-09-19 15:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-09-19 15:06 - 2014-09-19 15:06 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-19 15:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-19 15:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-19 15:05 - 2014-09-19 15:05 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-19 15:05 - 2014-09-19 15:05 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-19 15:05 - 2014-09-19 15:05 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-19 15:05 - 2014-09-19 15:05 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-09-19 15:05 - 2014-09-19 15:05 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-19 15:05 - 2014-09-19 15:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00310616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb22.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-09-19 15:05 - 2014-09-19 15:05 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-09-19 15:05 - 2014-09-19 15:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-09-19 15:05 - 2014-09-19 15:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-09-19 15:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-19 15:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-19 15:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-19 15:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-19 15:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-19 15:05 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-19 15:04 - 2014-09-19 15:04 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-09-19 14:59 - 2014-09-19 14:59 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-09-19 14:59 - 2014-09-19 14:59 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-09-19 14:59 - 2014-09-19 14:59 - 00000000 ____D () C:\Program Files\MSBuild
2014-09-19 14:59 - 2014-09-19 14:59 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-09-19 14:59 - 2014-09-19 14:59 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-19 14:49 - 2014-09-19 14:49 - 00000000 ____D () C:\Users\Nils\AppData\Local\Macromedia
2014-09-19 14:47 - 2014-09-19 14:47 - 01373475 _____ () C:\Users\Nils\Desktop\AdwCleaner_3.310.exe
2014-09-19 14:45 - 2014-09-19 14:45 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-19 14:45 - 2014-09-19 14:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 14:43 - 2014-09-19 15:15 - 00000000 ___DC () C:\WINDOWS\Panther
2014-09-19 14:43 - 2013-01-17 01:02 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Media Player Classic
2014-09-19 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-19 14:36 - 2014-09-19 14:21 - 00000000 ____D () C:\Users\Nils
2014-09-19 14:36 - 2013-01-16 22:44 - 00000000 ____D () C:\Users\Nils\AppData\Local\Packages
2014-09-19 14:35 - 2014-09-19 14:35 - 00001454 _____ () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-19 14:35 - 2014-09-19 14:35 - 00000662 __RSH () C:\Users\Nils\ntuser.pol
2014-09-19 14:35 - 2014-09-19 14:35 - 00000020 ___SH () C:\Users\Nils\ntuser.ini
2014-09-19 14:35 - 2014-03-18 13:47 - 00000000 ___HD () C:\$Windows.~BT
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-09-19 14:27 - 2014-09-19 14:27 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-09-19 14:27 - 2014-09-19 14:21 - 00024768 _____ () C:\WINDOWS\diagwrn.xml
2014-09-19 14:27 - 2014-09-19 14:21 - 00024768 _____ () C:\WINDOWS\diagerr.xml
2014-09-19 14:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-09-19 14:27 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-09-19 14:27 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2014-09-19 14:27 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-19 14:26 - 2014-09-19 14:26 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-09-19 14:26 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-09-19 14:26 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-19 14:24 - 2013-08-22 16:44 - 04971568 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-19 14:23 - 2014-09-19 14:23 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-19 14:23 - 2014-09-19 14:23 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-09-19 14:23 - 2014-09-19 14:23 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-09-19 14:23 - 2014-09-19 14:16 - 00000000 ____D () C:\WINDOWS\SysWOW64\data
2014-09-19 14:23 - 2014-09-07 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-19 14:23 - 2014-08-31 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-09-19 14:23 - 2014-07-25 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-09-19 14:23 - 2014-07-25 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
2014-09-19 14:23 - 2014-07-07 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Don't Starve
2014-09-19 14:23 - 2014-06-28 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2014-09-19 14:23 - 2014-06-26 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test
2014-09-19 14:23 - 2014-06-07 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-09-19 14:23 - 2014-06-06 23:38 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-09-19 14:23 - 2014-03-18 11:40 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-09-19 14:23 - 2014-03-18 11:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-09-19 14:23 - 2014-03-18 11:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-09-19 14:23 - 2014-03-06 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-19 14:23 - 2014-02-09 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-19 14:23 - 2014-02-07 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-09-19 14:23 - 2014-01-08 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online Beta
2014-09-19 14:23 - 2013-12-16 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-09-19 14:23 - 2013-12-15 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-09-19 14:23 - 2013-12-08 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2014-09-19 14:23 - 2013-11-21 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Galactic Cafe
2014-09-19 14:23 - 2013-11-08 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
2014-09-19 14:23 - 2013-10-31 22:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\SupportAppPBHostless Modem
2014-09-19 14:23 - 2013-10-31 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2 Surfstick
2014-09-19 14:23 - 2013-09-14 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampire - The Masquerade Bloodlines
2014-09-19 14:23 - 2013-09-06 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Benutzerregistrierung
2014-09-19 14:23 - 2013-09-06 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Manual
2014-09-19 14:23 - 2013-09-06 22:23 - 00000000 ____D () C:\WINDOWS\system32\STRING
2014-09-19 14:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-09-19 14:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-09-19 14:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-09-19 14:23 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-09-19 14:23 - 2013-05-21 02:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-19 14:23 - 2013-04-14 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-09-19 14:23 - 2013-04-14 23:20 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive
2014-09-19 14:23 - 2013-04-08 21:42 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-19 14:23 - 2013-04-08 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-19 14:23 - 2013-04-06 02:26 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-09-19 14:23 - 2013-03-31 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-09-19 14:23 - 2013-02-08 01:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-09-19 14:23 - 2013-02-04 01:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grotesque-Tactics2
2014-09-19 14:23 - 2013-02-03 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
2014-09-19 14:23 - 2013-01-26 12:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2014-09-19 14:23 - 2013-01-16 23:29 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2014-09-19 14:23 - 2013-01-16 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-09-19 14:23 - 2013-01-16 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-09-19 14:23 - 2013-01-16 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-19 14:23 - 2013-01-16 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-19 14:23 - 2012-07-26 07:37 - 00000000 ____D () C:\Users\Default.migrated
2014-09-19 14:22 - 2014-09-19 14:17 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-19 14:22 - 2014-09-19 14:17 - 00000000 ____D () C:\ProgramData\Creative
2014-09-19 14:22 - 2014-09-19 14:17 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-19 14:22 - 2014-09-19 14:17 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-19 14:22 - 2014-09-19 14:16 - 00000000 ____D () C:\WINDOWS\system32\data
2014-09-19 14:22 - 2014-08-05 23:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wizards of the Coast LLC
2014-09-19 14:22 - 2014-03-18 11:25 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-09-19 14:22 - 2014-01-10 02:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Software
2014-09-19 14:22 - 2014-01-03 22:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Barrels
2014-09-19 14:22 - 2013-12-03 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters
2014-09-19 14:22 - 2013-11-15 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2014-09-19 14:22 - 2013-10-06 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2014-09-19 14:22 - 2013-09-06 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-09-19 14:22 - 2013-09-06 22:24 - 00000000 ___HD () C:\WINDOWS\system32\CanonIJ Uninstaller Information
2014-09-19 14:22 - 2013-09-06 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series
2014-09-19 14:22 - 2013-08-24 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2014-09-19 14:22 - 2013-08-22 17:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-09-19 14:22 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-09-19 14:22 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-09-19 14:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-09-19 14:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-09-19 14:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-19 14:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-09-19 14:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-09-19 14:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME
2014-09-19 14:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2014-09-19 14:22 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-19 14:22 - 2013-04-14 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team Meat
2014-09-19 14:22 - 2013-02-05 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2014-09-19 14:22 - 2013-01-26 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square Enix
2014-09-19 14:22 - 2013-01-17 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2014-09-19 14:22 - 2013-01-16 22:44 - 00000000 ____D () C:\ProgramData\PRICache
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Vorlagen
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Startmenü
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Netzwerkumgebung
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Lokale Einstellungen
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Eigene Dateien
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Druckumgebung
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Documents\Eigene Musik
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Documents\Eigene Bilder
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\AppData\Local\Verlauf
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\AppData\Local\Anwendungsdaten
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _SHDL () C:\Users\Nils\Anwendungsdaten
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 ___RD () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 ___RD () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-09-19 14:21 - 2014-06-29 00:00 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZAM Network LLC
2014-09-19 14:21 - 2014-02-07 16:57 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-09-19 14:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-09-19 14:21 - 2013-07-12 22:51 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ
2014-09-19 14:21 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-09-19 14:17 - 2014-09-19 14:17 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2014-09-19 14:17 - 2014-09-19 14:17 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2014-09-19 14:17 - 2014-09-19 14:17 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2014-09-19 14:17 - 2014-09-19 14:17 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2014-09-19 14:17 - 2014-09-19 14:17 - 00000159 ___RH () C:\WINDOWS\ctfile.rfc
2014-09-19 14:17 - 2014-09-19 14:17 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-09-19 14:17 - 2013-11-01 18:16 - 00000000 ____D () C:\Temp
2014-09-19 14:17 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-09-19 14:17 - 2012-06-07 22:15 - 00000000 __SHD () C:\Recovery
2014-09-19 13:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-09-18 22:54 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-18 22:53 - 2014-09-18 22:53 - 00003787 _____ () C:\Users\Nils\Desktop\Gmer.log
2014-09-18 22:28 - 2014-09-18 22:28 - 00380416 _____ () C:\Users\Nils\Desktop\Gmer-19357.exe
2014-09-18 22:27 - 2014-08-25 23:00 - 00000165 _____ () C:\Users\Nils\Desktop\JDownloads.txt
2014-09-18 22:23 - 2014-09-18 22:23 - 02105856 _____ (Farbar) C:\Users\Nils\Desktop\FRST64.exe
2014-09-18 22:22 - 2014-09-18 22:22 - 00000540 _____ () C:\Users\Nils\Desktop\defogger_disable.log
2014-09-18 22:22 - 2014-09-18 22:22 - 00000168 _____ () C:\Users\Nils\defogger_reenable
2014-09-18 22:20 - 2014-09-18 22:20 - 00050477 _____ () C:\Users\Nils\Desktop\Defogger.exe
2014-09-16 23:46 - 2014-09-11 22:57 - 00000278 _____ () C:\Users\Nils\Desktop\Magic Liste - Proxen.txt
2014-09-16 16:46 - 2013-01-20 15:56 - 00000000 ____D () C:\Users\Nils\AppData\Local\Last.fm
2014-09-16 13:22 - 2014-09-16 13:19 - 00000000 ____D () C:\Users\Nils\Desktop\Schnurrr
2014-09-15 22:02 - 2013-01-16 23:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-14 21:18 - 2014-09-14 20:49 - 00000341 _____ () C:\Users\Nils\Desktop\Mono G Ramp Deck.txt
2014-09-14 20:10 - 2014-09-14 19:58 - 00000223 _____ () C:\Users\Nils\Desktop\Pox Deck.txt
2014-09-14 19:38 - 2014-09-14 19:32 - 00000321 _____ () C:\Users\Nils\Desktop\Raffinity Deck.txt
2014-09-14 19:26 - 2014-09-14 19:07 - 00000243 _____ () C:\Users\Nils\Desktop\Zombie Deck.txt
2014-09-13 01:12 - 2013-01-17 00:37 - 00000000 ____D () C:\Users\Nils\Documents\My Games
2014-09-13 00:09 - 2013-01-17 00:53 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-09-12 23:57 - 2014-09-11 23:48 - 00000475 _____ () C:\Users\Nils\Desktop\Magic Liste.txt
2014-09-12 16:13 - 2013-08-19 01:12 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-12 16:03 - 2013-01-18 00:44 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-11 19:33 - 2014-09-11 19:27 - 02266328 _____ () C:\Users\Nils\Desktop\sc0000.bmp
2014-09-07 15:30 - 2014-09-07 15:30 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\Program Files\iTunes
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\Program Files\iPod
2014-09-07 15:30 - 2014-09-07 15:30 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-07 15:27 - 2014-05-12 01:15 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Apple Computer
2014-09-05 21:48 - 2013-01-16 23:26 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\DAEMON Tools Lite
2014-09-05 21:39 - 2014-09-05 00:11 - 00000000 ____D () C:\ProgramData\Origin
2014-09-05 21:29 - 2014-09-05 00:11 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Origin
2014-09-05 00:25 - 2013-01-21 21:07 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-01 20:46 - 2013-12-15 21:21 - 00000000 ____D () C:\Users\Nils\AppData\Local\Battle.net
2014-08-31 18:26 - 2013-03-17 13:36 - 00004968 _____ () C:\Users\Nils\Documents\TombRaider.log
2014-08-31 15:58 - 2014-08-31 15:58 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-08-31 13:32 - 2013-01-16 23:24 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-26 18:23 - 2014-08-26 18:23 - 234028650 _____ () C:\Users\Nils\Desktop\IMG_1433.psd
2014-08-26 18:21 - 2014-08-26 18:21 - 274261050 _____ () C:\Users\Nils\Desktop\IMG_m.psd
2014-08-26 17:24 - 2014-08-23 12:28 - 00000000 ____D () C:\Users\Nils\AppData\Local\Adobe
2014-08-24 02:41 - 2014-07-27 04:53 - 00001080 _____ () C:\WINDOWS\system32\settingsbkup.sfm
2014-08-24 02:41 - 2014-07-27 04:53 - 00001080 _____ () C:\WINDOWS\system32\settings.sfm
2014-08-24 02:35 - 2014-02-09 15:42 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Skype
2014-08-23 02:59 - 2014-08-23 02:59 - 00000000 ____D () C:\ProgramData\McAfee

Some content of TEMP:
====================
C:\Users\Nils\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-19 14:16

==================== End Of Log ============================

Ich hab probiert es ein wenig sinnhaft zu trennen. Hoffe, das ist mir gelungen.

LG
Aislin

cosinus · 22.09.2014, 23:30

Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Aislin · 24.09.2014, 18:29

Entschuldige, dass es ein wenig gedauert hat.
Der ESET scan hat länger gedauert als erwartet.

mbam.txt

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 23.09.2014
Suchlauf-Zeit: 21:00:07
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.23.09
Rootkit Datenbank: v2014.09.19.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Nils

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 337004
Verstrichene Zeit: 5 Min, 19 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

ESET log.txt

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=39c076c050a3504facead8fd20f27df8
# engine=20265
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-23 11:40:05
# local_time=2014-09-24 01:40:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 17526 1287247 0 0
# scanned=376250
# found=4
# cleaned=0
# scan_time=15579
sh=67A75BAA7A5BBB2EEEBB99D490F00F82D0BB1E09 ft=1 fh=5d5a0ac2ab2c0a85 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe"
sh=52B652A736EB57AF2A265F20CD02E3F09C19DD02 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.SpeedingUpMyPC.A Anwendung" ac=I fn="E:\Windows Old\Andras\AppData\Local\Temp\OptimizerPro_new.zip"
sh=415788A0C3A0C0AEFFE5DC2707F00D56BC10FC86 ft=1 fh=9a01efc3b7a794b4 vn="Variante von Win32/Adware.SpeedingUpMyPC.A Anwendung" ac=I fn="E:\Windows Old\Andras\AppData\Local\Temp\1606e1353324abdcd295dfd1d5956201\OptimizerPro.exe"
sh=CA1DD1BED1A7B1F1375A9E48AF4E0685609D8B2F ft=1 fh=f9c7abb69ab91005 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="E:\Zeug\wz165gev.exe"

LG
Aislin

cosinus · 24.09.2014, 20:51

Die Funde von ESET kann man ignorieren

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Aislin · 28.09.2014, 13:10

Hey,

entschuldige bitte die verspätete Antwort. Ich hab einfach total übersehen, dass es mittlerweile eine zweite Seite hier im Thema gibt *schäm*

Hier also die Fixlog.txt:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-09-2014
Ran by Nils at 2014-09-28 14:03:48 Run:1
Running from C:\Users\Nils\Desktop\TrojanerBoardzeug
Loaded Profile: Nils (Available profiles: Nils)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
EmptyTemp:
         
*****************

EmptyTemp: => Removed 616.3 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====

Dummerweise sind leider jetzt alle offenen Tabs im Firefox flöten gegangen. Aber das stellt ja kein Problem dar.

Lieben Gruß und entschuldige nochmal dass ich deine Antwort übersehen habe.
Aislin

cosinus · 28.09.2014, 13:11

Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

Aislin · 28.09.2014, 13:17

Klingt super

Okay, dann werde ich mich mal darum kümmern und dort regelmäßig vorbeischauen.

Mit dem erneuten anmelden hab ich keine Probleme. Ist ja nur ne Sache von ein paar Sekunden. Brauche ich dann den CockieCuller?

Es läuft soweit alles wie geschmiert.

Nur eine Frage habe ich noch: Für Werbung und ähnliches habe ich momentan addblockplus. Ist das zu empfehlen? Habe da schon mal gehört, es sei nicht so gut.

Oh, und kann ich defogger wieder verwenden um die Treiber wieder zu aktivieren?

Lieben Gruß
Aislin

cosinus · 28.09.2014, 13:23

Über AdBlock+ streiten sich die Geister. Ich habs früher verwendet, mir reicht mittlerweile Ghostery und NoScript aus. defogger ist nur relevant wenn du CD/DVD Emulatorsoftware verwendest.

Dann wären wir durch!

Falls du noch Lob oder Kritik loswerden möchtest => Lob, Kritik und Wünsche - Trojaner-Board

Die Programme, die hier zum Einsatz kamen, können alle deinstalliert werden. Es empfiehlt sich Malwarebytes Anti-Malware zu behalten und damit wöchentlich nach Malware zu scannen.

Helfen kann dir dabei delfix:

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Bitte abschließend noch die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.

Microsoftupdate
Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.
Windows Vista/7: Start, Systemsteuerung, Windows-Update

PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks findest du hier => Browsers and Plugins - FilePony.de

Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.

Java-Update
Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.