| |
| |||||||
Log-Analyse und Auswertung: Seltsames Script (www.xlbz.com) auf ALLEN Seiten in ChromeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.11.2014, 07:57
| #1 |
 |  Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome Hallo, ich habe vor kurzem einen Script Blocker in Chrome installiert und habe festgestellt das auf jeder Seite ein und das selbe Script ausgeführt wird. Das Script nennt sich "www.xlbz.com". Da mir das komisch vorkam habe ich das Script erst mal auf die Blacklist gesetzt. Über Google habe ich nur diese Seite gefunden: hxxp://www.xlbz.com/. Außerdem spuckt Google in Zusammenhang mit "xlbz" dieses Ergebnis aus: "Trojan-GameThief.Win32.OnLineGames.xlbz" (ob das was mit dem Script zu tun hat weiß ich nicht). Ich habe MBAM laufen lassen - ohne Ergebnis. In anderen Browsern wird dieses Script nicht ausgeführt. Also dachte ich, lasse ich das lieber mal checken. Falls das ein Fehlalarm ist, entschuldige ich mich schon mal im voraus. Anleitung habe ich befolgt. Hier die Ergebnisse: (FRST musste ich anhängen, da der Beitrag insgesamt zu groß war) defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 06:09 on 14/11/2014 (Jaq)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
ADDITION: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2014 02
Ran by Jaq at 2014-11-14 06:26:12
Running from C:\Users\Jaq\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Clear Sky Complete (HKLM-x32\...\{Clear Sky Complete v1.1.3}}_is1) (Version: - )
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version: - Codemasters Racing Studio)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Druckerdeinstallation für EPSON BX305 Series (HKLM\...\EPSON BX305 Series) (Version: - SEIKO EPSON Corporation)
EPSON BX305 Series Handbuch (HKLM-x32\...\EPSON BX305 Series Manual) (Version: - )
EPSON BX305 Series Netzwerk-Handbuch (HKLM-x32\...\EPSON BX305 Series Network Guide) (Version: - )
Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.10.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version: - Day 1 Studios)
Full Combat Rebalance 2 version 1.2 (HKLM-x32\...\Full Combat Rebalance 2_is1) (Version: 1.2 - Andrzej Kwiatkowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{94A137EA-92EF-441C-A7E2-6757CC08EA82}) (Version: 5.0.10.2907 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.266 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.266 - LogMeIn, Inc.) Hidden
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.010 - MSI)
MyFreeCodec (HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\MyFreeCodec) (Version: - )
NVIDIA 3D Vision Controller-Treiber 344.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Perixx Gaming mouse version 1.0.6 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.6 - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
The Evil Within Demo (HKLM-x32\...\Steam App 329960) (Version: - Tango Gameworks)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Thunder Master v1.9 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.9.5.0 - Palit Microsystems Ltd.)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.7.2 - Electronic Arts)
Trine (HKLM-x32\...\Steam App 35700) (Version: - Frozenbyte)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Wolfenstein The New Order German Edition [Full Uncut] 1.0.0.1 (HKLM-x32\...\Wolfenstein The New Order German Edition [Full Uncut] 1.0.0.1) (Version: - )
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
11-11-2014 11:24:56 DirectX wurde installiert
13-11-2014 02:03:38 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0B1DBA1B-961E-4DD3-B750-70E279B9ACCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-10] (Google Inc.)
Task: {BF70730C-613D-4132-B0B5-33921E81EC46} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {F8E7372A-43BC-4E01-9757-758CB90549A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-10] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-08-10 05:34 - 2014-11-03 23:02 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-25 15:01 - 2014-08-25 15:01 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-08-25 15:01 - 2014-08-25 15:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-25 15:01 - 2014-08-25 15:01 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-25 15:01 - 2014-08-25 15:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-04-17 10:02 - 2014-04-17 10:02 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-09-27 09:51 - 2005-07-18 12:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2014-08-29 07:39 - 2014-11-11 19:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 07:39 - 2014-11-11 19:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 07:39 - 2014-11-11 19:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-10 06:22 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-08-10 06:22 - 2014-11-12 02:04 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 07:39 - 2014-11-11 19:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 07:39 - 2014-11-11 19:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-08-10 06:22 - 2014-11-12 02:04 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-08-14 12:15 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-14 12:15 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-14 12:15 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-12 17:22 - 2014-06-12 17:22 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-08-14 12:15 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-14 12:15 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-10 06:22 - 2014-11-11 19:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-10 06:29 - 2013-09-17 02:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2014-10-28 14:30 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 14:30 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 14:30 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 14:30 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-08-15 06:16 - 2014-11-11 19:48 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: AllShareAgent => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: ISCT Tray => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Ocs_SM => C:\Users\Jaq\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
MSCONFIG\startupreg: trustGTX14 => "C:\Program Files (x86)\Trust\GXT14 Mouse\POINTERGHOST.exe" showhide
========================= Accounts: ==========================
Administrator (S-1-5-21-297726166-2549663330-3191474699-500 - Administrator - Disabled)
Gast (S-1-5-21-297726166-2549663330-3191474699-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-297726166-2549663330-3191474699-1005 - Limited - Enabled)
Jaq (S-1-5-21-297726166-2549663330-3191474699-1000 - Administrator - Enabled) => C:\Users\Jaq
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/13/2014 03:06:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SDQuarantine.exe, Version 2.4.40.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ec0
Startzeit: 01cfff4646763a75
Endzeit: 10
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDQuarantine.exe
Berichts-ID:
Error: (11/13/2014 02:32:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SDQuarantine.exe, Version 2.4.40.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 4d0
Startzeit: 01cfff4604f95f93
Endzeit: 10
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDQuarantine.exe
Berichts-ID:
Error: (11/13/2014 02:30:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SDQuarantine.exe, Version 2.4.40.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: cc4
Startzeit: 01cfff4532a59be7
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDQuarantine.exe
Berichts-ID:
Error: (11/11/2014 00:24:47 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [0]
Error: (11/10/2014 03:13:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm witcher2.EXE, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1560
Startzeit: 01cffceb59804d82
Endzeit: 120
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\bin\witcher2.EXE
Berichts-ID:
Error: (11/10/2014 06:07:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm witcher2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1adc
Startzeit: 01cffca3e62f8165
Endzeit: 23
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\bin\witcher2.exe
Berichts-ID:
Error: (11/10/2014 06:06:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm witcher2.EXE, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1670
Startzeit: 01cffca3e76d0cf3
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\bin\witcher2.EXE
Berichts-ID:
Error: (11/10/2014 05:59:20 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm witcher2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: df0
Startzeit: 01cffca29ff5e4cb
Endzeit: 31
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\bin\witcher2.exe
Berichts-ID:
Error: (11/10/2014 05:59:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm witcher2.EXE, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b40
Startzeit: 01cffca2a2d8e8d7
Endzeit: 4
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\bin\witcher2.EXE
Berichts-ID:
Error: (10/29/2014 01:41:54 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "(C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)
System errors:
=============
Error: (11/14/2014 05:05:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/14/2014 05:05:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.
Error: (11/14/2014 05:04:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/14/2014 05:04:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (11/13/2014 05:16:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.
Error: (11/13/2014 05:16:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computerbrowser" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/13/2014 05:16:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Browser erreicht.
Error: (11/13/2014 00:39:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/13/2014 00:39:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (11/13/2014 00:36:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (11/13/2014 03:06:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDQuarantine.exe2.4.40.103ec001cfff4646763a7510C:\Program Files (x86)\Spybot - Search & Destroy 2\SDQuarantine.exe
Error: (11/13/2014 02:32:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDQuarantine.exe2.4.40.1034d001cfff4604f95f9310C:\Program Files (x86)\Spybot - Search & Destroy 2\SDQuarantine.exe
Error: (11/13/2014 02:30:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDQuarantine.exe2.4.40.103cc401cfff4532a59be70C:\Program Files (x86)\Spybot - Search & Destroy 2\SDQuarantine.exe
Error: (11/11/2014 00:24:47 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [0]
Error: (11/10/2014 03:13:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: witcher2.EXE0.0.0.0156001cffceb59804d82120C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\bin\witcher2.EXE
Error: (11/10/2014 06:07:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: witcher2.exe0.0.0.01adc01cffca3e62f816523C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\bin\witcher2.exe
Error: (11/10/2014 06:06:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: witcher2.EXE0.0.0.0167001cffca3e76d0cf30C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\bin\witcher2.EXE
Error: (11/10/2014 05:59:20 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: witcher2.exe0.0.0.0df001cffca29ff5e4cb31C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\bin\witcher2.exe
Error: (11/10/2014 05:59:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: witcher2.EXE0.0.0.01b4001cffca2a2d8e8d74C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\bin\witcher2.EXE
Error: (10/29/2014 01:41:54 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: (C:)Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)
CodeIntegrity Errors:
===================================
Date: 2014-10-09 05:02:50.185
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 05:02:50.122
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 05:02:35.655
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 05:02:35.493
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 04:59:39.040
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 04:59:38.968
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 04:58:03.221
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 04:58:03.150
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 04:56:13.197
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 04:56:13.120
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 48%
Total physical RAM: 8135.95 MB
Available physical RAM: 4165.19 MB
Total Pagefile: 16270.08 MB
Available Pagefile: 11194.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:335.35 GB) (Free:24.47 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (465GB) (Fixed) (Total:465.75 GB) (Free:77.47 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 335.4 GB) (Disk ID: 000E0246)
Partition 2: (Active) - (Size=335.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 8D399BC0)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
GMER: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-14 07:04:12
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 ST3360320AS rev.3.AAM 335,35GB
Running: Gmer-19357.exe; Driver: C:\Users\Jaq\AppData\Local\Temp\uwldypow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002fc1000 16 bytes [48, FF, C2, 49, FF, C8, 0F, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 545 fffff80002fc1011 2 bytes [03, CA]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075031401 2 bytes JMP 7539b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075031419 2 bytes JMP 7539b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075031431 2 bytes JMP 75418ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007503144a 2 bytes CALL 753748ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000750314dd 2 bytes JMP 754187a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000750314f5 2 bytes JMP 75418978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007503150d 2 bytes JMP 75418698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075031525 2 bytes JMP 75418a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007503153d 2 bytes JMP 7538fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075031555 2 bytes JMP 753968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007503156d 2 bytes JMP 75418f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075031585 2 bytes JMP 75418ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007503159d 2 bytes JMP 7541865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000750315b5 2 bytes JMP 7538fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000750315cd 2 bytes JMP 7539b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000750316b2 2 bytes JMP 75418e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2756] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000750316bd 2 bytes JMP 754185f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075031401 2 bytes JMP 7539b21b C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075031419 2 bytes JMP 7539b346 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075031431 2 bytes JMP 75418ea9 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007503144a 2 bytes CALL 753748ad C:\Windows\syswow64\KERNEL32.dll
.text ... * 9
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000750314dd 2 bytes JMP 754187a2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000750314f5 2 bytes JMP 75418978 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007503150d 2 bytes JMP 75418698 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075031525 2 bytes JMP 75418a62 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007503153d 2 bytes JMP 7538fca8 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075031555 2 bytes JMP 753968ef C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007503156d 2 bytes JMP 75418f61 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075031585 2 bytes JMP 75418ac2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007503159d 2 bytes JMP 7541865c C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000750315b5 2 bytes JMP 7538fd41 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000750315cd 2 bytes JMP 7539b2dc C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000750316b2 2 bytes JMP 75418e24 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000750316bd 2 bytes JMP 754185f1 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075031401 2 bytes JMP 7539b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075031419 2 bytes JMP 7539b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075031431 2 bytes JMP 75418ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007503144a 2 bytes CALL 753748ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000750314dd 2 bytes JMP 754187a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000750314f5 2 bytes JMP 75418978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007503150d 2 bytes JMP 75418698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075031525 2 bytes JMP 75418a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007503153d 2 bytes JMP 7538fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075031555 2 bytes JMP 753968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007503156d 2 bytes JMP 75418f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075031585 2 bytes JMP 75418ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007503159d 2 bytes JMP 7541865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000750315b5 2 bytes JMP 7538fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000750315cd 2 bytes JMP 7539b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000750316b2 2 bytes JMP 75418e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[576] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000750316bd 2 bytes JMP 754185f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\vmnat.exe[4040] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 4 0000000074c513b0 2 bytes JMP 75b85660 C:\Windows\syswow64\SHELL32.dll
.text C:\Windows\SysWOW64\vmnat.exe[4040] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 20 0000000074c513c0 2 bytes CALL 75549cee C:\Windows\syswow64\msvcrt.dll
.text ... * 20
.text C:\Windows\SysWOW64\vmnat.exe[4040] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 22 0000000074c5153e 2 bytes CALL 75c1777c C:\Windows\syswow64\SHELL32.dll
.text C:\Windows\SysWOW64\vmnat.exe[4040] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 43 0000000074c51553 2 bytes CALL 753710ff C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075031401 2 bytes JMP 7539b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075031419 2 bytes JMP 7539b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075031431 2 bytes JMP 75418ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007503144a 2 bytes CALL 753748ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000750314dd 2 bytes JMP 754187a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000750314f5 2 bytes JMP 75418978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007503150d 2 bytes JMP 75418698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075031525 2 bytes JMP 75418a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007503153d 2 bytes JMP 7538fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075031555 2 bytes JMP 753968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007503156d 2 bytes JMP 75418f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075031585 2 bytes JMP 75418ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007503159d 2 bytes JMP 7541865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000750315b5 2 bytes JMP 7538fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000750315cd 2 bytes JMP 7539b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000750316b2 2 bytes JMP 75418e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2752] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000750316bd 2 bytes JMP 754185f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000075031401 2 bytes JMP 7539b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000075031419 2 bytes JMP 7539b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000075031431 2 bytes JMP 75418ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 000000007503144a 2 bytes CALL 753748ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 00000000750314dd 2 bytes JMP 754187a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 00000000750314f5 2 bytes JMP 75418978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 000000007503150d 2 bytes JMP 75418698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000075031525 2 bytes JMP 75418a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 000000007503153d 2 bytes JMP 7538fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000075031555 2 bytes JMP 753968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 000000007503156d 2 bytes JMP 75418f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000075031585 2 bytes JMP 75418ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 000000007503159d 2 bytes JMP 7541865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 00000000750315b5 2 bytes JMP 7538fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 00000000750315cd 2 bytes JMP 7539b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 00000000750316b2 2 bytes JMP 75418e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[5252] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 00000000750316bd 2 bytes JMP 754185f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075031401 2 bytes JMP 7539b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075031419 2 bytes JMP 7539b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075031431 2 bytes JMP 75418ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007503144a 2 bytes CALL 753748ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000750314dd 2 bytes JMP 754187a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000750314f5 2 bytes JMP 75418978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007503150d 2 bytes JMP 75418698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075031525 2 bytes JMP 75418a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007503153d 2 bytes JMP 7538fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075031555 2 bytes JMP 753968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007503156d 2 bytes JMP 75418f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075031585 2 bytes JMP 75418ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007503159d 2 bytes JMP 7541865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000750315b5 2 bytes JMP 7538fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000750315cd 2 bytes JMP 7539b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000750316b2 2 bytes JMP 75418e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[6452] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000750316bd 2 bytes JMP 754185f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075031401 2 bytes JMP 7539b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075031419 2 bytes JMP 7539b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075031431 2 bytes JMP 75418ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007503144a 2 bytes CALL 753748ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000750314dd 2 bytes JMP 754187a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000750314f5 2 bytes JMP 75418978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007503150d 2 bytes JMP 75418698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075031525 2 bytes JMP 75418a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007503153d 2 bytes JMP 7538fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075031555 2 bytes JMP 753968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007503156d 2 bytes JMP 75418f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075031585 2 bytes JMP 75418ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007503159d 2 bytes JMP 7541865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000750315b5 2 bytes JMP 7538fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000750315cd 2 bytes JMP 7539b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000750316b2 2 bytes JMP 75418e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3748] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000750316bd 2 bytes JMP 754185f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075031401 2 bytes JMP 7539b21b C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075031419 2 bytes JMP 7539b346 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075031431 2 bytes JMP 75418ea9 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007503144a 2 bytes CALL 753748ad C:\Windows\syswow64\KERNEL32.dll
.text ... * 9
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000750314dd 2 bytes JMP 754187a2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000750314f5 2 bytes JMP 75418978 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007503150d 2 bytes JMP 75418698 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075031525 2 bytes JMP 75418a62 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007503153d 2 bytes JMP 7538fca8 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075031555 2 bytes JMP 753968ef C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007503156d 2 bytes JMP 75418f61 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075031585 2 bytes JMP 75418ac2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007503159d 2 bytes JMP 7541865c C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000750315b5 2 bytes JMP 7538fd41 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000750315cd 2 bytes JMP 7539b2dc C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000750316b2 2 bytes JMP 75418e24 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[4400] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000750316bd 2 bytes JMP 754185f1 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075031401 2 bytes JMP 7539b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075031419 2 bytes JMP 7539b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075031431 2 bytes JMP 75418ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007503144a 2 bytes CALL 753748ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000750314dd 2 bytes JMP 754187a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000750314f5 2 bytes JMP 75418978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007503150d 2 bytes JMP 75418698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075031525 2 bytes JMP 75418a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007503153d 2 bytes JMP 7538fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075031555 2 bytes JMP 753968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007503156d 2 bytes JMP 75418f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075031585 2 bytes JMP 75418ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007503159d 2 bytes JMP 7541865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000750315b5 2 bytes JMP 7538fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000750315cd 2 bytes JMP 7539b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000750316b2 2 bytes JMP 75418e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000750316bd 2 bytes JMP 754185f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075031401 2 bytes JMP 7539b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075031419 2 bytes JMP 7539b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075031431 2 bytes JMP 75418ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007503144a 2 bytes CALL 753748ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000750314dd 2 bytes JMP 754187a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000750314f5 2 bytes JMP 75418978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007503150d 2 bytes JMP 75418698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075031525 2 bytes JMP 75418a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007503153d 2 bytes JMP 7538fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075031555 2 bytes JMP 753968ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007503156d 2 bytes JMP 75418f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075031585 2 bytes JMP 75418ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007503159d 2 bytes JMP 7541865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000750315b5 2 bytes JMP 7538fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000750315cd 2 bytes JMP 7539b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000750316b2 2 bytes JMP 75418e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[5456] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000750316bd 2 bytes JMP 754185f1 C:\Windows\syswow64\kernel32.dll
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6398E31B-1811-405F-8FBA-6767784B1FCA}@LeaseObtainedTime 1415944335
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6398E31B-1811-405F-8FBA-6767784B1FCA}@T1 1415944462
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6398E31B-1811-405F-8FBA-6767784B1FCA}@T2 1415944558
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6398E31B-1811-405F-8FBA-6767784B1FCA}@LeaseTerminatesTime 1415944590
---- EOF - GMER 2.1 ----
|
|
14.11.2014, 08:10
| #2 |
| /// the machine /// TB-Ausbilder    | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
14.11.2014, 08:23
| #3 |
| | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome Alles klar.
__________________FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-11-2014 02
Ran by Jaq (administrator) on JAQ-PC on 14-11-2014 06:30:15
Running from C:\Users\Jaq\Desktop
Loaded Profile: Jaq (Available profiles: Jaq)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BioWare) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-11-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2163496 2013-07-03] (Palit Microsystems Ltd.)
HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [EPSON BX305 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-12] (Valve Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-08-12] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Jaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Steam.lnk
ShortcutTarget: Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x86BD4C315AB4CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKCU - {3EFA2B2D-A3AE-416C-81E0-D4847C70B29D} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=fced5176-6914-444b-9042-4c2d48300dd7&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {9EF0CAAF-82BB-41F5-9CAF-BDC294DC05DA} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=fced5176-6914-444b-9042-4c2d48300dd7&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {A4251600-6939-4DC3-B855-03D8EE3CB5AB} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=fced5176-6914-444b-9042-4c2d48300dd7&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {BA740A2E-2561-42FB-86EC-922E830A3E16} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=fced5176-6914-444b-9042-4c2d48300dd7&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {C2AA90E7-C72A-4946-B24B-568018730584} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=fced5176-6914-444b-9042-4c2d48300dd7&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {FE892DD6-CF8A-4EB3-9BB3-7AEB41F1DB0D} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=fced5176-6914-444b-9042-4c2d48300dd7&pid=chipde&mode=bounce&k=0
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Jaq\AppData\Roaming\Mozilla\Firefox\Profiles\jpii4kx0.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Jaq\AppData\Roaming\Mozilla\Firefox\Profiles\jpii4kx0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-30]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Script Blocker for Chrome™) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchmnmjneadkakfihibdbepehaflop [2014-10-29]
CHR Extension: (Google*Übersetzer) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-11-08]
CHR Extension: (Google Docs) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-10]
CHR Extension: (Google Drive) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-29]
CHR Extension: (YouTube) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-10]
CHR Extension: (Google-Suche) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-10]
CHR Extension: (Avira Browser Safety) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-10]
CHR Extension: (AdBlock Premium) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-08-10]
CHR Extension: (HTTPS Everywhere) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-08-10]
CHR Extension: (AdBlock) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-10]
CHR Extension: (Google Wallet) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-10]
CHR Extension: (Google Mail) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-10]
CHR Extension: (VLC Media Player Plugin) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppilgeedpldmjoimolkamejgkibaepij [2014-10-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-04] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 DAUpdaterSvc; C:\Program Files (x86)\Origin Games\Dragon Age\\bin_ship\daupdatersvc.service.exe [25832 2009-12-15] (BioWare)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-10-21] (LogMeIn, Inc.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1723856 2014-09-18] (Micro-Star International)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [82096 2014-04-10] (Qualcomm Atheros, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-02] (Disc Soft Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-02-03] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 FLASHSYS; \??\C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-14 06:26 - 2014-11-14 06:26 - 00036461 _____ () C:\Users\Jaq\Desktop\Addition.txt
2014-11-14 06:24 - 2014-11-14 06:30 - 00023377 _____ () C:\Users\Jaq\Desktop\FRST.txt
2014-11-14 06:09 - 2014-11-14 06:10 - 02116608 _____ (Farbar) C:\Users\Jaq\Desktop\FRST64.exe
2014-11-14 06:08 - 2014-11-14 06:09 - 00000468 _____ () C:\Users\Jaq\Desktop\defogger_disable.log
2014-11-14 06:08 - 2014-11-14 06:08 - 00000000 _____ () C:\Users\Jaq\defogger_reenable
2014-11-14 06:07 - 2014-11-14 06:07 - 00050477 _____ () C:\Users\Jaq\Desktop\Defogger.exe
2014-11-14 05:19 - 2014-11-14 05:19 - 00002037 _____ () C:\Users\Jaq\Desktop\JDownloader.lnk
2014-11-14 05:19 - 2014-11-14 05:19 - 00002001 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-11-14 05:19 - 2014-11-14 05:19 - 00001945 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-11-14 05:19 - 2014-11-14 05:19 - 00001924 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-11-14 04:46 - 2014-11-03 21:25 - 00615568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-14 04:43 - 2014-11-04 01:04 - 31891784 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 24555208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 20923712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 17259848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 14031448 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 13943904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 13207184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-14 04:43 - 2014-11-04 01:04 - 11397208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 11335408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 04289168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 04009672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434465.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434465.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00962704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00922256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00898192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00870624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00391824 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00349504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-11-13 14:25 - 2014-11-14 05:30 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-11-13 14:25 - 2014-11-13 14:23 - 00269476 _____ () C:\Quarantine.lst
2014-11-13 14:25 - 2014-11-13 14:23 - 00005532 _____ () C:\Quarantine.reg
2014-11-12 07:19 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 07:19 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 07:19 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 07:19 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 07:19 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 07:19 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 07:19 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 07:19 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 07:19 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 07:19 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 07:19 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 07:19 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 07:19 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 07:19 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 07:19 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 07:19 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 07:19 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 07:19 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 07:19 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 07:19 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 07:19 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 07:19 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 07:19 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 07:19 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 07:19 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 07:19 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 07:19 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 07:19 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 07:19 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 07:19 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 07:19 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 07:19 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 07:19 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:19 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 07:19 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 07:19 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 07:19 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 07:19 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 07:19 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 07:19 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 07:19 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 07:19 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 07:19 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 07:19 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 07:19 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 07:19 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 07:19 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 07:19 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 07:19 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 07:19 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 07:19 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 07:19 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 07:19 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 07:19 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 07:19 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 07:19 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 07:19 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 07:19 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 07:19 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 07:19 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 07:19 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 07:19 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 07:19 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 07:19 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 07:19 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 07:19 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:19 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 07:19 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 07:18 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 07:18 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 07:18 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 07:18 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 07:18 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 07:18 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 07:18 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 07:18 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 07:18 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 07:18 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 07:18 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 07:18 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 07:18 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 07:18 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 07:18 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 07:18 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:18 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:18 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 07:18 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 07:17 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 07:17 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 12:24 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-11-11 12:24 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-11-10 12:07 - 2014-11-04 01:04 - 18514080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-10 12:07 - 2014-10-30 05:53 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434460.dll
2014-11-10 12:07 - 2014-10-30 05:53 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434460.dll
2014-11-10 12:03 - 2014-11-10 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-11-10 12:03 - 2014-11-10 12:03 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-11-07 10:42 - 2014-11-06 19:27 - 293455465 _____ () C:\Users\Jaq\Desktop\PMP3970B_20140826_v1.0.14.zip
2014-11-07 06:25 - 2014-11-07 07:02 - 00000000 ____D () C:\Users\Jaq\Desktop\Neuer Ordner
2014-11-06 10:33 - 2014-11-06 10:54 - 00000000 ____D () C:\Users\Jaq\Desktop\CookedPC
2014-11-06 10:26 - 2014-11-06 12:12 - 00000000 ____D () C:\Users\Jaq\Desktop\Witcher 2 Mods
2014-11-05 09:41 - 2014-11-11 12:08 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-03 21:50 - 2014-11-03 21:51 - 00000000 ____D () C:\Users\Jaq\AppData\Local\Adobe
2014-11-03 20:30 - 2014-11-13 14:07 - 00000000 ____D () C:\Users\Jaq\Documents\Witcher 2
2014-11-03 20:30 - 2014-11-03 20:30 - 00000000 ____D () C:\Users\Jaq\AppData\Local\The Witcher 2
2014-11-03 20:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-11-03 20:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-11-03 20:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-11-03 20:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-11-03 20:29 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-11-03 20:29 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-11-03 20:29 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-11-03 20:29 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-11-03 20:29 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-11-03 20:29 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-11-03 20:29 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-11-03 20:29 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-11-03 20:29 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-11-03 20:29 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-11-03 20:29 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-11-03 20:29 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-11-03 20:29 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-11-03 20:29 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-11-03 20:29 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-11-03 20:29 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-10-31 12:20 - 2014-10-31 12:20 - 00000222 _____ () C:\Users\Jaq\Desktop\The Evil Within Demo.url
2014-10-31 11:26 - 2014-10-31 11:26 - 00000000 ____D () C:\Users\Jaq\AppData\Roaming\XRay Engine
2014-10-31 10:51 - 2014-10-31 10:51 - 00000000 ____D () C:\Users\Public\Documents\STALKER-STCS
2014-10-31 09:26 - 2014-10-31 09:26 - 00000221 _____ () C:\Users\Jaq\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url
2014-10-30 15:25 - 2014-10-30 15:26 - 00000000 ____D () C:\Users\Jaq\AppData\Roaming\Trine1
2014-10-30 15:24 - 2014-10-30 15:24 - 00000560 _____ () C:\Windows\wmsetup.log
2014-10-30 15:24 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-10-30 15:24 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-10-30 15:24 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-10-30 15:24 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-10-30 15:24 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-10-30 15:24 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-10-30 15:24 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-10-30 15:24 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-10-30 15:24 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-10-30 15:24 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-10-30 15:24 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-10-30 15:24 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-10-30 15:23 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-10-30 15:23 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-10-30 15:23 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-10-30 15:23 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-10-30 15:23 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-10-30 15:23 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-10-30 15:23 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-10-30 15:23 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-10-30 15:23 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-10-30 15:23 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-10-30 15:23 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-10-30 15:23 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-10-30 15:23 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-10-30 15:23 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-10-30 15:23 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-10-30 15:23 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-10-30 15:23 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-10-30 15:23 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-10-30 15:23 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-10-30 15:23 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-10-30 15:23 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-10-30 15:23 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-10-30 15:23 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-10-30 15:23 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-10-30 15:23 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-10-30 15:23 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-10-30 15:23 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-10-30 15:23 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-10-30 15:23 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-10-30 15:23 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-10-30 15:23 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-10-30 15:23 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-10-30 15:23 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-10-30 15:23 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-10-30 15:23 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-10-30 15:23 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-10-30 15:23 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-10-30 15:23 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-10-30 15:23 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-10-30 15:23 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-10-30 15:23 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-10-30 15:23 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-10-30 15:23 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-10-30 15:23 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-10-30 15:23 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-10-30 15:23 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-10-30 15:23 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-10-30 15:23 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-10-30 15:23 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-10-30 15:23 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-10-30 15:23 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-10-30 15:23 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-10-30 15:23 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-10-30 15:23 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-10-30 15:23 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-10-30 15:23 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-10-30 15:23 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-10-30 15:23 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-10-30 15:23 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-10-30 15:23 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-10-30 15:23 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-10-30 15:23 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-10-30 15:23 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-10-30 15:23 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-10-30 15:23 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-10-30 15:23 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-10-30 15:23 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-10-30 15:23 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-10-30 15:23 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-10-30 15:23 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-10-30 15:23 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-10-30 15:23 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-10-30 15:23 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-10-30 15:23 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-10-30 15:23 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-10-30 15:23 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-10-30 15:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-10-30 15:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-10-30 15:23 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-10-30 15:23 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-10-30 15:23 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-10-30 15:23 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-10-30 15:23 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-10-30 15:23 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-10-30 15:23 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-10-30 15:23 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-10-30 15:23 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-10-30 15:23 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-10-30 15:23 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-10-30 15:23 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-10-30 15:23 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-10-30 15:23 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-10-30 15:23 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-10-30 15:23 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-10-30 15:22 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-10-30 15:22 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-10-30 15:22 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-10-30 15:22 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-10-30 15:22 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-10-30 15:22 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-10-30 15:22 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-10-30 15:22 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-10-30 15:22 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-10-30 15:22 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-10-30 15:22 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-10-30 15:22 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-10-30 15:22 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-10-30 15:22 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-10-30 15:22 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-10-30 15:22 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-10-30 15:22 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-10-30 15:22 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-10-30 15:12 - 2014-10-30 15:12 - 00000221 _____ () C:\Users\Jaq\Desktop\Trine.url
2014-10-30 07:29 - 2014-10-30 07:29 - 00000000 ____D () C:\ProgramData\Codemasters
2014-10-30 07:28 - 2014-10-30 07:28 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-10-30 07:28 - 2014-10-30 07:28 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-10-30 07:28 - 2014-10-30 07:28 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-10-30 07:28 - 2014-10-30 07:28 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-10-30 07:28 - 2014-10-30 07:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
2014-10-30 07:28 - 2014-10-30 07:28 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-10-30 07:28 - 2014-10-30 07:28 - 00000000 ____D () C:\Program Files (x86)\BRS
2014-10-30 07:28 - 2011-09-05 20:57 - 01306624 _____ (Blue Ripple Sound Limited) C:\Windows\SysWOW64\rapture3d_oal.dll
2014-10-30 07:28 - 2010-09-22 14:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\SysWOW64\mkl_blueripple.dll
2014-10-30 07:28 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-10-30 07:28 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-10-30 07:28 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-10-30 07:28 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-10-30 07:28 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-10-30 07:28 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-10-30 07:28 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-10-30 07:28 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-10-30 06:56 - 2014-10-30 06:56 - 00000222 _____ () C:\Users\Jaq\Desktop\DiRT Showdown.url
2014-10-30 06:41 - 2014-10-30 06:41 - 00000000 __SHD () C:\Users\Jaq\AppData\Local\EmieUserList
2014-10-30 06:41 - 2014-10-30 06:41 - 00000000 __SHD () C:\Users\Jaq\AppData\Local\EmieSiteList
2014-10-30 06:41 - 2014-10-16 17:54 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434448.dll
2014-10-30 06:41 - 2014-10-16 17:54 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434448.dll
2014-10-30 06:37 - 2014-10-30 06:37 - 00000513 _____ () C:\Users\Jaq\Desktop\Programme und Funktionen - Verknüpfung.lnk
2014-10-21 18:03 - 2014-10-21 18:03 - 00000000 ____D () C:\ProgramData\BioWare
2014-10-21 17:57 - 2014-10-21 17:59 - 00008551 _____ () C:\Users\Jaq\Documents\Dragon Age Origins Addins Repair.log
2014-10-21 17:57 - 2014-10-21 17:57 - 00002789 _____ () C:\Users\Jaq\Documents\Dragon Age Origins Service Diagnostic.log
2014-10-21 14:36 - 2009-03-18 17:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-10-18 19:24 - 2014-10-18 19:24 - 00001178 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-10-17 19:18 - 2014-10-17 19:19 - 00000000 ____D () C:\Users\Jaq\AppData\Local\PAYDAY 2
2014-10-17 15:59 - 2014-10-17 15:59 - 00000000 ____D () C:\Users\Jaq\AppData\Local\DDMSettings
2014-10-17 10:17 - 2014-10-17 10:16 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-17 10:16 - 2014-10-17 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-17 10:16 - 2014-10-17 10:16 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-17 10:16 - 2014-10-17 10:16 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-17 10:16 - 2014-10-17 10:16 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-17 10:16 - 2014-10-17 10:16 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-15 23:13 - 2014-10-15 23:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-15 17:28 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 17:28 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 17:28 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 17:28 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 17:28 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 17:28 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 17:28 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 17:28 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 17:28 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 17:28 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 17:28 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 17:28 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 17:28 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 17:28 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 17:28 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 17:28 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 17:28 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 17:28 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 17:28 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 17:28 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 17:28 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 17:28 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 17:28 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 17:28 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 17:28 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 17:28 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 17:28 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 17:28 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 17:28 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 17:28 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 17:28 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 17:28 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 17:28 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 17:28 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 17:28 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 17:28 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 17:28 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 17:28 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 17:28 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 17:28 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 17:28 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 17:28 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 17:27 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 17:27 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 17:27 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 17:27 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 17:27 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 17:27 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 17:27 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 17:27 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 17:27 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 17:27 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 17:27 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-14 06:30 - 2014-01-15 13:08 - 00000000 ____D () C:\FRST
2014-11-14 06:29 - 2014-08-10 06:17 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-14 06:16 - 2014-08-10 07:27 - 00000000 ____D () C:\Users\Jaq\AppData\Roaming\Skype
2014-11-14 06:08 - 2014-08-09 22:00 - 00000000 ____D () C:\Users\Jaq
2014-11-14 05:58 - 2014-08-18 20:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-14 05:53 - 2009-07-14 05:51 - 00086295 _____ () C:\Windows\setupact.log
2014-11-14 05:48 - 2014-08-10 06:22 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-14 05:14 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-14 05:14 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-14 05:10 - 2014-08-09 21:36 - 01922558 _____ () C:\Windows\WindowsUpdate.log
2014-11-14 05:07 - 2014-09-27 11:54 - 00000000 ____D () C:\Users\Jaq\AppData\Local\LogMeIn Hamachi
2014-11-14 05:05 - 2014-09-03 10:54 - 00000000 ____D () C:\ProgramData\VMware
2014-11-14 05:04 - 2014-08-10 06:17 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-14 05:03 - 2014-08-11 02:20 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-11-14 05:03 - 2014-08-10 07:16 - 00388214 _____ () C:\Windows\PFRO.log
2014-11-14 05:03 - 2014-08-10 05:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-14 05:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-14 04:47 - 2014-08-10 05:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-14 04:46 - 2014-08-10 05:33 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-13 14:25 - 2014-08-14 12:15 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-13 14:07 - 2014-08-14 12:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-13 13:46 - 2009-07-14 18:58 - 00702138 _____ () C:\Windows\system32\perfh007.dat
2014-11-13 13:46 - 2009-07-14 18:58 - 00150804 _____ () C:\Windows\system32\perfc007.dat
2014-11-13 13:46 - 2009-07-14 06:13 - 01628890 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 04:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 03:35 - 2009-07-14 05:45 - 00294640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 03:33 - 2014-08-11 03:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 03:15 - 2014-08-30 08:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:07 - 2014-08-30 08:01 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 14:58 - 2014-08-18 20:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 14:58 - 2014-08-18 20:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 14:58 - 2014-08-18 20:24 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 10:09 - 2014-09-21 15:55 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-11 12:08 - 2014-08-10 06:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-11 12:08 - 2014-08-10 06:41 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-11 12:08 - 2014-08-10 06:31 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-10 12:03 - 2014-09-27 11:53 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-11-07 06:43 - 2014-08-10 05:31 - 00537847 _____ () C:\Windows\DirectX.log
2014-11-06 18:06 - 2014-08-10 06:56 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-11-06 18:06 - 2014-08-10 06:56 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-11-06 18:06 - 2014-08-10 06:56 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-11-06 18:06 - 2014-08-10 06:56 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-11-06 09:05 - 2014-08-10 07:27 - 00000000 ____D () C:\ProgramData\Skype
2014-11-04 01:04 - 2014-08-10 07:05 - 20985544 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-04 01:04 - 2014-08-10 07:05 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-04 01:04 - 2014-08-10 05:33 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-04 01:04 - 2014-08-10 05:33 - 02849736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-04 01:04 - 2014-08-10 05:33 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-11-04 01:04 - 2014-08-10 05:33 - 00059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-11-04 01:04 - 2014-08-10 05:33 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-11-04 01:04 - 2014-08-10 05:32 - 03238040 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-04 01:04 - 2014-08-10 05:32 - 00987520 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-03 23:02 - 2014-08-10 05:34 - 06882448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-03 23:02 - 2014-08-10 05:34 - 03531464 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-03 23:02 - 2014-08-10 05:34 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-03 23:02 - 2014-08-10 05:34 - 00935232 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-03 23:02 - 2014-08-10 05:34 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-03 23:02 - 2014-08-10 05:34 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-03 12:58 - 2014-08-10 05:34 - 04099264 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-01 08:22 - 2014-09-30 08:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-30 07:29 - 2014-01-10 00:29 - 00000000 ____D () C:\Users\Jaq\Documents\My Games
2014-10-30 07:29 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-30 06:38 - 2014-10-07 08:52 - 00000000 ____D () C:\Program Files (x86)\Mittelerde Mordors Schatten Premium Edition
2014-10-29 12:57 - 2014-08-14 14:05 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-29 12:57 - 2014-08-14 14:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-10-29 08:30 - 2014-10-13 12:40 - 00000000 ____D () C:\ProgramData\Origin
2014-10-29 08:30 - 2014-10-13 12:40 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-28 14:30 - 2014-08-10 06:18 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-23 15:16 - 2014-09-27 11:54 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-10-18 16:14 - 2014-10-13 12:41 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-10-18 10:45 - 2014-01-13 10:05 - 00000000 ____D () C:\AdwCleaner
2014-10-18 10:24 - 2014-08-10 06:17 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 10:24 - 2014-08-10 06:17 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 15:58 - 2014-08-20 16:26 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-10-17 15:58 - 2014-08-20 16:25 - 00000000 ____D () C:\ProgramData\DivX
2014-10-17 10:17 - 2014-09-23 13:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-16 08:09 - 2014-10-13 12:40 - 00000000 ____D () C:\Users\Jaq\AppData\Roaming\Origin
2014-10-16 08:06 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-16 07:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 07:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
Some content of TEMP:
====================
C:\Users\Jaq\AppData\Local\Temp\130604122654814830.exe
C:\Users\Jaq\AppData\Local\Temp\avgnt.exe
C:\Users\Jaq\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jaq\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Jaq\AppData\Local\Temp\nvStInst.exe
C:\Users\Jaq\AppData\Local\Temp\_is7FBE.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 13:23
==================== End Of Log ============================
--- --- --- |
|
15.11.2014, 10:00
| #4 |
| /// the machine /// TB-Ausbilder | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.11.2014, 13:28
| #5 |
| | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome Hallo, habe Spybot und Antivir Echtzeitscanner deaktiviert, nach Start von Combofix hat AntiVir dann noch einen AutoRun Prozeß geblockt, also hab ich das auch ausgeschaltet. Außerdem hat Combofix dann trotzdem noch über den Echtzeitscanner von SpyBot gemeckert, also habe ich in Ermangelung einer besseren Lösung SpyBot deinstalliert und danach mit Combofix weitergemacht. Der Scan hat mindestens 20min gedauert und der Neustart des Rechners ging ohne Fehlermeldung vonstatten. Hier der Logfile: Code:
ATTFilter ComboFix 14-11-15.01 - Jaq 15.11.2014 12:42:27.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8136.5745 [GMT 1:00]
ausgeführt von:: c:\users\Jaq\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jaq\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-10-15 bis 2014-11-15 ))))))))))))))))))))))))))))))
.
.
2014-11-15 12:05 . 2014-11-15 12:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-14 03:46 . 2014-11-03 20:25 615568 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-11-13 13:25 . 2014-11-14 04:30 -------- d-----w- c:\program files (x86)\JDownloader
2014-11-13 13:25 . 2014-11-13 13:23 5532 ----a-w- C:\Quarantine.reg
2014-11-12 06:18 . 2014-08-21 06:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2014-11-12 06:17 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-12 06:17 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-11 11:24 . 2014-10-03 19:23 38216 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-11-11 11:24 . 2014-10-03 19:23 32584 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-11-10 11:07 . 2014-11-04 00:04 18514080 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-11-10 11:07 . 2014-10-30 04:53 1876296 ----a-w- c:\windows\system32\nvdispco6434460.dll
2014-11-10 11:07 . 2014-10-30 04:53 1539272 ----a-w- c:\windows\system32\nvdispgenco6434460.dll
2014-11-10 11:03 . 2014-11-10 11:03 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-11-03 20:50 . 2014-11-03 20:51 -------- d-----w- c:\users\Jaq\AppData\Local\Adobe
2014-11-03 19:30 . 2014-11-03 19:30 -------- d-----w- c:\users\Jaq\AppData\Local\The Witcher 2
2014-11-03 19:30 . 2010-06-02 03:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2014-11-03 19:30 . 2010-06-02 03:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2014-11-03 19:30 . 2010-06-02 03:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2014-11-03 19:30 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-10-31 10:26 . 2014-10-31 10:26 -------- d-----w- c:\users\Jaq\AppData\Roaming\XRay Engine
2014-10-30 14:25 . 2014-10-30 14:26 -------- d-----w- c:\users\Jaq\AppData\Roaming\Trine1
2014-10-30 14:24 . 2009-03-09 14:27 520544 ----a-w- c:\windows\system32\d3dx10_41.dll
2014-10-30 14:24 . 2009-03-09 14:27 453456 ----a-w- c:\windows\SysWow64\d3dx10_41.dll
2014-10-30 14:24 . 2009-03-09 14:27 2430312 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2014-10-30 14:24 . 2009-03-09 14:27 1846632 ----a-w- c:\windows\SysWow64\D3DCompiler_41.dll
2014-10-30 14:24 . 2009-03-09 14:27 5425496 ----a-w- c:\windows\system32\D3DX9_41.dll
2014-10-30 14:24 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2014-10-30 14:24 . 2009-03-16 13:18 521560 ----a-w- c:\windows\system32\XAudio2_4.dll
2014-10-30 14:24 . 2009-03-16 13:18 517448 ----a-w- c:\windows\SysWow64\XAudio2_4.dll
2014-10-30 14:24 . 2009-03-16 13:18 235352 ----a-w- c:\windows\SysWow64\xactengine3_4.dll
2014-10-30 14:24 . 2009-03-16 13:18 174936 ----a-w- c:\windows\system32\xactengine3_4.dll
2014-10-30 14:24 . 2009-03-16 13:18 24920 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2014-10-30 14:24 . 2009-03-16 13:18 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_6.dll
2014-10-30 14:22 . 2006-03-31 11:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2014-10-30 06:29 . 2014-10-30 06:29 -------- d-----w- c:\programdata\Codemasters
2014-10-30 05:41 . 2014-10-16 16:54 1876296 ----a-w- c:\windows\system32\nvdispco6434448.dll
2014-10-30 05:41 . 2014-10-16 16:54 1539272 ----a-w- c:\windows\system32\nvdispgenco6434448.dll
2014-10-30 05:41 . 2014-10-30 05:41 -------- d-sh--w- c:\users\Jaq\AppData\Local\EmieUserList
2014-10-30 05:41 . 2014-10-30 05:41 -------- d-sh--w- c:\users\Jaq\AppData\Local\EmieSiteList
2014-10-21 17:03 . 2014-10-21 17:03 -------- d-----w- c:\programdata\BioWare
2014-10-21 16:57 . 2014-10-21 16:57 -------- d-----w- c:\program files (x86)\Common Files\BioWare
2014-10-21 13:36 . 2009-03-18 16:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2014-10-17 18:18 . 2014-10-17 18:19 -------- d-----w- c:\users\Jaq\AppData\Local\PAYDAY 2
2014-10-17 14:59 . 2014-10-17 14:59 -------- d-----w- c:\users\Jaq\AppData\Local\DDMSettings
2014-10-17 09:17 . 2014-10-17 09:17 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-10-17 09:16 . 2014-10-17 09:16 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-17 09:16 . 2014-10-17 09:16 -------- d-----w- c:\program files (x86)\Java
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-13 02:07 . 2014-08-30 07:01 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-11-12 13:58 . 2014-08-18 19:24 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-12 13:58 . 2014-08-18 19:24 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-12 09:09 . 2014-09-21 14:55 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-06 17:06 . 2014-08-10 05:56 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-11-06 17:06 . 2014-08-10 05:56 2197680 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-11-06 17:06 . 2014-08-10 05:56 2800296 ----a-w- c:\windows\system32\nvspcap64.dll
2014-11-06 17:06 . 2014-08-10 05:56 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-11-04 00:04 . 2014-08-10 06:05 20985544 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-11-04 00:04 . 2014-08-10 06:05 19966344 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-11-04 00:04 . 2014-08-10 04:33 73872 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-04 00:04 . 2014-08-10 04:33 59592 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-04 00:04 . 2014-08-10 04:33 2849736 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-11-04 00:04 . 2014-08-10 04:33 16884632 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-11-04 00:04 . 2014-08-10 04:32 987520 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-11-04 00:04 . 2014-08-10 04:32 3238040 ----a-w- c:\windows\system32\nvapi64.dll
2014-11-03 22:02 . 2014-08-10 04:34 6882448 ----a-w- c:\windows\system32\nvcpl.dll
2014-11-03 22:02 . 2014-08-10 04:34 3531464 ----a-w- c:\windows\system32\nvsvc64.dll
2014-11-03 22:02 . 2014-08-10 04:34 935232 ----a-w- c:\windows\system32\nvvsvc.exe
2014-11-03 22:02 . 2014-08-10 04:34 61640 ----a-w- c:\windows\system32\nvshext.dll
2014-11-03 22:02 . 2014-08-10 04:34 385352 ----a-w- c:\windows\system32\nvmctray.dll
2014-11-03 22:02 . 2014-08-10 04:34 2558792 ----a-w- c:\windows\system32\nvsvcr.dll
2014-11-03 11:58 . 2014-08-10 04:34 4099264 ----a-w- c:\windows\system32\nvcoproc.bin
2014-10-09 08:44 . 2014-08-14 10:00 43064 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-10-09 08:44 . 2014-08-10 05:43 131608 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-10-09 08:44 . 2014-08-10 05:43 119272 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-10-03 19:23 . 2014-08-10 05:56 35144 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-10-01 10:11 . 2014-08-14 13:05 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 10:11 . 2014-08-14 13:05 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 10:11 . 2014-08-14 13:05 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-25 10:51 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2014-09-25 10:51 . 2009-08-18 09:24 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-09-25 02:08 . 2014-10-01 06:56 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 06:56 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-17 04:51 . 2014-09-19 07:19 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2014-09-17 04:51 . 2014-09-19 07:19 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2014-09-17 04:51 . 2014-08-10 04:38 1538880 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-09-13 23:48 . 2014-09-19 07:19 1876296 ----a-w- c:\windows\system32\nvdispco6434411.dll
2014-09-13 23:48 . 2014-09-19 07:19 1539272 ----a-w- c:\windows\system32\nvdispgenco6434411.dll
2014-09-09 22:11 . 2014-09-24 07:36 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 07:36 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-05 02:11 . 2014-10-15 16:27 6584320 ----a-w- c:\windows\system32\mstscax.dll
2014-09-05 01:52 . 2014-10-15 16:27 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-09-04 05:23 . 2014-10-15 16:27 424448 ----a-w- c:\windows\system32\rastls.dll
2014-09-04 05:04 . 2014-10-15 16:27 372736 ----a-w- c:\windows\SysWow64\rastls.dll
2014-09-02 08:15 . 2014-09-02 08:15 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-08-29 02:07 . 2014-10-15 16:27 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2014-08-23 02:07 . 2014-08-28 05:04 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 05:04 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-19 03:11 . 2014-10-15 16:28 693176 ----a-w- c:\windows\system32\winload.efi
2014-08-19 03:10 . 2014-10-15 16:28 616352 ----a-w- c:\windows\system32\winresume.efi
2014-08-19 03:08 . 2014-10-15 16:28 503808 ----a-w- c:\windows\system32\srcore.dll
2014-08-19 03:08 . 2014-10-15 16:28 50176 ----a-w- c:\windows\system32\srclient.dll
2014-08-19 03:08 . 2014-10-15 16:28 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2014-08-19 03:07 . 2014-10-15 16:28 58880 ----a-w- c:\windows\system32\appidapi.dll
2014-08-19 03:07 . 2014-10-15 16:28 32256 ----a-w- c:\windows\system32\appidsvc.dll
2014-08-19 03:07 . 2014-10-15 16:28 296960 ----a-w- c:\windows\system32\rstrui.exe
2014-08-19 03:07 . 2014-10-15 16:28 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2014-08-19 03:07 . 2014-10-15 16:28 146944 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2014-08-19 02:41 . 2014-10-15 16:28 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2014-08-19 02:41 . 2014-10-15 16:28 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2014-08-19 02:06 . 2014-10-15 16:28 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2014-08-19 01:06 . 2014-08-19 01:06 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-08-19 01:06 . 2014-08-19 01:06 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-08-19 01:06 . 2014-08-19 01:06 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-08-19 01:06 . 2014-08-19 01:06 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-08-19 01:06 . 2014-08-19 01:06 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-08-19 01:06 . 2014-08-19 01:06 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-08-19 01:06 . 2014-08-19 01:06 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-08-19 01:06 . 2014-08-19 01:06 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-08-19 01:06 . 2014-08-19 01:06 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-08-19 01:06 . 2014-08-19 01:06 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-08-19 01:06 . 2014-08-19 01:06 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-08-19 01:06 . 2014-08-19 01:06 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-08-19 01:06 . 2014-08-19 01:06 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-08-19 01:06 . 2014-08-19 01:06 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-08-19 01:06 . 2014-08-19 01:06 81408 ----a-w- c:\windows\system32\icardie.dll
2014-08-19 01:06 . 2014-08-19 01:06 774144 ----a-w- c:\windows\system32\jscript.dll
2014-08-19 01:06 . 2014-08-19 01:06 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-08-19 01:06 . 2014-08-19 01:06 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-08-19 01:06 . 2014-08-19 01:06 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-08-19 01:06 . 2014-08-19 01:06 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-08-19 01:06 . 2014-08-19 01:06 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-08-19 01:06 . 2014-08-19 01:06 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-08-19 01:06 . 2014-08-19 01:06 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-08-19 01:06 . 2014-08-19 01:06 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-08-19 01:06 . 2014-08-19 01:06 413696 ----a-w- c:\windows\system32\html.iec
2014-08-19 01:06 . 2014-08-19 01:06 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-08-19 01:06 . 2014-08-19 01:06 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-08-19 01:06 . 2014-08-19 01:06 247808 ----a-w- c:\windows\system32\msls31.dll
2014-08-19 01:06 . 2014-08-19 01:06 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-08-19 01:06 . 2014-08-19 01:06 235520 ----a-w- c:\windows\system32\url.dll
2014-08-19 01:06 . 2014-08-19 01:06 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-08-19 01:06 . 2014-08-19 01:06 147968 ----a-w- c:\windows\system32\occache.dll
2014-08-19 01:06 . 2014-08-19 01:06 143872 ----a-w- c:\windows\system32\wextract.exe
2014-08-19 01:06 . 2014-08-19 01:06 13824 ----a-w- c:\windows\system32\mshta.exe
2014-08-19 01:06 . 2014-08-19 01:06 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-08-19 01:06 . 2014-08-19 01:06 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-08-19 01:06 . 2014-08-19 01:06 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-08-19 01:06 . 2014-08-19 01:06 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"THPanel"="c:\program files (x86)\Thunder Master\THPanel.exe" [2013-07-03 2163496]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-10-01 22065760]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2014-07-25 1562264]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-11-12 1940160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-11-04 703736]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-12-02 847872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-06-27 292848]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-07-25 311616]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-11-03 3835728]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-10-22 124208]
.
c:\users\Jaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Steam.lnk - c:\program files (x86)\Steam\Steam.exe [2014-2-11 1940160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Killer Network Manager.lnk - c:\windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize [2014-8-10 72008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FLASHSYS;FLASHSYS;c:\program files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys;c:\program files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater;c:\program files (x86)\Origin Games\Dragon Age\\bin_ship\daupdatersvc.service.exe;c:\program files (x86)\Origin Games\Dragon Age\\bin_ship\daupdatersvc.service.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech Webcam 250(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - NTIOLIB_1_0_4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-28 13:30 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-18 13:58]
.
2014-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-10 05:17]
.
2014-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-10 05:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-11-06 2464072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-11-06 2800296]
"ISCT Tray"="c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe" [2014-08-25 5860656]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-07-15 7637208]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Jaq\AppData\Roaming\Mozilla\Firefox\Profiles\jpii4kx0.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-11-15 13:13:35 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-11-15 12:13
.
Vor Suchlauf: 16 Verzeichnis(se), 35.036.012.544 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 34.820.177.920 Bytes frei
.
- - End Of File - - 893AC66A0D34DE9570B5CD1F4F73DC22
A36C5E4F47E84449FF07ED3517B43A31
|
|
15.11.2014, 20:53
| #6 |
| /// the machine /// TB-Ausbilder | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome |
|
16.11.2014, 01:17
| #7 |
| | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome Hallo, hier die gewünschten Scans: MBAM Code:
ATTFilter Version: 2.00.3.1025
Malware Database: v2014.11.15.09
Rootkit Database: v2014.11.12.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jaq
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 336658
Time Elapsed: 14 min, 38 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
PUP.Optional.OpenCandy, C:\Users\Jaq\Downloads\DTLite4491-0356.exe, Quarantined, [a86deb51e39981b5f9642649a1640ff1],
Physical Sectors: 0
(No malicious items detected)
(end)
ADWCleaner AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.212 - Bericht erstellt am 19/06/2014 um 20:37:50
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Jaq - JAQ-PC
# Gestartet von : C:\Users\Jaq\Downloads\adwcleaner_3.212.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Jaq\AppData\Local\Temp\OCS
Datei Gelöscht : C:\Users\Jaq\AppData\Roaming\Mozilla\Firefox\Profiles\j8cibwxk.default\searchplugins\trovi-search.xml
Datei Gelöscht : C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
Datei Gelöscht : C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Jaq\AppData\Roaming\Mozilla\Firefox\Profiles\j8cibwxk.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Trovi search");
-\\ Google Chrome v35.0.1916.153
[ Datei : C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [4971 octets] - [25/05/2014 10:00:47]
AdwCleaner[R2].txt - [1916 octets] - [19/06/2014 20:36:46]
AdwCleaner[S1].txt - [4814 octets] - [25/05/2014 10:01:27]
AdwCleaner[S2].txt - [1791 octets] - [19/06/2014 20:37:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1851 octets] ##########
JRT Code:
ATTFilter Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.8 (11.15.2014:1)
OS: Windows 7 Home Premium x64
Ran by Jaq on 16.11.2014 at 0:46:56,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3EFA2B2D-A3AE-416C-81E0-D4847C70B29D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9EF0CAAF-82BB-41F5-9CAF-BDC294DC05DA}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A4251600-6939-4DC3-B855-03D8EE3CB5AB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BA740A2E-2561-42FB-86EC-922E830A3E16}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C2AA90E7-C72A-4946-B24B-568018730584}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FE892DD6-CF8A-4EB3-9BB3-7AEB41F1DB0D}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.11.2014 at 0:48:56,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014 Ran by Jaq (administrator) on JAQ-PC on 16-11-2014 01:02:43 Running from C:\Users\Jaq\Desktop\Trojaner Board Loaded Profile: Jaq (Available profiles: Jaq) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-04] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-02] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-11-03] (LogMeIn Inc.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2163496 2013-07-03] (Palit Microsystems Ltd.) HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung) HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-12] (Valve Corporation) HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) Startup: C:\Users\Jaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Steam.lnk ShortcutTarget: Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x86BD4C315AB4CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKU\S-1-5-21-297726166-2549663330-3191474699-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) FireFox: ======== FF ProfilePath: C:\Users\Jaq\AppData\Roaming\Mozilla\Firefox\Profiles\jpii4kx0.default FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: NoScript - C:\Users\Jaq\AppData\Roaming\Mozilla\Firefox\Profiles\jpii4kx0.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-11-14] FF Extension: Adblock Plus - C:\Users\Jaq\AppData\Roaming\Mozilla\Firefox\Profiles\jpii4kx0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-30] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.de/ CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Script Blocker for Chrome™) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchmnmjneadkakfihibdbepehaflop [2014-10-29] CHR Extension: (Google*Übersetzer) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-11-08] CHR Extension: (Google Docs) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-10] CHR Extension: (Google Drive) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-10] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-29] CHR Extension: (YouTube) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-10] CHR Extension: (Google-Suche) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-10] CHR Extension: (Avira Browser Safety) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-10] CHR Extension: (AdBlock Premium) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-08-10] CHR Extension: (HTTPS Everywhere) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-08-10] CHR Extension: (AdBlock) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-10] CHR Extension: (Google Wallet) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-10] CHR Extension: (Google Mail) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-10] CHR Extension: (VLC Media Player Plugin) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppilgeedpldmjoimolkamejgkibaepij [2014-10-01] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-04] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-04] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG) S2 DAUpdaterSvc; C:\Program Files (x86)\Origin Games\Dragon Age\\bin_ship\daupdatersvc.service.exe [25832 2009-12-15] (BioWare) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-10-21] (LogMeIn, Inc.) R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1723856 2014-09-18] (Micro-Star International) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG) R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [82096 2014-04-10] (Qualcomm Atheros, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-02] (Disc Soft Ltd) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-02-03] () R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-16] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation) R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 FLASHSYS; \??\C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [X] S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-16 00:55 - 2014-11-16 00:55 - 00001142 _____ () C:\Users\Jaq\Desktop\MBAM.txt 2014-11-16 00:48 - 2014-11-16 00:48 - 00001567 _____ () C:\Users\Jaq\Desktop\JRT.txt 2014-11-16 00:46 - 2014-11-16 00:46 - 00000000 ____D () C:\Windows\ERUNT 2014-11-16 00:39 - 2014-11-16 00:40 - 01707242 _____ (Thisisu) C:\Users\Jaq\Desktop\JRT.exe 2014-11-16 00:09 - 2014-11-16 00:09 - 02140160 _____ () C:\Users\Jaq\Desktop\AdwCleaner_4.101.exe 2014-11-15 16:30 - 2014-11-16 01:02 - 00000000 ____D () C:\Users\Jaq\Desktop\Trojaner Board 2014-11-15 13:13 - 2014-11-15 13:13 - 00027377 _____ () C:\ComboFix.txt 2014-11-15 12:40 - 2014-11-15 12:40 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-11-15 12:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-11-15 12:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-11-15 12:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-11-15 12:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-11-15 12:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-11-15 12:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2014-11-15 12:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2014-11-15 12:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2014-11-15 12:33 - 2014-11-15 13:13 - 00000000 ____D () C:\Qoobox 2014-11-15 12:32 - 2014-11-15 13:12 - 00000000 ____D () C:\Windows\erdnt 2014-11-15 12:31 - 2014-11-15 12:31 - 05598504 ____R (Swearware) C:\Users\Jaq\Desktop\ComboFix.exe 2014-11-14 17:28 - 2014-11-14 17:28 - 00000222 _____ () C:\Users\Jaq\Desktop\Worms Clan Wars.url 2014-11-14 08:12 - 2014-11-14 08:13 - 501424099 _____ () C:\Users\Jaq\Downloads\wormsreloaded_windows_1381855290.zip 2014-11-14 06:08 - 2014-11-14 06:08 - 00000000 _____ () C:\Users\Jaq\defogger_reenable 2014-11-14 05:19 - 2014-11-14 05:19 - 00002037 _____ () C:\Users\Jaq\Desktop\JDownloader.lnk 2014-11-14 05:19 - 2014-11-14 05:19 - 00002001 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk 2014-11-14 05:19 - 2014-11-14 05:19 - 00001945 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk 2014-11-14 05:19 - 2014-11-14 05:19 - 00001924 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk 2014-11-14 04:46 - 2014-11-03 21:25 - 00615568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-11-14 04:43 - 2014-11-04 01:04 - 31891784 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 24555208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 20923712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 17259848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 14031448 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 13943904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 13207184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-11-14 04:43 - 2014-11-04 01:04 - 11397208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 11335408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 04289168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 04009672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434465.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434465.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00962704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00922256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00898192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00870624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00391824 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00349504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-11-14 04:43 - 2014-11-04 01:04 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-11-13 14:25 - 2014-11-14 05:30 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2014-11-13 14:25 - 2014-11-13 14:23 - 00269476 _____ () C:\Quarantine.lst 2014-11-13 14:25 - 2014-11-13 14:23 - 00005532 _____ () C:\Quarantine.reg 2014-11-12 07:19 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-12 07:19 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-11-12 07:19 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-12 07:19 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-12 07:19 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 07:19 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-12 07:19 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-12 07:19 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-12 07:19 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-12 07:19 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-12 07:19 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-12 07:19 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-12 07:19 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-12 07:19 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-12 07:19 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-12 07:19 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-12 07:19 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-11-12 07:19 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-12 07:19 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 07:19 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-12 07:19 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-12 07:19 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-12 07:19 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-12 07:19 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-12 07:19 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-12 07:19 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 07:19 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-12 07:19 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-11-12 07:19 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-12 07:19 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-12 07:19 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-12 07:19 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-12 07:19 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-11-12 07:19 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-11-12 07:19 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-12 07:19 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-12 07:19 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-12 07:19 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-12 07:19 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-12 07:19 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-12 07:19 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-12 07:19 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-12 07:19 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-11-12 07:19 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-12 07:19 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-12 07:19 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-12 07:19 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-12 07:19 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-12 07:19 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-12 07:19 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-12 07:19 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-12 07:19 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-12 07:19 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-12 07:19 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-12 07:19 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-12 07:19 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-11-12 07:19 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-12 07:19 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-12 07:19 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-12 07:19 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-12 07:19 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-12 07:19 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-12 07:19 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-12 07:19 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-12 07:19 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-11-12 07:19 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-11-12 07:19 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-12 07:19 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-12 07:18 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-12 07:18 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-12 07:18 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-12 07:18 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-11-12 07:18 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-12 07:18 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-12 07:18 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-12 07:18 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-12 07:18 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-12 07:18 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-12 07:18 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-12 07:18 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-12 07:18 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-12 07:18 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-12 07:18 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-12 07:18 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-12 07:18 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-12 07:18 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-12 07:18 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-12 07:18 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-12 07:18 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-12 07:18 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-11-12 07:18 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-12 07:18 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-11-12 07:18 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-11-12 07:18 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-11-12 07:18 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-11-12 07:18 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-12 07:18 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-12 07:18 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-12 07:18 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-11-12 07:18 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-12 07:18 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-12 07:17 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-12 07:17 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-11 12:24 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-11-11 12:24 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-11-10 12:07 - 2014-11-04 01:04 - 18514080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-11-10 12:07 - 2014-10-30 05:53 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434460.dll 2014-11-10 12:07 - 2014-10-30 05:53 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434460.dll 2014-11-10 12:03 - 2014-11-10 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-11-10 12:03 - 2014-11-10 12:03 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2014-11-07 10:42 - 2014-11-06 19:27 - 293455465 _____ () C:\Users\Jaq\Desktop\PMP3970B_20140826_v1.0.14.zip 2014-11-07 06:25 - 2014-11-07 07:02 - 00000000 ____D () C:\Users\Jaq\Desktop\Neuer Ordner 2014-11-06 10:33 - 2014-11-06 10:54 - 00000000 ____D () C:\Users\Jaq\Desktop\CookedPC 2014-11-06 10:26 - 2014-11-06 12:12 - 00000000 ____D () C:\Users\Jaq\Desktop\Witcher 2 Mods 2014-11-05 09:41 - 2014-11-11 12:08 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-11-03 21:50 - 2014-11-03 21:51 - 00000000 ____D () C:\Users\Jaq\AppData\Local\Adobe 2014-11-03 20:30 - 2014-11-14 10:44 - 00000000 ____D () C:\Users\Jaq\Documents\Witcher 2 2014-11-03 20:30 - 2014-11-03 20:30 - 00000000 ____D () C:\Users\Jaq\AppData\Local\The Witcher 2 2014-11-03 20:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-11-03 20:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-11-03 20:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-11-03 20:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-11-03 20:29 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-11-03 20:29 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-11-03 20:29 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-11-03 20:29 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-11-03 20:29 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2014-11-03 20:29 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2014-11-03 20:29 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2014-11-03 20:29 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2014-11-03 20:29 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2014-11-03 20:29 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2014-11-03 20:29 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2014-11-03 20:29 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2014-11-03 20:29 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2014-11-03 20:29 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2014-11-03 20:29 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2014-11-03 20:29 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2014-11-03 20:29 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-11-03 20:29 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2014-11-03 20:29 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2014-11-03 20:29 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2014-11-03 20:29 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2014-11-03 20:29 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2014-11-03 20:29 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2014-11-03 20:29 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2014-11-03 20:29 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2014-11-03 20:29 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2014-11-03 20:29 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2014-11-03 20:29 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2014-11-03 20:29 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2014-11-03 20:29 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2014-11-03 20:29 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2014-11-03 20:29 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2014-11-03 20:29 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2014-11-03 20:29 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2014-11-03 20:29 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2014-11-03 20:29 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2014-11-03 20:29 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2014-11-03 20:29 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2014-11-03 20:29 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2014-11-03 20:29 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2014-11-03 20:29 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2014-11-03 20:29 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2014-11-01 08:22 - 2014-11-14 07:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-31 12:20 - 2014-10-31 12:20 - 00000222 _____ () C:\Users\Jaq\Desktop\The Evil Within Demo.url 2014-10-31 11:26 - 2014-10-31 11:26 - 00000000 ____D () C:\Users\Jaq\AppData\Roaming\XRay Engine 2014-10-31 10:51 - 2014-10-31 10:51 - 00000000 ____D () C:\Users\Public\Documents\STALKER-STCS 2014-10-31 09:26 - 2014-10-31 09:26 - 00000221 _____ () C:\Users\Jaq\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url 2014-10-30 15:25 - 2014-10-30 15:26 - 00000000 ____D () C:\Users\Jaq\AppData\Roaming\Trine1 2014-10-30 15:24 - 2014-10-30 15:24 - 00000560 _____ () C:\Windows\wmsetup.log 2014-10-30 15:24 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2014-10-30 15:24 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2014-10-30 15:24 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2014-10-30 15:24 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2014-10-30 15:24 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2014-10-30 15:24 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2014-10-30 15:24 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2014-10-30 15:24 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2014-10-30 15:24 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2014-10-30 15:24 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll 2014-10-30 15:24 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2014-10-30 15:24 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll 2014-10-30 15:23 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-10-30 15:23 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2014-10-30 15:23 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-10-30 15:23 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-10-30 15:23 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-10-30 15:23 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-10-30 15:23 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2014-10-30 15:23 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2014-10-30 15:23 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2014-10-30 15:23 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2014-10-30 15:23 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2014-10-30 15:23 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2014-10-30 15:23 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2014-10-30 15:23 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2014-10-30 15:23 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2014-10-30 15:23 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2014-10-30 15:23 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2014-10-30 15:23 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2014-10-30 15:23 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2014-10-30 15:23 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2014-10-30 15:23 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2014-10-30 15:23 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2014-10-30 15:23 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2014-10-30 15:23 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2014-10-30 15:23 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2014-10-30 15:23 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2014-10-30 15:23 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2014-10-30 15:23 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2014-10-30 15:23 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2014-10-30 15:23 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2014-10-30 15:23 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2014-10-30 15:23 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2014-10-30 15:23 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2014-10-30 15:23 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2014-10-30 15:23 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2014-10-30 15:23 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2014-10-30 15:23 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2014-10-30 15:23 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2014-10-30 15:23 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2014-10-30 15:23 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2014-10-30 15:23 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2014-10-30 15:23 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2014-10-30 15:23 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2014-10-30 15:23 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2014-10-30 15:23 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2014-10-30 15:23 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2014-10-30 15:23 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2014-10-30 15:23 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-10-30 15:23 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2014-10-30 15:23 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2014-10-30 15:23 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2014-10-30 15:23 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2014-10-30 15:23 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2014-10-30 15:23 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2014-10-30 15:23 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2014-10-30 15:23 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2014-10-30 15:23 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2014-10-30 15:23 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2014-10-30 15:23 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2014-10-30 15:23 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2014-10-30 15:23 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2014-10-30 15:23 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2014-10-30 15:23 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2014-10-30 15:23 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2014-10-30 15:23 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2014-10-30 15:23 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2014-10-30 15:23 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2014-10-30 15:23 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2014-10-30 15:23 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2014-10-30 15:23 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2014-10-30 15:23 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2014-10-30 15:23 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2014-10-30 15:23 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2014-10-30 15:23 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2014-10-30 15:23 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2014-10-30 15:23 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2014-10-30 15:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2014-10-30 15:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2014-10-30 15:23 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2014-10-30 15:23 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2014-10-30 15:23 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-10-30 15:23 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2014-10-30 15:23 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2014-10-30 15:23 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2014-10-30 15:23 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-10-30 15:23 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-10-30 15:23 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2014-10-30 15:23 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2014-10-30 15:23 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2014-10-30 15:23 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2014-10-30 15:23 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2014-10-30 15:23 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2014-10-30 15:23 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2014-10-30 15:23 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2014-10-30 15:22 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-10-30 15:22 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2014-10-30 15:22 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-10-30 15:22 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-10-30 15:22 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-10-30 15:22 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2014-10-30 15:22 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-10-30 15:22 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2014-10-30 15:22 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-10-30 15:22 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2014-10-30 15:22 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2014-10-30 15:22 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2014-10-30 15:22 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-10-30 15:22 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2014-10-30 15:22 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-10-30 15:22 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2014-10-30 15:22 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-10-30 15:22 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2014-10-30 15:12 - 2014-10-30 15:12 - 00000221 _____ () C:\Users\Jaq\Desktop\Trine.url 2014-10-30 07:29 - 2014-10-30 07:29 - 00000000 ____D () C:\ProgramData\Codemasters 2014-10-30 07:28 - 2014-10-30 07:28 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2014-10-30 07:28 - 2014-10-30 07:28 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2014-10-30 07:28 - 2014-10-30 07:28 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2014-10-30 07:28 - 2014-10-30 07:28 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2014-10-30 07:28 - 2014-10-30 07:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound 2014-10-30 07:28 - 2014-10-30 07:28 - 00000000 ____D () C:\Program Files (x86)\OpenAL 2014-10-30 07:28 - 2014-10-30 07:28 - 00000000 ____D () C:\Program Files (x86)\BRS 2014-10-30 07:28 - 2011-09-05 20:57 - 01306624 _____ (Blue Ripple Sound Limited) C:\Windows\SysWOW64\rapture3d_oal.dll 2014-10-30 07:28 - 2010-09-22 14:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\SysWOW64\mkl_blueripple.dll 2014-10-30 07:28 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2014-10-30 07:28 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2014-10-30 07:28 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-10-30 07:28 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-10-30 07:28 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2014-10-30 07:28 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-10-30 07:28 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-10-30 07:28 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-10-30 06:56 - 2014-10-30 06:56 - 00000222 _____ () C:\Users\Jaq\Desktop\DiRT Showdown.url 2014-10-30 06:41 - 2014-10-30 06:41 - 00000000 __SHD () C:\Users\Jaq\AppData\Local\EmieUserList 2014-10-30 06:41 - 2014-10-30 06:41 - 00000000 __SHD () C:\Users\Jaq\AppData\Local\EmieSiteList 2014-10-30 06:41 - 2014-10-16 17:54 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434448.dll 2014-10-30 06:41 - 2014-10-16 17:54 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434448.dll 2014-10-30 06:37 - 2014-10-30 06:37 - 00000513 _____ () C:\Users\Jaq\Desktop\Programme und Funktionen - Verknüpfung.lnk 2014-10-21 18:03 - 2014-10-21 18:03 - 00000000 ____D () C:\ProgramData\BioWare 2014-10-21 17:57 - 2014-10-21 17:59 - 00008551 _____ () C:\Users\Jaq\Documents\Dragon Age Origins Addins Repair.log 2014-10-21 17:57 - 2014-10-21 17:57 - 00002789 _____ () C:\Users\Jaq\Documents\Dragon Age Origins Service Diagnostic.log 2014-10-21 14:36 - 2009-03-18 17:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys 2014-10-18 19:24 - 2014-10-18 19:24 - 00001178 _____ () C:\Users\Public\Desktop\Titanfall.lnk 2014-10-17 19:18 - 2014-10-17 19:19 - 00000000 ____D () C:\Users\Jaq\AppData\Local\PAYDAY 2 2014-10-17 15:59 - 2014-10-17 15:59 - 00000000 ____D () C:\Users\Jaq\AppData\Local\DDMSettings 2014-10-17 10:17 - 2014-10-17 10:16 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-10-17 10:16 - 2014-10-17 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-17 10:16 - 2014-10-17 10:16 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-10-17 10:16 - 2014-10-17 10:16 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-10-17 10:16 - 2014-10-17 10:16 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-10-17 10:16 - 2014-10-17 10:16 - 00000000 ____D () C:\Program Files (x86)\Java ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-16 01:02 - 2014-01-15 13:08 - 00000000 ____D () C:\FRST 2014-11-16 00:58 - 2014-08-18 20:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-16 00:53 - 2014-09-21 15:55 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-16 00:52 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-16 00:52 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-16 00:48 - 2014-08-09 21:36 - 01988433 _____ () C:\Windows\WindowsUpdate.log 2014-11-16 00:46 - 2014-08-10 06:22 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-11-16 00:44 - 2014-09-27 11:54 - 00000000 ____D () C:\Users\Jaq\AppData\Local\LogMeIn Hamachi 2014-11-16 00:44 - 2014-09-03 10:54 - 00000000 ____D () C:\ProgramData\VMware 2014-11-16 00:44 - 2014-08-10 07:27 - 00000000 ____D () C:\Users\Jaq\AppData\Roaming\Skype 2014-11-16 00:44 - 2009-07-14 05:51 - 00089053 _____ () C:\Windows\setupact.log 2014-11-16 00:43 - 2014-08-10 06:17 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-16 00:42 - 2014-08-11 02:20 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs 2014-11-16 00:42 - 2014-08-10 07:16 - 00392346 _____ () C:\Windows\PFRO.log 2014-11-16 00:42 - 2014-08-10 05:34 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-11-16 00:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-16 00:41 - 2014-01-13 10:05 - 00000000 ____D () C:\AdwCleaner 2014-11-16 00:37 - 2014-08-10 06:17 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-16 00:02 - 2014-08-10 06:49 - 00000000 ____D () C:\Windows\Trust GXT14 Mouse 2014-11-15 19:31 - 2014-08-10 06:17 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-15 19:31 - 2014-08-10 06:17 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-15 13:13 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2014-11-15 13:08 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2014-11-15 13:06 - 2014-08-14 12:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-11-15 12:40 - 2014-08-14 12:15 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-11-14 17:24 - 2014-09-21 20:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-14 06:08 - 2014-08-09 22:00 - 00000000 ____D () C:\Users\Jaq 2014-11-14 04:47 - 2014-08-10 05:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-11-14 04:46 - 2014-08-10 05:33 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-11-13 13:46 - 2009-07-14 18:58 - 00702138 _____ () C:\Windows\system32\perfh007.dat 2014-11-13 13:46 - 2009-07-14 18:58 - 00150804 _____ () C:\Windows\system32\perfc007.dat 2014-11-13 13:46 - 2009-07-14 06:13 - 01628890 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-13 04:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-11-13 03:35 - 2009-07-14 05:45 - 00294640 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-13 03:33 - 2014-08-11 03:27 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-13 03:15 - 2014-08-30 08:01 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-13 03:07 - 2014-08-30 08:01 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-12 14:58 - 2014-08-18 20:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-12 14:58 - 2014-08-18 20:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-12 14:58 - 2014-08-18 20:24 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-11-11 12:08 - 2014-08-10 06:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-11-11 12:08 - 2014-08-10 06:41 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-11-11 12:08 - 2014-08-10 06:31 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-10 12:03 - 2014-09-27 11:53 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2014-11-07 06:43 - 2014-08-10 05:31 - 00537847 _____ () C:\Windows\DirectX.log 2014-11-06 18:06 - 2014-08-10 06:56 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-11-06 18:06 - 2014-08-10 06:56 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-11-06 18:06 - 2014-08-10 06:56 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2014-11-06 18:06 - 2014-08-10 06:56 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2014-11-06 09:05 - 2014-08-10 07:27 - 00000000 ____D () C:\ProgramData\Skype 2014-11-04 01:04 - 2014-08-10 07:05 - 20985544 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-11-04 01:04 - 2014-08-10 07:05 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-11-04 01:04 - 2014-08-10 05:33 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-11-04 01:04 - 2014-08-10 05:33 - 02849736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-11-04 01:04 - 2014-08-10 05:33 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-11-04 01:04 - 2014-08-10 05:33 - 00059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-11-04 01:04 - 2014-08-10 05:33 - 00027094 _____ () C:\Windows\system32\nvinfo.pb 2014-11-04 01:04 - 2014-08-10 05:32 - 03238040 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-11-04 01:04 - 2014-08-10 05:32 - 00987520 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2014-11-03 23:02 - 2014-08-10 05:34 - 06882448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-11-03 23:02 - 2014-08-10 05:34 - 03531464 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-11-03 23:02 - 2014-08-10 05:34 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-11-03 23:02 - 2014-08-10 05:34 - 00935232 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-11-03 23:02 - 2014-08-10 05:34 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-11-03 23:02 - 2014-08-10 05:34 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-11-03 12:58 - 2014-08-10 05:34 - 04099264 _____ () C:\Windows\system32\nvcoproc.bin 2014-10-30 07:29 - 2014-01-10 00:29 - 00000000 ____D () C:\Users\Jaq\Documents\My Games 2014-10-30 07:29 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-10-30 06:38 - 2014-10-07 08:52 - 00000000 ____D () C:\Program Files (x86)\Mittelerde Mordors Schatten Premium Edition 2014-10-29 12:57 - 2014-08-14 14:05 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-10-29 12:57 - 2014-08-14 14:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-29 08:30 - 2014-10-13 12:40 - 00000000 ____D () C:\ProgramData\Origin 2014-10-29 08:30 - 2014-10-13 12:40 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-10-28 14:30 - 2014-08-10 06:18 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-10-23 15:16 - 2014-09-27 11:54 - 00000000 ____D () C:\ProgramData\LogMeIn 2014-10-18 16:14 - 2014-10-13 12:41 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-10-17 15:58 - 2014-08-20 16:26 - 00000000 ____D () C:\Program Files (x86)\DivX 2014-10-17 15:58 - 2014-08-20 16:25 - 00000000 ____D () C:\ProgramData\DivX 2014-10-17 10:17 - 2014-09-23 13:58 - 00000000 ____D () C:\ProgramData\Oracle Some content of TEMP: ==================== C:\Users\Jaq\AppData\Local\Temp\avgnt.exe C:\Users\Jaq\AppData\Local\Temp\Quarantine.exe C:\Users\Jaq\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-15 17:11 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- --- --- --- MyFreeCodec und GoogleUpdater beim ADWCleaner Scan hab ich absichtlich nicht gelöscht, da ich die Codecs bewußt runtergeladen hab und mir der GoogleUpdater nicht gefährlich vorkam. Ich hoffe das ist in Ordnung. (Die Codecs hat mir dann nachher sowieso JRT gelöscht  )MBAM hat nur die daemon tools .exe gefunden Hier noch die Addition Datei. Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by Jaq at 2014-11-16 01:14:34
Running from C:\Users\Jaq\Desktop\Trojaner Board
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Clear Sky Complete (HKLM-x32\...\{Clear Sky Complete v1.1.3}}_is1) (Version: - )
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version: - Codemasters Racing Studio)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Druckerdeinstallation für EPSON BX305 Series (HKLM\...\EPSON BX305 Series) (Version: - SEIKO EPSON Corporation)
EPSON BX305 Series Handbuch (HKLM-x32\...\EPSON BX305 Series Manual) (Version: - )
EPSON BX305 Series Netzwerk-Handbuch (HKLM-x32\...\EPSON BX305 Series Network Guide) (Version: - )
Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.10.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version: - Day 1 Studios)
Full Combat Rebalance 2 version 1.2 (HKLM-x32\...\Full Combat Rebalance 2_is1) (Version: 1.2 - Andrzej Kwiatkowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{94A137EA-92EF-441C-A7E2-6757CC08EA82}) (Version: 5.0.10.2907 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.266 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.266 - LogMeIn, Inc.) Hidden
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.010 - MSI)
MyFreeCodec (HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\MyFreeCodec) (Version: - )
NVIDIA 3D Vision Controller-Treiber 344.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Perixx Gaming mouse version 1.0.6 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.6 - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
The Evil Within Demo (HKLM-x32\...\Steam App 329960) (Version: - Tango Gameworks)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Thunder Master v1.9 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.9.5.0 - Palit Microsystems Ltd.)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.7.2 - Electronic Arts)
Trine (HKLM-x32\...\Steam App 35700) (Version: - Frozenbyte)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Wolfenstein The New Order German Edition [Full Uncut] 1.0.0.1 (HKLM-x32\...\Wolfenstein The New Order German Edition [Full Uncut] 1.0.0.1) (Version: - )
Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version: - Team17 Digital Ltd)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
13-11-2014 02:03:38 Windows Update
15-11-2014 11:40:43 ComboFix created restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-11-15 13:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0B1DBA1B-961E-4DD3-B750-70E279B9ACCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-10] (Google Inc.)
Task: {BF70730C-613D-4132-B0B5-33921E81EC46} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {F8E7372A-43BC-4E01-9757-758CB90549A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-10] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-08-10 05:34 - 2014-11-03 23:02 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-17 10:02 - 2014-04-17 10:02 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-08-25 15:01 - 2014-08-25 15:01 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-08-25 15:01 - 2014-08-25 15:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-25 15:01 - 2014-08-25 15:01 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-25 15:01 - 2014-08-25 15:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-08-29 07:39 - 2014-11-11 19:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 07:39 - 2014-11-11 19:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 07:39 - 2014-11-11 19:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-10 06:22 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-08-10 06:22 - 2014-11-12 02:04 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 07:39 - 2014-11-11 19:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 07:39 - 2014-11-11 19:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-08-10 06:22 - 2014-11-12 02:04 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-09-27 09:51 - 2005-07-18 12:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2014-08-10 06:22 - 2014-11-11 19:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-06-12 17:22 - 2014-06-12 17:22 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-08-10 06:29 - 2013-09-17 02:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2014-10-28 14:30 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 14:30 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 14:30 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 14:30 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: AllShareAgent => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: ISCT Tray => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Ocs_SM => C:\Users\Jaq\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
MSCONFIG\startupreg: trustGTX14 => "C:\Program Files (x86)\Trust\GXT14 Mouse\POINTERGHOST.exe" showhide
========================= Accounts: ==========================
Administrator (S-1-5-21-297726166-2549663330-3191474699-500 - Administrator - Disabled)
Gast (S-1-5-21-297726166-2549663330-3191474699-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-297726166-2549663330-3191474699-1005 - Limited - Enabled)
Jaq (S-1-5-21-297726166-2549663330-3191474699-1000 - Administrator - Enabled) => C:\Users\Jaq
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-11-15 13:05:29.228
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-11-15 13:05:29.198
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-09 05:02:50.185
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 05:02:50.122
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 05:02:35.655
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 05:02:35.493
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 04:59:39.040
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 04:59:38.968
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 04:58:03.221
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-09 04:58:03.150
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 43%
Total physical RAM: 8135.95 MB
Available physical RAM: 4579.07 MB
Total Pagefile: 16270.08 MB
Available Pagefile: 11798.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:335.35 GB) (Free:31.99 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (465GB) (Fixed) (Total:465.75 GB) (Free:80.53 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 335.4 GB) (Disk ID: 000E0246)
Partition 2: (Active) - (Size=335.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 8D399BC0)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
16.11.2014, 19:33
| #8 |
| /// the machine /// TB-Ausbilder | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in ChromeESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.11.2014, 07:42
| #9 |
| | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome ESET hat "leider" nur die Dateien entdeckt die der ADWCLeaner eh schon in Quarantäne hat. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=94d1aa52de1ce942961c93a07056502e
# engine=21119
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-17 06:07:36
# local_time=2014-11-17 07:07:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 14155 10089510 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 8125298 167834306 0 0
# scanned=299599
# found=32
# cleaned=0
# scan_time=9037
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\nengine.dll.vir"
sh=064680D54E8FBA2D06E2A5E35060BB16B3636C3B ft=1 fh=4ae2a46f410a297c vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir"
sh=0BC47DE01BA10961EE0D7D6C95A9916DA748A5C7 ft=1 fh=39158cfce6f871c9 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe_old.vir"
sh=E6BF88B3390FEA12DB1F6F150800B531FEDADB01 ft=1 fh=4a10605500753c35 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir"
sh=40B63087012BF7DA70AE82BD473BCCFDD93BF8F5 ft=1 fh=027554fe6efee6bd vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir"
sh=584265F2BA0B47696184876335BAF6E175C81BEF ft=1 fh=2f2b206b1a22bc74 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=4929EB5864840E7F5A0ACA7FA5723D703F4B5E73 ft=1 fh=ce188f0b56e64136 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe_old.vir"
sh=2D9A7EAF0637343E63C8622AA99C16E817A0F204 ft=1 fh=79672f4490f328fb vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe.vir"
sh=6CDD189837D5C70B6F11EC1467DFC06B5B1DAB56 ft=1 fh=8d9f8b9dd40f9b55 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll.vir"
sh=8A0819C25BB2568FF451BED451955B4E69E724D7 ft=1 fh=7bc6a5dd57c41934 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll_old.vir"
sh=295FC6612C9C97760937DF651A963A44C99CD0C0 ft=1 fh=aaec07ed4cd90b5d vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.vir"
sh=1281BC2E05EBA5C4AEA26227C68ABBBF6ED9A2BC ft=1 fh=78661b0bb1b930fe vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll.vir"
sh=2510D5FD078002C413DAA2B68FEBA3E9AC8BDE80 ft=1 fh=b3c45eb818ca1528 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir"
sh=E18E67AF494118B8B73EC4EC2269E89AA9C18237 ft=1 fh=d7d3a79201d8389a vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=FB7948E63D42672E50D4A521CDB6DBACD615D773 ft=1 fh=fc81cec60cf9c6da vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe_old.vir"
sh=1DBF1556C82A78CA45882E66DD83C0A977BF8D23 ft=1 fh=328989ef9803066c vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=C5883F4245AE2C0515FB1D04A08FD82885B06398 ft=1 fh=8d649859311d4519 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=9E90A050EB0BB1CEAB5633BCE404E5D5BC307647 ft=1 fh=2563181150dc44ea vn="Win32/Thinknice.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=16CF5D6E11C0F55548A67B8B5D04FA3460C76A2D ft=1 fh=7418003a088e68c3 vn="Win64/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=C03584BE4ED7835858158D1C38D6B08317E2FC82 ft=1 fh=a96a1125b953bd6a vn="Win32/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir"
sh=67642DACDC22ED45AF7947E4F47B1B8463E4162C ft=1 fh=b08cc40f36e9035a vn="Win64/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv64.dll.vir"
sh=9042385F0336C5429FCD45FC347CC29A9BC06BB0 ft=1 fh=a7a426d7c77c80fb vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=9CA8EBFF024F34D076C7BFFF92B978D99251DC66 ft=1 fh=03cf8fdbea9a76d3 vn="Variante von Win32/ELEX.AM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jaq\AppData\Local\genienext\nengine.dll.vir"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jaq\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=972DB9071C719922142BE77CF935C208B66F8DE2 ft=1 fh=c50a95d882970223 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jaq\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=1A278C9611A807BB4319B4DBC0CC28D5B61139E2 ft=1 fh=dc9029d19ecf454f vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jaq\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir"
sh=F3455C8CFE236A75E25682BE35777920F8844251 ft=1 fh=757c80b16141ae2a vn="Variante von Win64/TrojanDownloader.Agent.F Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\DlProtectSvc.exe.vir"
sh=1051181D6A4E6B06FF83BFD5BAD844647E2B6450 ft=1 fh=a1ff9876a0d9750c vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
Code:
ATTFilter UNSUPPORTED OPERATING SYSTEM! ABORTED!
FRST hat den Addition Log nicht erneuert, also lass ich den mal weg (ist der gleiche wie gestern). FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 03
Ran by Jaq (administrator) on JAQ-PC on 17-11-2014 07:17:36
Running from C:\Users\Jaq\Desktop\Trojaner Board
Loaded Profile: Jaq (Available profiles: Jaq)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-11-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2163496 2013-07-03] (Palit Microsystems Ltd.)
HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-297726166-2549663330-3191474699-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-12] (Valve Corporation)
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Jaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Steam.lnk
ShortcutTarget: Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-297726166-2549663330-3191474699-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-297726166-2549663330-3191474699-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x86BD4C315AB4CF01
HKU\S-1-5-21-297726166-2549663330-3191474699-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
FireFox:
========
FF ProfilePath: C:\Users\Jaq\AppData\Roaming\Mozilla\Firefox\Profiles\jpii4kx0.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: NoScript - C:\Users\Jaq\AppData\Roaming\Mozilla\Firefox\Profiles\jpii4kx0.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-11-14]
FF Extension: Adblock Plus - C:\Users\Jaq\AppData\Roaming\Mozilla\Firefox\Profiles\jpii4kx0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-30]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Script Blocker for Chrome™) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchmnmjneadkakfihibdbepehaflop [2014-10-29]
CHR Extension: (Google*Übersetzer) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-11-08]
CHR Extension: (Google Docs) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-10]
CHR Extension: (Google Drive) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-29]
CHR Extension: (YouTube) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-10]
CHR Extension: (Google-Suche) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-10]
CHR Extension: (Avira Browser Safety) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-10]
CHR Extension: (AdBlock Premium) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-08-10]
CHR Extension: (HTTPS Everywhere) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-08-10]
CHR Extension: (AdBlock) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-10]
CHR Extension: (Google Wallet) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-10]
CHR Extension: (Google Mail) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-10]
CHR Extension: (VLC Media Player Plugin) - C:\Users\Jaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppilgeedpldmjoimolkamejgkibaepij [2014-10-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-04] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
S2 DAUpdaterSvc; C:\Program Files (x86)\Origin Games\Dragon Age\\bin_ship\daupdatersvc.service.exe [25832 2009-12-15] (BioWare)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-10-21] (LogMeIn, Inc.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1723856 2014-09-18] (Micro-Star International)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [82096 2014-04-10] (Qualcomm Atheros, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-02] (Disc Soft Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-02-03] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 FLASHSYS; \??\C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-16 00:46 - 2014-11-16 00:46 - 00000000 ____D () C:\Windows\ERUNT
2014-11-16 00:09 - 2014-11-16 00:09 - 02140160 _____ () C:\Users\Jaq\Desktop\AdwCleaner_4.101.exe
2014-11-15 16:30 - 2014-11-17 07:17 - 00000000 ____D () C:\Users\Jaq\Desktop\Trojaner Board
2014-11-15 13:13 - 2014-11-15 13:13 - 00027377 _____ () C:\ComboFix.txt
2014-11-15 12:40 - 2014-11-15 12:40 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-11-15 12:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-15 12:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-15 12:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-15 12:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-15 12:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-15 12:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-15 12:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-15 12:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-15 12:33 - 2014-11-15 13:13 - 00000000 ____D () C:\Qoobox
2014-11-15 12:32 - 2014-11-15 13:12 - 00000000 ____D () C:\Windows\erdnt
2014-11-14 17:28 - 2014-11-14 17:28 - 00000222 _____ () C:\Users\Jaq\Desktop\Worms Clan Wars.url
2014-11-14 06:08 - 2014-11-14 06:08 - 00000000 _____ () C:\Users\Jaq\defogger_reenable
2014-11-14 05:19 - 2014-11-14 05:19 - 00002037 _____ () C:\Users\Jaq\Desktop\JDownloader.lnk
2014-11-14 05:19 - 2014-11-14 05:19 - 00002001 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-11-14 05:19 - 2014-11-14 05:19 - 00001945 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-11-14 05:19 - 2014-11-14 05:19 - 00001924 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-11-14 04:46 - 2014-11-03 21:25 - 00615568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-14 04:43 - 2014-11-04 01:04 - 31891784 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 24555208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 20923712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 17259848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 14031448 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 13943904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 13207184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-14 04:43 - 2014-11-04 01:04 - 11397208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 11335408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 04289168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 04009672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434465.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434465.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00962704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00922256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00898192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00870624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00391824 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00349504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-11-14 04:43 - 2014-11-04 01:04 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-11-13 14:25 - 2014-11-14 05:30 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-11-13 14:25 - 2014-11-13 14:23 - 00269476 _____ () C:\Quarantine.lst
2014-11-13 14:25 - 2014-11-13 14:23 - 00005532 _____ () C:\Quarantine.reg
2014-11-12 07:19 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 07:19 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 07:19 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 07:19 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 07:19 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 07:19 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 07:19 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 07:19 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 07:19 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 07:19 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 07:19 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 07:19 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 07:19 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 07:19 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 07:19 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 07:19 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 07:19 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 07:19 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 07:19 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 07:19 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 07:19 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 07:19 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 07:19 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 07:19 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 07:19 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 07:19 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 07:19 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 07:19 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 07:19 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 07:19 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 07:19 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 07:19 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 07:19 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:19 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 07:19 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 07:19 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 07:19 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 07:19 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 07:19 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 07:19 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 07:19 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 07:19 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 07:19 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 07:19 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 07:19 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 07:19 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 07:19 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 07:19 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 07:19 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 07:19 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 07:19 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 07:19 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 07:19 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 07:19 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 07:19 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 07:19 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 07:19 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 07:19 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 07:19 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 07:19 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 07:19 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 07:19 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 07:19 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 07:19 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 07:19 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 07:19 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:19 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 07:19 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 07:18 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 07:18 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 07:18 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 07:18 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 07:18 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 07:18 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 07:18 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 07:18 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 07:18 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 07:18 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 07:18 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 07:18 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 07:18 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 07:18 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 07:18 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 07:18 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 07:18 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 07:18 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:18 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:18 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 07:18 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 07:17 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 07:17 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 12:24 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-11-11 12:24 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-11-10 12:07 - 2014-11-04 01:04 - 18514080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-10 12:07 - 2014-10-30 05:53 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434460.dll
2014-11-10 12:07 - 2014-10-30 05:53 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434460.dll
2014-11-10 12:03 - 2014-11-10 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-11-10 12:03 - 2014-11-10 12:03 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-11-07 10:42 - 2014-11-06 19:27 - 293455465 _____ () C:\Users\Jaq\Desktop\PMP3970B_20140826_v1.0.14.zip
2014-11-07 06:25 - 2014-11-07 07:02 - 00000000 ____D () C:\Users\Jaq\Desktop\Neuer Ordner
2014-11-06 10:33 - 2014-11-06 10:54 - 00000000 ____D () C:\Users\Jaq\Desktop\CookedPC
2014-11-06 10:26 - 2014-11-06 12:12 - 00000000 ____D () C:\Users\Jaq\Desktop\Witcher 2 Mods
2014-11-05 09:41 - 2014-11-11 12:08 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-03 21:50 - 2014-11-03 21:51 - 00000000 ____D () C:\Users\Jaq\AppData\Local\Adobe
2014-11-03 20:30 - 2014-11-14 10:44 - 00000000 ____D () C:\Users\Jaq\Documents\Witcher 2
2014-11-03 20:30 - 2014-11-03 20:30 - 00000000 ____D () C:\Users\Jaq\AppData\Local\The Witcher 2
2014-11-03 20:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-11-03 20:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-11-03 20:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-11-03 20:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-11-03 20:29 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-11-03 20:29 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-11-03 20:29 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-11-03 20:29 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-11-03 20:29 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-11-03 20:29 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-11-03 20:29 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-11-03 20:29 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-11-03 20:29 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-11-03 20:29 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-11-03 20:29 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-11-03 20:29 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-11-03 20:29 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-11-03 20:29 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-11-03 20:29 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-11-03 20:29 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-11-03 20:29 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-11-03 20:29 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-11-03 20:29 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-11-01 08:22 - 2014-11-14 07:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-31 12:20 - 2014-10-31 12:20 - 00000222 _____ () C:\Users\Jaq\Desktop\The Evil Within Demo.url
2014-10-31 11:26 - 2014-10-31 11:26 - 00000000 ____D () C:\Users\Jaq\AppData\Roaming\XRay Engine
2014-10-31 10:51 - 2014-10-31 10:51 - 00000000 ____D () C:\Users\Public\Documents\STALKER-STCS
2014-10-31 09:26 - 2014-10-31 09:26 - 00000221 _____ () C:\Users\Jaq\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url
2014-10-30 15:25 - 2014-10-30 15:26 - 00000000 ____D () C:\Users\Jaq\AppData\Roaming\Trine1
2014-10-30 15:24 - 2014-10-30 15:24 - 00000560 _____ () C:\Windows\wmsetup.log
2014-10-30 15:24 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-10-30 15:24 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-10-30 15:24 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-10-30 15:24 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-10-30 15:24 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-10-30 15:24 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-10-30 15:24 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-10-30 15:24 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-10-30 15:24 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-10-30 15:24 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-10-30 15:24 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-10-30 15:24 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-10-30 15:23 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-10-30 15:23 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-10-30 15:23 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-10-30 15:23 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-10-30 15:23 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-10-30 15:23 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-10-30 15:23 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-10-30 15:23 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-10-30 15:23 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-10-30 15:23 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-10-30 15:23 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-10-30 15:23 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-10-30 15:23 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-10-30 15:23 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-10-30 15:23 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-10-30 15:23 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-10-30 15:23 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-10-30 15:23 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-10-30 15:23 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-10-30 15:23 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-10-30 15:23 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-10-30 15:23 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-10-30 15:23 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-10-30 15:23 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-10-30 15:23 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-10-30 15:23 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-10-30 15:23 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-10-30 15:23 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-10-30 15:23 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-10-30 15:23 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-10-30 15:23 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-10-30 15:23 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-10-30 15:23 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-10-30 15:23 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-10-30 15:23 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-10-30 15:23 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-10-30 15:23 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-10-30 15:23 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-10-30 15:23 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-10-30 15:23 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-10-30 15:23 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-10-30 15:23 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-10-30 15:23 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-10-30 15:23 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-10-30 15:23 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-10-30 15:23 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-10-30 15:23 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-10-30 15:23 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-10-30 15:23 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-10-30 15:23 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-10-30 15:23 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-10-30 15:23 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-10-30 15:23 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-10-30 15:23 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-10-30 15:23 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-10-30 15:23 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-10-30 15:23 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-10-30 15:23 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-10-30 15:23 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-10-30 15:23 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-10-30 15:23 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-10-30 15:23 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-10-30 15:23 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-10-30 15:23 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-10-30 15:23 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-10-30 15:23 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-10-30 15:23 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-10-30 15:23 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-10-30 15:23 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-10-30 15:23 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-10-30 15:23 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-10-30 15:23 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-10-30 15:23 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-10-30 15:23 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-10-30 15:23 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-10-30 15:23 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-10-30 15:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-10-30 15:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-10-30 15:23 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-10-30 15:23 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-10-30 15:23 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-10-30 15:23 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-10-30 15:23 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-10-30 15:23 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-10-30 15:23 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-10-30 15:23 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-10-30 15:23 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-10-30 15:23 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-10-30 15:23 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-10-30 15:23 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-10-30 15:23 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-10-30 15:23 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-10-30 15:23 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-10-30 15:23 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-10-30 15:22 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-10-30 15:22 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-10-30 15:22 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-10-30 15:22 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-10-30 15:22 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-10-30 15:22 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-10-30 15:22 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-10-30 15:22 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-10-30 15:22 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-10-30 15:22 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-10-30 15:22 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-10-30 15:22 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-10-30 15:22 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-10-30 15:22 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-10-30 15:22 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-10-30 15:22 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-10-30 15:22 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-10-30 15:22 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-10-30 15:12 - 2014-10-30 15:12 - 00000221 _____ () C:\Users\Jaq\Desktop\Trine.url
2014-10-30 07:29 - 2014-10-30 07:29 - 00000000 ____D () C:\ProgramData\Codemasters
2014-10-30 07:28 - 2014-10-30 07:28 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-10-30 07:28 - 2014-10-30 07:28 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-10-30 07:28 - 2014-10-30 07:28 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-10-30 07:28 - 2014-10-30 07:28 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-10-30 07:28 - 2014-10-30 07:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
2014-10-30 07:28 - 2014-10-30 07:28 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-10-30 07:28 - 2014-10-30 07:28 - 00000000 ____D () C:\Program Files (x86)\BRS
2014-10-30 07:28 - 2011-09-05 20:57 - 01306624 _____ (Blue Ripple Sound Limited) C:\Windows\SysWOW64\rapture3d_oal.dll
2014-10-30 07:28 - 2010-09-22 14:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\SysWOW64\mkl_blueripple.dll
2014-10-30 07:28 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-10-30 07:28 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-10-30 07:28 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-10-30 07:28 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-10-30 07:28 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-10-30 07:28 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-10-30 07:28 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-10-30 07:28 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-10-30 06:56 - 2014-10-30 06:56 - 00000222 _____ () C:\Users\Jaq\Desktop\DiRT Showdown.url
2014-10-30 06:41 - 2014-10-30 06:41 - 00000000 __SHD () C:\Users\Jaq\AppData\Local\EmieUserList
2014-10-30 06:41 - 2014-10-30 06:41 - 00000000 __SHD () C:\Users\Jaq\AppData\Local\EmieSiteList
2014-10-30 06:41 - 2014-10-16 17:54 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434448.dll
2014-10-30 06:41 - 2014-10-16 17:54 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434448.dll
2014-10-30 06:37 - 2014-10-30 06:37 - 00000513 _____ () C:\Users\Jaq\Desktop\Programme und Funktionen - Verknüpfung.lnk
2014-10-21 18:03 - 2014-10-21 18:03 - 00000000 ____D () C:\ProgramData\BioWare
2014-10-21 17:57 - 2014-10-21 17:59 - 00008551 _____ () C:\Users\Jaq\Documents\Dragon Age Origins Addins Repair.log
2014-10-21 17:57 - 2014-10-21 17:57 - 00002789 _____ () C:\Users\Jaq\Documents\Dragon Age Origins Service Diagnostic.log
2014-10-21 14:36 - 2009-03-18 17:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-10-18 19:24 - 2014-10-18 19:24 - 00001178 _____ () C:\Users\Public\Desktop\Titanfall.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-17 07:17 - 2014-01-15 13:08 - 00000000 ____D () C:\FRST
2014-11-17 07:05 - 2014-08-10 07:27 - 00000000 ____D () C:\Users\Jaq\AppData\Roaming\Skype
2014-11-17 06:58 - 2014-08-18 20:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-17 06:36 - 2014-08-10 06:17 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-17 06:24 - 2014-08-10 06:22 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-17 04:10 - 2014-08-09 21:36 - 02005174 _____ () C:\Windows\WindowsUpdate.log
2014-11-17 04:09 - 2014-08-11 02:20 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-11-16 19:36 - 2014-08-10 06:17 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-16 00:53 - 2014-09-21 15:55 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-16 00:52 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-16 00:52 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-16 00:44 - 2014-09-27 11:54 - 00000000 ____D () C:\Users\Jaq\AppData\Local\LogMeIn Hamachi
2014-11-16 00:44 - 2014-09-03 10:54 - 00000000 ____D () C:\ProgramData\VMware
2014-11-16 00:44 - 2009-07-14 05:51 - 00089053 _____ () C:\Windows\setupact.log
2014-11-16 00:42 - 2014-08-10 07:16 - 00392346 _____ () C:\Windows\PFRO.log
2014-11-16 00:42 - 2014-08-10 05:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-16 00:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-16 00:41 - 2014-01-13 10:05 - 00000000 ____D () C:\AdwCleaner
2014-11-16 00:02 - 2014-08-10 06:49 - 00000000 ____D () C:\Windows\Trust GXT14 Mouse
2014-11-15 19:31 - 2014-08-10 06:17 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 19:31 - 2014-08-10 06:17 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 13:13 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-15 13:08 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-15 13:06 - 2014-08-14 12:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-15 12:40 - 2014-08-14 12:15 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-14 17:24 - 2014-09-21 20:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-14 06:08 - 2014-08-09 22:00 - 00000000 ____D () C:\Users\Jaq
2014-11-14 04:47 - 2014-08-10 05:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-14 04:46 - 2014-08-10 05:33 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-13 13:46 - 2009-07-14 18:58 - 00702138 _____ () C:\Windows\system32\perfh007.dat
2014-11-13 13:46 - 2009-07-14 18:58 - 00150804 _____ () C:\Windows\system32\perfc007.dat
2014-11-13 13:46 - 2009-07-14 06:13 - 01628890 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 04:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 03:35 - 2009-07-14 05:45 - 00294640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 03:33 - 2014-08-11 03:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 03:15 - 2014-08-30 08:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:07 - 2014-08-30 08:01 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 14:58 - 2014-08-18 20:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 14:58 - 2014-08-18 20:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 14:58 - 2014-08-18 20:24 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-11 12:08 - 2014-08-10 06:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-11 12:08 - 2014-08-10 06:41 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-11 12:08 - 2014-08-10 06:31 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-10 12:03 - 2014-09-27 11:53 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-11-07 06:43 - 2014-08-10 05:31 - 00537847 _____ () C:\Windows\DirectX.log
2014-11-06 18:06 - 2014-08-10 06:56 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-11-06 18:06 - 2014-08-10 06:56 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-11-06 18:06 - 2014-08-10 06:56 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-11-06 18:06 - 2014-08-10 06:56 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-11-06 09:05 - 2014-08-10 07:27 - 00000000 ____D () C:\ProgramData\Skype
2014-11-04 01:04 - 2014-08-10 07:05 - 20985544 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-04 01:04 - 2014-08-10 07:05 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-04 01:04 - 2014-08-10 05:33 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-04 01:04 - 2014-08-10 05:33 - 02849736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-04 01:04 - 2014-08-10 05:33 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-11-04 01:04 - 2014-08-10 05:33 - 00059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-11-04 01:04 - 2014-08-10 05:33 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-11-04 01:04 - 2014-08-10 05:32 - 03238040 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-04 01:04 - 2014-08-10 05:32 - 00987520 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-03 23:02 - 2014-08-10 05:34 - 06882448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-03 23:02 - 2014-08-10 05:34 - 03531464 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-03 23:02 - 2014-08-10 05:34 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-03 23:02 - 2014-08-10 05:34 - 00935232 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-03 23:02 - 2014-08-10 05:34 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-03 23:02 - 2014-08-10 05:34 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-03 12:58 - 2014-08-10 05:34 - 04099264 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-30 07:29 - 2014-01-10 00:29 - 00000000 ____D () C:\Users\Jaq\Documents\My Games
2014-10-30 07:29 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-30 06:38 - 2014-10-07 08:52 - 00000000 ____D () C:\Program Files (x86)\Mittelerde Mordors Schatten Premium Edition
2014-10-29 12:57 - 2014-08-14 14:05 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-29 12:57 - 2014-08-14 14:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-10-29 08:30 - 2014-10-13 12:40 - 00000000 ____D () C:\ProgramData\Origin
2014-10-29 08:30 - 2014-10-13 12:40 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-28 14:30 - 2014-08-10 06:18 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-23 15:16 - 2014-09-27 11:54 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-10-18 16:14 - 2014-10-13 12:41 - 00000000 ____D () C:\Program Files (x86)\Origin Games
Some content of TEMP:
====================
C:\Users\Jaq\AppData\Local\Temp\avgnt.exe
C:\Users\Jaq\AppData\Local\Temp\Quarantine.exe
C:\Users\Jaq\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-15 17:11
==================== End Of Log ============================
--- --- --- --- --- --- Zu Deiner Frage: Probleme hatte ich ja die ganze Zeit keine, aber das Script ist immer noch da. Vielleicht ist es ja doch ein Fehlalarm. Fange langsam an zu glauben das ich umsonst Alarm gemacht hab. Sobald ich das Script erlaube und die Seite neu lade, wird dieses Script "www.youradexchange.com" nachgeladen. Hier die Webseite dazu: https://www.youradexchange.com/ Sieht eigentlich ganz legitim aus. |
|
17.11.2014, 14:22
| #10 |
| /// the machine /// TB-Ausbilder | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome ISt es aber nicht Revo Uninstaller - Download - Filepony damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.google.com/chrome/answer/3296214?hl=de
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.11.2014, 16:53
| #11 | |
| | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in ChromeZitat:
Und was ich mir da überhaupt eingefangen hab, und vor allem woran du das erkennst? Gruß Jaq |
|
18.11.2014, 10:26
| #12 |
| /// the machine /// TB-Ausbilder | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome weil die Seite böse ist wenn man bissl recherchiert. Da war jede Menge Adware auf dem System.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.11.2014, 12:26
| #13 |
| | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome Ok, ist erledigt. Scripts sind weg. Vielen Dank!  Was kann ich denn in Zukunft machen, falls ich mir wieder was einfange? Das ganze Programm nochmal? (Ich weiß: Am besten vorbeugen. Aber eigentlich pass ich immer auf, wenn ich mir was runterlade, das ich nichts installier was ich nicht haben will.) Gruß jaq |
|
19.11.2014, 08:29
| #14 |
| /// the machine /// TB-Ausbilder | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome Is immer individuell. Ausser AdwCleaner, den kannste bei Verdacht auf Adware laufen lassen. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.11.2014, 10:47
| #15 |
| | Seltsames Script (www.xlbz.com) auf ALLEN Seiten in Chrome Ok, hab alles soweit erledigt. Combofix ließ sich mit beiden Methoden nicht entfernen. Bei Methode eins wurde es nicht gefunden und bei Methode zwei sah es für mich so aus als würde er einen neuen Scan ausführen, da er mich wieder vor den Echtzeit Scannern meiner Antiviren Programme warnte und meinte das ich die erst ausschalten sollte. Also hab ich das abgebrochen. Allerdings hat dann wohl DelFix alles gelöscht. Zumindest ist Combofix jetzt nicht mehr da. Deine Empfehlungen hab ich mir alle angeguckt und auch runtergeladen, allerdings hab ich das Tutorial von "MVPs hosts file" nicht wirklich verstanden. Muss mich mal in Ruhe damit beschäftigen. Nur mal theoretisch: ist es möglich bei Cracks zwischen einer Falschmeldung und einer echten Bedrohung zu Unterscheiden? Wenn ja, wie? Außerdem würde ich noch gern Wissen, was diese bösen Scripte auf meinem Rechner angestellt haben, da ich ja nicht weiß wie lange die schon bei mir drauf waren. Jetzt im Nachhinein weiß ich gar nicht mehr wie ich darauf gekommen bin diese Scripte als "seltsam" aufzufassen, aber mein Gefühl hat mich da ja wohl nicht getäuscht. Um so besser! Lob gebe ich gerne ab, sofern du etwas davon hast!? Oder ist das einfach nur so...? Sonst hätte ich keine weiteren Fragen. Dann bleibt ja wohl nur noch  zu sagen. |
|
Linear-Darstellung
